Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F845554300011F0A0D5539ADAE4EC9C.roa
File: 0F845554300011F0A0D5539ADAE4EC9C.roa (raw, json)
Hash identifier: uUpQF4nvloMyemp9RGnXgo1gV5AowAojtlQK6XWN7TU=
Subject key identifier: 19:1C:54:83:30:8B:5D:71:42:B1:9E:8F:B6:5F:2B:D8:28:A4:03:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F845554300011F0A0D5539ADAE4EC9C.roa
Signing time: Tue 13 May 2025 13:42:07 +0000
ROA not before: Tue 13 May 2025 13:42:02 +0000
ROA not after: Sat 21 Jun 2025 13:42:02 +0000
asID: 14315
IP address blocks: 156.224.64.0/22 maxlen: 24
156.224.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87034 (0x153fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 13:42:02 2025 GMT
Not After : Jun 21 13:42:02 2025 GMT
Subject: CN=68234c2f-747e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8a:b9:79:ef:a5:94:2f:23:3b:2e:bc:b2:4c:
10:37:2f:c3:eb:7b:0c:c8:6b:51:28:7c:8e:39:a2:
e5:d8:55:4a:21:5e:4c:93:42:1d:3b:15:84:7b:6a:
69:12:93:43:93:a8:49:88:40:9f:b6:af:1f:61:86:
c6:3b:ae:61:1a:a6:2f:74:1d:fb:07:0f:d2:7a:c5:
87:19:cb:58:2f:5b:ef:ad:7b:27:b1:26:12:17:3e:
d9:aa:84:11:75:26:c5:d1:3a:48:ff:2f:b9:03:ff:
49:e3:58:13:92:0e:84:5f:e6:b0:e4:0d:93:38:7c:
d1:f0:86:8c:4a:fe:79:d1:4d:c3:01:b8:f3:b5:c5:
07:81:76:a0:59:41:b5:7a:66:1d:75:22:79:22:c1:
18:0f:06:c2:7b:9b:14:9d:9d:b9:52:a1:88:b7:37:
81:da:95:62:6f:95:a2:04:e0:48:48:8e:9c:a5:9d:
7e:2d:fb:5c:ae:ca:47:a4:cb:37:64:d5:c3:db:b3:
ea:bb:7a:c4:a8:a5:02:61:d0:b6:56:dd:d9:70:37:
99:8f:f8:c8:04:6d:91:80:fa:25:0e:4a:11:0c:f6:
32:dd:72:39:a1:4a:96:df:7c:ca:9e:8a:b6:6c:4e:
a0:67:bd:ac:51:2c:80:d1:71:8c:47:8b:29:34:97:
27:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1C:54:83:30:8B:5D:71:42:B1:9E:8F:B6:5F:2B:D8:28:A4:03:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F845554300011F0A0D5539ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.64.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:b4:ff:39:be:36:e9:42:de:be:28:74:89:a0:52:8b:73:87:
c1:61:34:f1:c2:bb:69:ad:9a:d0:cf:50:38:83:f3:17:52:40:
d7:f8:b4:dc:12:5b:7e:a7:ae:ae:47:bd:95:5d:bd:56:a7:52:
b3:87:f8:00:b5:43:b9:be:6d:ff:f6:85:d5:d1:0c:3e:fc:69:
89:d8:ed:0a:7f:b5:7c:47:4d:9a:1a:b0:00:c3:b6:9d:f5:22:
d3:f5:10:92:0a:77:3c:32:83:41:2c:69:42:53:b1:30:48:7f:
95:12:7f:82:7c:33:dc:d6:d2:df:a5:5a:25:87:5a:8e:bc:6e:
d8:c5:04:a3:ae:f6:2c:fa:ba:93:9e:10:77:0a:69:59:aa:53:
e3:35:38:8f:1e:96:39:d6:bc:13:05:4e:18:64:d8:f9:fb:c6:
4b:d6:15:0f:20:da:4c:e8:43:3a:82:a7:c4:f7:89:32:bc:90:
cd:27:e7:28:6a:fe:c6:59:f3:36:a0:6f:32:ee:c9:2f:10:4d:
8d:7c:f1:6f:8a:00:ee:89:2f:1c:af:34:e3:ce:88:25:ee:42:
85:a2:5e:01:b0:dc:03:de:f1:e3:5f:d4:dd:80:af:5b:40:66:
3a:9e:e6:81:56:d8:88:e7:e3:bb:b0:a4:36:57:7b:37:d7:84:
b1:22:cf:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVP6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMTM0MjAyWhcNMjUwNjIxMTM0MjAyWjAYMRYw
FAYDVQQDEw02ODIzNGMyZi03NDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5Yq5ee+llC8jOy68skwQNy/D63sMyGtRKHyOOaLl2FVKIV5Mk0IdOxWE
e2ppEpNDk6hJiECftq8fYYbGO65hGqYvdB37Bw/SesWHGctYL1vvrXsnsSYSFz7Z
qoQRdSbF0TpI/y+5A/9J41gTkg6EX+aw5A2TOHzR8IaMSv550U3DAbjztcUHgXag
WUG1emYddSJ5IsEYDwbCe5sUnZ25UqGItzeB2pVib5WiBOBISI6cpZ1+LftcrspH
pMs3ZNXD27Pqu3rEqKUCYdC2Vt3ZcDeZj/jIBG2RgPolDkoRDPYy3XI5oUqW33zK
noq2bE6gZ72sUSyA0XGMR4spNJcnxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBkc
VIMwi11xQrGej7ZfK9gopAPMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjg0NTU1NDMwMDAxMUYwQTBENTUzOUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOBAMA0GCSqGSIb3DQEBCwUA
A4IBAQAutP85vjbpQt6+KHSJoFKLc4fBYTTxwrtprZrQz1A4g/MXUkDX+LTcElt+
p66uR72VXb1Wp1Kzh/gAtUO5vm3/9oXV0Qw+/GmJ2O0Kf7V8R02aGrAAw7ad9SLT
9RCSCnc8MoNBLGlCU7EwSH+VEn+CfDPc1tLfpVolh1qOvG7YxQSjrvYs+rqTnhB3
CmlZqlPjNTiPHpY51rwTBU4YZNj5+8ZL1hUPINpM6EM6gqfE94kyvJDNJ+coav7G
WfM2oG8y7skvEE2NfPFvigDuiS8crzTjzogl7kKFol4BsNwD3vHjX9TdgK9bQGY6
nuaBVtiI5+O7sKQ2V3s314SxIs+m
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:26:58 2025 by rpki-client