Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6EC96342120011F09BE5AB8B762E951A.roa
File: 6EC96342120011F09BE5AB8B762E951A.roa (raw, json)
Hash identifier: 212R6nwITW55i6amCskpQNkpjNQmXn+Ise0c1Ykpvfk=
Subject key identifier: 81:01:A9:97:FC:14:2A:BD:01:DE:64:67:3A:92:D8:9C:E1:1E:72:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A50
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6EC96342120011F09BE5AB8B762E951A.roa
Signing time: Sat 05 Apr 2025 09:29:12 +0000
ROA not before: Sat 05 Apr 2025 09:29:05 +0000
ROA not after: Sun 11 May 2025 09:29:05 +0000
asID: 6079
IP address blocks: 156.237.16.0/20 maxlen: 24
156.237.32.0/19 maxlen: 24
156.237.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84560 (0x14a50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 5 09:29:05 2025 GMT
Not After : May 11 09:29:05 2025 GMT
Subject: CN=67f0f7e8-bd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:13:aa:ad:6c:36:4e:8d:24:f4:a2:07:cf:01:
da:35:2c:f7:9b:86:3b:4d:bb:1b:1c:65:a6:b0:76:
f0:d1:05:33:da:82:ed:fc:92:65:c5:e0:54:d2:b0:
30:f9:8f:25:c4:85:d1:48:f8:78:02:e5:36:bd:c0:
64:f8:0a:84:9e:d4:64:ce:87:6d:91:96:d6:27:5a:
c0:39:5e:03:3c:32:2c:49:1c:d0:84:24:8b:ee:58:
df:6d:81:b2:41:eb:7b:b7:3b:c1:dc:c4:e3:13:a9:
62:69:20:37:bf:a8:80:76:4a:db:96:9f:6d:a0:b1:
bb:67:17:c8:e5:ba:4b:a7:2e:3e:04:66:12:9a:08:
e2:27:d0:bc:a1:4e:42:09:e7:2b:b5:6f:6a:29:6e:
cf:e1:31:92:71:ca:66:fd:02:26:23:01:66:63:0e:
19:d9:d8:c9:8a:c2:35:2a:f9:43:72:a6:31:2e:1c:
5c:cb:98:df:c1:ab:75:fd:66:ed:02:80:02:ec:40:
37:a5:58:13:7b:02:64:c5:1b:f1:a2:5f:e1:5d:4e:
32:d9:17:9a:49:7e:95:fc:fd:c3:7e:3e:ff:49:db:
b9:88:48:25:77:ea:11:7e:bb:eb:29:4e:e2:88:b2:
e4:9d:64:ae:7c:3e:37:f4:89:64:74:33:09:d7:4a:
92:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:01:A9:97:FC:14:2A:BD:01:DE:64:67:3A:92:D8:9C:E1:1E:72:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6EC96342120011F09BE5AB8B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.16.0-156.237.63.255
156.237.96.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:bb:ad:02:a8:88:dc:e7:77:b2:d9:33:c6:5c:5f:c7:49:e5:
2f:99:d6:13:7e:60:b1:26:51:19:fe:64:c5:b9:24:87:59:07:
88:e3:6b:18:4d:73:8e:31:5c:c0:16:35:98:97:35:87:56:d5:
af:1b:d7:09:b9:d7:25:ea:ef:e6:70:da:c4:84:69:f7:96:f8:
d2:f2:c1:8a:9d:92:91:f3:5a:0d:81:ff:e1:b3:2a:ec:01:5c:
28:3c:3d:f0:42:3e:c6:84:e5:66:80:f7:a9:75:9f:c3:97:1a:
70:5d:da:20:e9:cb:b2:6b:af:46:50:6c:c6:ea:66:54:30:fe:
28:77:27:2a:6c:c0:de:0f:99:2b:24:f5:95:1f:ca:ff:ea:05:
ee:cc:99:cc:0a:88:bd:3e:73:b0:1d:03:12:bf:44:b4:e2:f0:
44:f2:3a:8f:98:15:ee:5f:d8:04:fb:cd:77:54:9a:5c:c4:45:
b7:a9:31:de:b4:a4:a5:d9:d7:a5:e3:91:0a:e4:3c:fe:8f:91:
0f:b6:9e:6c:7a:5e:72:27:e9:05:26:3d:60:2a:57:25:37:30:
d4:9b:7f:1d:d9:ea:d3:46:28:97:2a:fd:fc:1e:59:1a:4f:91:
b5:bc:a0:cc:8d:14:21:90:a9:0a:62:33:bf:97:b8:0f:c3:ce:
e0:47:22:e5
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUpQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA1MDkyOTA1WhcNMjUwNTExMDkyOTA1WjAYMRYw
FAYDVQQDEw02N2YwZjdlOC1iZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3hOqrWw2To0k9KIHzwHaNSz3m4Y7TbsbHGWmsHbw0QUz2oLt/JJlxeBU
0rAw+Y8lxIXRSPh4AuU2vcBk+AqEntRkzodtkZbWJ1rAOV4DPDIsSRzQhCSL7ljf
bYGyQet7tzvB3MTjE6liaSA3v6iAdkrblp9toLG7ZxfI5bpLpy4+BGYSmgjiJ9C8
oU5CCecrtW9qKW7P4TGSccpm/QImIwFmYw4Z2djJisI1KvlDcqYxLhxcy5jfwat1
/WbtAoAC7EA3pVgTewJkxRvxol/hXU4y2ReaSX6V/P3Dfj7/Sdu5iEgld+oRfrvr
KU7iiLLknWSufD439IlkdDMJ10qSUwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFIEB
qZf8FCq9Ad5kZzqS2JzhHnJ1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RUM5NjM0MjEyMDAxMUYwOUJFNUFCOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASc7RADBAac7QADBAOc7WAw
DQYJKoZIhvcNAQELBQADggEBACy7rQKoiNznd7LZM8ZcX8dJ5S+Z1hN+YLEmURn+
ZMW5JIdZB4jjaxhNc44xXMAWNZiXNYdW1a8b1wm51yXq7+Zw2sSEafeW+NLywYqd
kpHzWg2B/+GzKuwBXCg8PfBCPsaE5WaA96l1n8OXGnBd2iDpy7Jrr0ZQbMbqZlQw
/ih3JypswN4PmSsk9ZUfyv/qBe7MmcwKiL0+c7AdAxK/RLTi8ETyOo+YFe5f2AT7
zXdUmlzERbepMd60pKXZ16XjkQrkPP6PkQ+2nmx6XnIn6QUmPWAqVyU3MNSbfx3Z
6tNGKJcq/fweWRpPkbW8oMyNFCGQqQpiM7+XuA/DzuBHIuU=
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:06:16 2025 by rpki-client on console.sobornost.net