Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6224717C107011F0B1482D95762E951A.roa
File: 6224717C107011F0B1482D95762E951A.roa (raw, json)
Hash identifier: G3uGehtCc/Ex7oOtZEfAR+UDx5//mIaJzuHQ3cQU8D0=
Subject key identifier: 1B:C4:02:DD:E0:52:73:A3:AA:9C:A3:84:9E:F5:C3:B3:BC:70:A7:F6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149A8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6224717C107011F0B1482D95762E951A.roa
Signing time: Thu 03 Apr 2025 09:45:32 +0000
ROA not before: Thu 03 Apr 2025 09:45:28 +0000
ROA not after: Fri 09 May 2025 09:45:28 +0000
asID: 213690
IP address blocks: 156.249.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84392 (0x149a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 3 09:45:28 2025 GMT
Not After : May 9 09:45:28 2025 GMT
Subject: CN=67ee58bc-2373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:19:47:c7:34:86:eb:85:73:86:e5:55:7d:17:
d0:e6:d4:56:15:36:12:43:55:f1:0d:39:7d:4c:41:
0b:1b:3c:37:28:b9:67:fa:43:82:5b:ee:55:bb:18:
5a:9c:1a:8e:90:5d:14:43:b1:2f:cc:0b:08:2a:3e:
c5:ad:41:71:f0:51:ff:6c:a1:77:e5:61:e6:d6:56:
a3:5c:c4:d9:52:5b:5e:0c:d1:84:04:c7:15:75:86:
84:e4:cd:a0:1f:53:6b:cb:82:fc:57:64:cf:a9:e1:
d1:38:cf:60:3c:f3:50:13:69:d8:ff:4b:bf:a1:cc:
bc:0b:e8:47:4e:bc:5e:48:e9:77:8b:a4:96:f7:d8:
4d:20:94:aa:7e:cb:b6:dc:7b:14:f2:6f:fc:0b:06:
31:56:3e:4c:3b:ac:4d:3d:d7:1b:45:85:ca:e3:07:
ad:5b:99:99:2f:f9:ff:72:9a:16:b0:0b:9f:da:5e:
36:27:fb:49:6c:66:a5:fb:19:b9:6f:40:9a:90:6b:
29:36:00:12:28:97:78:18:15:d3:95:5c:8f:d6:c2:
d9:d2:84:79:b3:15:82:06:09:f8:71:17:6f:9e:b1:
31:dd:02:6d:1e:9f:c0:93:8d:7b:3e:4d:67:64:4b:
52:8f:61:2e:d3:77:d4:6a:ae:6d:23:6d:d6:7e:d8:
4b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C4:02:DD:E0:52:73:A3:AA:9C:A3:84:9E:F5:C3:B3:BC:70:A7:F6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6224717C107011F0B1482D95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:b6:eb:dd:89:81:33:9c:da:84:ba:2d:12:c6:38:4a:03:78:
f1:4c:43:cb:10:df:ad:35:92:58:e9:c0:94:39:b1:a2:40:aa:
40:6f:10:ae:7a:27:fe:72:b8:c7:70:35:1f:68:a5:80:06:ce:
ff:dc:71:84:a0:f8:c8:5a:30:33:d6:2f:22:32:75:d9:eb:f6:
20:7a:7f:41:c6:7c:0c:6e:7c:84:1d:33:f5:99:64:2b:56:a1:
5d:f9:71:38:82:3d:fe:fe:ef:5e:03:49:cb:98:02:3b:d1:7b:
ad:96:0d:8a:a6:35:ee:4d:3d:4a:e6:4b:b5:e6:06:58:39:e6:
41:b6:85:d3:9a:8b:b5:9e:95:b4:50:46:df:42:13:aa:27:bd:
23:98:6e:c2:0f:01:22:51:73:68:31:0a:9e:b5:f8:20:49:3f:
f9:7a:5f:ea:24:a5:3a:24:01:bb:dd:10:4d:44:7b:4d:c5:80:
e9:dd:75:ea:4e:85:93:0d:36:73:49:25:f7:e0:2d:02:ab:1e:
12:20:7f:1b:d9:00:6e:94:a2:48:82:35:73:b0:c9:b3:df:35:
cb:4d:39:fc:08:33:16:90:0c:d8:37:10:18:4c:6d:21:5b:37:
63:9f:12:a3:da:bd:b7:91:36:e1:63:d2:38:55:9b:93:2d:57:
63:35:22:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUmoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMDk0NTI4WhcNMjUwNTA5MDk0NTI4WjAYMRYw
FAYDVQQDEw02N2VlNThiYy0yMzczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvhlHxzSG64VzhuVVfRfQ5tRWFTYSQ1XxDTl9TEELGzw3KLln+kOCW+5V
uxhanBqOkF0UQ7EvzAsIKj7FrUFx8FH/bKF35WHm1lajXMTZUlteDNGEBMcVdYaE
5M2gH1Nry4L8V2TPqeHROM9gPPNQE2nY/0u/ocy8C+hHTrxeSOl3i6SW99hNIJSq
fsu23HsU8m/8CwYxVj5MO6xNPdcbRYXK4wetW5mZL/n/cpoWsAuf2l42J/tJbGal
+xm5b0CakGspNgASKJd4GBXTlVyP1sLZ0oR5sxWCBgn4cRdvnrEx3QJtHp/Ak417
Pk1nZEtSj2Eu03fUaq5tI23WfthLNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBvE
At3gUnOjqpyjhJ71w7O8cKf2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MjI0NzE3QzEwNzAxMUYwQjE0ODJEOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPlAMA0GCSqGSIb3DQEBCwUA
A4IBAQBatuvdiYEznNqEui0SxjhKA3jxTEPLEN+tNZJY6cCUObGiQKpAbxCueif+
crjHcDUfaKWABs7/3HGEoPjIWjAz1i8iMnXZ6/Ygen9BxnwMbnyEHTP1mWQrVqFd
+XE4gj3+/u9eA0nLmAI70Xutlg2KpjXuTT1K5ku15gZYOeZBtoXTmou1npW0UEbf
QhOqJ70jmG7CDwEiUXNoMQqetfggST/5el/qJKU6JAG73RBNRHtNxYDp3XXqToWT
DTZzSSX34C0Cqx4SIH8b2QBulKJIgjVzsMmz3zXLTTn8CDMWkAzYNxAYTG0hWzdj
nxKj2r23kTbhY9I4VZuTLVdjNSLh
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:54:49 2025 by rpki-client on console.sobornost.net