Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13121ABE38A011F0BE6B5782DAE4EC9C.roa
File: 13121ABE38A011F0BE6B5782DAE4EC9C.roa (raw, json)
Hash identifier: G9EPRvKbSSBSZSel0jT3R71Olwc8SNa21q5zbECtdAM=
Subject key identifier: 80:2F:76:92:9A:FE:88:FA:1C:8B:DB:73:45:BF:96:3F:B7:04:3A:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015750
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13121ABE38A011F0BE6B5782DAE4EC9C.roa
Signing time: Sat 24 May 2025 13:07:42 +0000
ROA not before: Sat 24 May 2025 13:07:37 +0000
ROA not after: Mon 01 Dec 2025 13:07:37 +0000
asID: 55720
IP address blocks: 156.241.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87888 (0x15750)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 24 13:07:37 2025 GMT
Not After : Dec 1 13:07:37 2025 GMT
Subject: CN=6831c49e-c09f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:02:0d:00:3a:36:1c:6b:9a:c2:82:af:a3:8e:
87:0b:3a:37:08:e7:02:81:4f:ef:6e:a2:dd:78:ad:
8e:7f:47:a9:61:ca:40:56:11:11:c3:7b:3f:f4:e9:
e2:28:6b:25:b1:bc:40:f6:22:22:24:7e:07:af:69:
25:9b:3f:1f:0d:97:83:22:c3:ab:e1:75:ee:a2:ec:
8b:25:3b:eb:02:0d:67:42:0d:54:50:75:46:a8:0f:
8b:d3:5b:43:97:ce:01:9d:57:ba:62:5d:23:68:bf:
4c:0a:f6:64:93:54:5f:45:e4:1f:2b:14:38:42:7c:
4e:f0:d9:44:13:a3:7e:36:a6:26:c9:a7:94:33:92:
c0:fa:ca:62:3a:77:35:b5:09:b8:a3:88:d6:2f:d1:
be:5c:01:7e:e1:bd:a4:95:fe:89:27:84:5f:81:1f:
c1:49:91:42:3f:d1:49:30:1c:73:da:a3:ca:4a:d8:
8f:59:2b:84:bb:3e:4a:74:a1:14:be:42:9e:17:ba:
79:d4:6a:cb:69:df:8b:ec:53:3f:3d:1e:54:32:db:
5e:80:eb:de:18:a7:ab:a6:5b:ca:34:5b:6d:c6:11:
51:c5:d7:01:60:38:47:d7:c7:d0:d4:80:ee:20:a8:
69:75:88:af:5d:83:f3:b5:e2:24:2e:a3:78:94:86:
fe:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:2F:76:92:9A:FE:88:FA:1C:8B:DB:73:45:BF:96:3F:B7:04:3A:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13121ABE38A011F0BE6B5782DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:7c:f6:27:9e:64:d1:30:13:68:7f:df:ec:a5:6a:92:8c:81:
15:44:78:d7:a3:61:d8:04:8d:ed:19:99:b9:6b:aa:d1:92:b8:
0d:16:f9:6f:24:79:6c:29:8f:1d:ba:9f:7e:92:03:2d:80:e5:
18:c4:1a:dd:ae:a7:41:d8:ef:3b:9a:49:0e:9c:8f:fc:7c:e1:
7c:6a:9d:f4:c0:3d:be:ad:56:98:47:10:d2:46:5c:de:76:36:
f7:18:2b:de:01:60:20:9e:84:ae:07:c2:f5:3e:3c:d4:9a:b5:
d0:58:b7:7e:10:3c:bf:6a:b4:50:06:4f:45:3d:d5:7e:a7:7c:
82:ae:6f:e7:67:27:f8:f6:b3:00:40:54:73:e1:e0:63:d1:ff:
6f:ae:ee:9b:6f:b2:8f:41:cb:e8:c0:3e:50:cc:20:5c:02:f9:
a5:83:d8:43:f3:ed:2f:46:a1:02:db:20:e3:2c:a9:c6:39:68:
f8:00:9c:7e:8f:cd:3b:a8:ea:dc:b0:52:1a:14:4d:e8:28:4e:
bb:3a:75:5d:8c:16:ab:10:60:ac:0b:59:54:fb:54:76:0b:92:
43:a4:60:be:bd:e9:09:e2:1d:f7:de:4d:fa:f8:a5:04:ba:7c:
98:73:b5:ec:b4:b4:e9:d0:81:04:e9:d5:6c:3c:8e:ed:82:f0:
ec:7c:4c:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVdQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI0MTMwNzM3WhcNMjUxMjAxMTMwNzM3WjAYMRYw
FAYDVQQDEw02ODMxYzQ5ZS1jMDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1QINADo2HGuawoKvo46HCzo3COcCgU/vbqLdeK2Of0epYcpAVhERw3s/
9OniKGslsbxA9iIiJH4Hr2klmz8fDZeDIsOr4XXuouyLJTvrAg1nQg1UUHVGqA+L
01tDl84BnVe6Yl0jaL9MCvZkk1RfReQfKxQ4QnxO8NlEE6N+NqYmyaeUM5LA+spi
Onc1tQm4o4jWL9G+XAF+4b2klf6JJ4RfgR/BSZFCP9FJMBxz2qPKStiPWSuEuz5K
dKEUvkKeF7p51GrLad+L7FM/PR5UMttegOveGKerplvKNFttxhFRxdcBYDhH18fQ
1IDuIKhpdYivXYPzteIkLqN4lIb+uQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIAv
dpKa/oj6HIvbc0W/lj+3BDq3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzEyMUFCRTM4QTAxMUYwQkU2QjU3ODJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPECMA0GCSqGSIb3DQEBCwUA
A4IBAQBqfPYnnmTRMBNof9/spWqSjIEVRHjXo2HYBI3tGZm5a6rRkrgNFvlvJHls
KY8dup9+kgMtgOUYxBrdrqdB2O87mkkOnI/8fOF8ap30wD2+rVaYRxDSRlzedjb3
GCveAWAgnoSuB8L1PjzUmrXQWLd+EDy/arRQBk9FPdV+p3yCrm/nZyf49rMAQFRz
4eBj0f9vru6bb7KPQcvowD5QzCBcAvmlg9hD8+0vRqEC2yDjLKnGOWj4AJx+j807
qOrcsFIaFE3oKE67OnVdjBarEGCsC1lU+1R2C5JDpGC+vekJ4h333k36+KUEunyY
c7XstLTp0IEE6dVsPI7tgvDsfEzK
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:38:58 2025 by rpki-client