Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/130E81BE382E11F085F2CF8FDAE4EC9C.roa
File: 130E81BE382E11F085F2CF8FDAE4EC9C.roa (raw, json)
Hash identifier: n3FyV05LVBd7XgnO7aUvvyD5HhnWAXRaieNSfMULAPs=
Subject key identifier: BD:DB:DC:55:D2:E0:CA:67:52:03:68:20:35:53:AC:D8:B0:95:84:A9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015745
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/130E81BE382E11F085F2CF8FDAE4EC9C.roa
Signing time: Fri 23 May 2025 23:31:39 +0000
ROA not before: Fri 23 May 2025 23:31:34 +0000
ROA not after: Fri 26 Feb 2027 23:31:34 +0000
asID: 263681
IP address blocks: 156.227.7.0/24 maxlen: 24
156.227.246.0/23 maxlen: 24
156.233.110.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87877 (0x15745)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 23:31:34 2025 GMT
Not After : Feb 26 23:31:34 2027 GMT
Subject: CN=6831055b-8a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a3:9e:79:86:af:ba:26:81:44:f0:25:07:d1:
36:1e:2c:da:24:6b:d6:04:cb:d0:47:ad:85:f7:61:
11:c8:fc:90:17:5f:a6:e6:19:0e:19:30:d1:cb:10:
5f:9c:8c:99:b6:1d:45:a3:07:05:68:2c:fd:23:0b:
80:20:80:82:03:63:9c:66:84:7f:05:2e:35:07:a0:
be:3f:ae:e5:4b:cc:d5:02:f8:1e:24:a0:e3:b4:1e:
fa:42:b4:e8:94:77:9e:c2:a9:83:7e:a4:88:63:73:
17:cd:fe:23:98:08:e1:1d:e2:bd:9a:9c:40:73:97:
8f:34:b7:9f:54:c7:90:c1:03:eb:7c:0d:89:a0:e3:
d2:f9:30:a2:79:e4:ba:03:6e:ee:e9:c4:25:69:3b:
11:0c:89:1d:44:4e:d2:fa:4e:8a:61:5f:bd:30:fd:
0a:6e:ef:92:04:ee:c5:1c:57:4c:7d:11:2e:c6:cf:
cd:c4:92:fe:40:cb:fa:1d:5a:b2:f8:a4:8e:00:0b:
6e:78:51:d2:ef:60:7f:7d:9e:0b:17:34:7c:fe:8b:
c4:08:c9:45:8b:ed:95:a0:67:00:7d:87:25:96:e9:
1e:de:e2:37:08:d2:c4:e6:97:75:6a:40:79:81:5d:
59:42:5f:03:09:2e:b0:3d:72:c0:15:45:c0:52:df:
c2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DB:DC:55:D2:E0:CA:67:52:03:68:20:35:53:AC:D8:B0:95:84:A9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/130E81BE382E11F085F2CF8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.7.0/24
156.227.246.0/23
156.233.110.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:16:3d:59:6c:4f:2e:da:79:58:b7:3d:94:34:1a:06:bf:40:
c3:a4:0a:5c:b7:6f:0c:4b:96:0c:fd:5b:61:0a:08:4c:28:0d:
dd:00:fd:c4:bd:0c:ea:a2:00:59:84:90:2d:6f:43:ef:ab:6f:
8c:02:6f:23:61:e3:bc:b3:bd:62:58:df:eb:e3:f2:5b:28:c3:
bd:df:2c:39:68:43:a7:a8:29:8e:41:41:36:88:c1:ef:de:68:
7f:dd:cd:63:e8:6b:ff:37:e4:2e:49:51:3a:b4:1b:dc:d1:b4:
2f:e8:da:7c:51:b0:48:03:d5:26:65:cd:25:f0:8e:e7:f3:46:
03:37:5d:ba:fd:28:47:99:fc:b2:76:b1:7b:c1:a8:42:dd:1f:
16:be:c4:4b:89:f6:59:66:45:5d:b7:54:d5:66:92:77:51:00:
91:82:1d:fb:27:1d:01:e3:98:a1:0e:d3:3f:e2:bb:b1:da:d5:
bc:e7:9b:41:55:fb:dd:c4:02:4a:2a:1d:88:f3:6e:29:85:f4:
c8:47:6a:65:75:29:7a:6d:96:e1:4c:5c:c0:ef:ce:71:b5:fb:
2e:0c:1d:ec:d7:c3:25:e8:11:2a:c0:b3:7c:20:52:53:d7:2d:
f7:c2:fc:8c:91:96:5e:b9:9d:5e:de:38:dd:d5:d5:0c:7e:4e:
8b:20:c0:84
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVdFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMjMzMTM0WhcNMjcwMjI2MjMzMTM0WjAYMRYw
FAYDVQQDEw02ODMxMDU1Yi04YTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA36OeeYavuiaBRPAlB9E2HizaJGvWBMvQR62F92ERyPyQF1+m5hkOGTDR
yxBfnIyZth1FowcFaCz9IwuAIICCA2OcZoR/BS41B6C+P67lS8zVAvgeJKDjtB76
QrTolHeewqmDfqSIY3MXzf4jmAjhHeK9mpxAc5ePNLefVMeQwQPrfA2JoOPS+TCi
eeS6A27u6cQlaTsRDIkdRE7S+k6KYV+9MP0Kbu+SBO7FHFdMfREuxs/NxJL+QMv6
HVqy+KSOAAtueFHS72B/fZ4LFzR8/ovECMlFi+2VoGcAfYclluke3uI3CNLE5pd1
akB5gV1ZQl8DCS6wPXLAFUXAUt/C/QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFL3b
3FXS4MpnUgNoIDVTrNiwlYSpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzBFODFCRTM4MkUxMUYwODVGMkNGOEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnOMHAwQBnOP2AwQBnOluMA0G
CSqGSIb3DQEBCwUAA4IBAQCbFj1ZbE8u2nlYtz2UNBoGv0DDpApct28MS5YM/Vth
CghMKA3dAP3EvQzqogBZhJAtb0Pvq2+MAm8jYeO8s71iWN/r4/JbKMO93yw5aEOn
qCmOQUE2iMHv3mh/3c1j6Gv/N+QuSVE6tBvc0bQv6Np8UbBIA9UmZc0l8I7n80YD
N126/ShHmfyydrF7wahC3R8WvsRLifZZZkVdt1TVZpJ3UQCRgh37Jx0B45ihDtM/
4rux2tW855tBVfvdxAJKKh2I824phfTIR2pldSl6bZbhTFzA785xtfsuDB3s18Ml
6BEqwLN8IFJT1y33wvyMkZZeuZ1e3jjd1dUMfk6LIMCE
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:43:03 2025 by rpki-client