Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DD7D61E3B6711F0B755E88EDAE4EC9C.roa
File: 0DD7D61E3B6711F0B755E88EDAE4EC9C.roa (raw, json)
Hash identifier: 0ZM0IDYsSWFkr4PaNweq9ZEG6ilv028nIyDcW+ytCG4=
Subject key identifier: 61:A7:D4:6D:14:D7:62:55:9B:1F:3B:20:A3:77:0B:EF:31:FA:25:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015803
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DD7D61E3B6711F0B755E88EDAE4EC9C.roa
Signing time: Wed 28 May 2025 01:57:05 +0000
ROA not before: Wed 28 May 2025 01:57:00 +0000
ROA not after: Wed 27 May 2026 01:57:00 +0000
asID: 132839
IP address blocks: 156.242.128.0/19 maxlen: 24
156.242.160.0/19 maxlen: 24
156.242.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88067 (0x15803)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 01:57:00 2025 GMT
Not After : May 27 01:57:00 2026 GMT
Subject: CN=68366d71-7c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c9:54:ce:8d:09:68:88:83:37:39:bf:e2:e5:
56:ee:fa:40:02:a4:64:b2:7b:19:f0:7a:53:64:e7:
43:40:a0:33:7d:fc:29:b0:a6:73:79:84:20:0b:0d:
8f:8d:6b:37:1e:85:39:a4:3b:3b:00:c6:e2:31:e4:
eb:f9:56:04:b6:d0:cd:b9:e0:dd:cc:6e:61:9a:a6:
f7:cc:17:75:58:69:56:b5:79:55:8e:6a:13:4b:d3:
b6:83:aa:6e:93:e1:af:6a:d7:bf:3a:30:b5:c4:ea:
8e:85:56:b6:ff:b0:0c:2f:d5:29:41:ba:66:ef:37:
8b:be:ec:bb:93:ba:e4:5d:55:d0:b1:bc:f5:d6:60:
ff:47:1e:64:88:3c:31:0a:20:b6:f0:79:1b:cd:03:
9e:98:b7:38:64:6c:25:84:a2:0e:ce:c4:82:dc:bb:
96:a0:81:6b:85:78:10:8d:df:3b:fe:8b:3d:c0:fb:
a9:ab:39:5a:cf:32:87:0e:17:f5:20:d9:8e:72:da:
51:e1:25:3f:6c:7d:4c:2f:6d:bc:6b:f4:1e:82:38:
b9:8e:9c:75:46:6a:e8:64:a7:35:51:8d:3d:7f:a5:
61:9a:56:02:31:58:be:5b:0d:97:fa:1b:03:91:d9:
1e:e6:ba:34:b7:41:b2:f2:36:e3:c8:d1:13:d5:f4:
fe:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A7:D4:6D:14:D7:62:55:9B:1F:3B:20:A3:77:0B:EF:31:FA:25:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0DD7D61E3B6711F0B755E88EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.128.0-156.242.223.255
Signature Algorithm: sha256WithRSAEncryption
1c:f6:f0:8f:c5:5c:31:fe:b8:68:85:84:f7:78:d7:23:f2:59:
b8:35:b9:a0:cc:ff:1c:cf:37:ef:9e:aa:16:0a:d1:77:05:fb:
81:bb:74:12:79:e3:b8:c8:70:8d:81:a3:71:cd:2f:71:f9:dc:
e9:fe:14:5e:96:35:d0:d5:19:cc:7b:4b:61:7e:d1:78:94:2c:
6e:a5:09:90:54:65:7c:26:9c:c2:52:d1:09:cb:e4:26:2d:b5:
58:11:04:5a:c2:b7:ea:dd:c4:fb:e8:57:5e:27:9e:db:cb:e0:
42:9a:10:32:0b:52:c3:4c:20:d3:d5:7f:c6:49:f8:95:9b:49:
77:ac:71:76:80:15:dc:eb:d3:fe:d1:4d:1a:cd:6b:d1:ff:aa:
16:37:89:fc:55:a8:87:84:7c:3f:13:ee:3d:8e:63:8f:6d:6a:
cd:1b:ef:af:eb:47:a4:5f:51:3d:e7:45:0b:1c:6a:a0:f6:d0:
a4:ff:f5:ed:ad:d8:ce:65:43:f5:52:6e:55:6d:d9:14:a0:d1:
bc:42:ca:79:88:54:ed:b9:21:69:7d:b3:95:e1:bf:42:f8:27:
7d:46:34:51:79:37:ae:78:1c:86:63:24:de:28:88:e3:70:a7:
61:2a:f3:ce:b1:6d:da:50:67:45:bd:ef:76:cc:28:69:a1:ca:
87:78:76:21
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVgDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MDE1NzAwWhcNMjYwNTI3MDE1NzAwWjAYMRYw
FAYDVQQDEw02ODM2NmQ3MS03YzQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA68lUzo0JaIiDNzm/4uVW7vpAAqRksnsZ8HpTZOdDQKAzffwpsKZzeYQg
Cw2PjWs3HoU5pDs7AMbiMeTr+VYEttDNueDdzG5hmqb3zBd1WGlWtXlVjmoTS9O2
g6puk+Gvate/OjC1xOqOhVa2/7AML9UpQbpm7zeLvuy7k7rkXVXQsbz11mD/Rx5k
iDwxCiC28HkbzQOemLc4ZGwlhKIOzsSC3LuWoIFrhXgQjd87/os9wPupqzlazzKH
Dhf1INmOctpR4SU/bH1ML228a/Qegji5jpx1RmroZKc1UY09f6VhmlYCMVi+Ww2X
+hsDkdke5ro0t0Gy8jbjyNET1fT+OwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGGn
1G0U12JVmx87IKN3C+8x+iXCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wREQ3RDYxRTNCNjcxMUYwQjc1NUU4OEVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAec8oADBAWc8sAwDQYJKoZI
hvcNAQELBQADggEBABz28I/FXDH+uGiFhPd41yPyWbg1uaDM/xzPN++eqhYK0XcF
+4G7dBJ547jIcI2Bo3HNL3H53On+FF6WNdDVGcx7S2F+0XiULG6lCZBUZXwmnMJS
0QnL5CYttVgRBFrCt+rdxPvoV14nntvL4EKaEDILUsNMINPVf8ZJ+JWbSXescXaA
Fdzr0/7RTRrNa9H/qhY3ifxVqIeEfD8T7j2OY49tas0b76/rR6RfUT3nRQscaqD2
0KT/9e2t2M5lQ/VSblVt2RSg0bxCynmIVO25IWl9s5Xhv0L4J31GNFF5N654HIZj
JN4oiONwp2Eq886xbdpQZ0W973bMKGmhyod4diE=
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:07:55 2025 by rpki-client