Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/166B864029A111F08D0EE57DDAE4EC9C.roa
File: 166B864029A111F08D0EE57DDAE4EC9C.roa (raw, json)
Hash identifier: mdsKeRYtuUN5L89IxrdsPCizcl3nXXTgVDmy7lvCwcU=
Subject key identifier: F2:C6:8A:07:8F:19:F8:D5:22:32:95:43:79:4C:27:2D:04:B4:F6:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01521B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/166B864029A111F08D0EE57DDAE4EC9C.roa
Signing time: Mon 05 May 2025 11:07:09 +0000
ROA not before: Mon 05 May 2025 11:07:05 +0000
ROA not after: Tue 05 May 2026 11:07:05 +0000
asID: 984
IP address blocks: 156.242.190.0/24 maxlen: 24
156.242.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86555 (0x1521b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 5 11:07:05 2025 GMT
Not After : May 5 11:07:05 2026 GMT
Subject: CN=68189bdd-19d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:55:ef:ba:77:1b:ff:aa:0d:27:55:57:a0:1e:
31:62:42:c8:cf:61:98:e0:7f:e9:15:b6:6b:60:3d:
19:2e:c0:20:65:56:67:98:1e:fb:58:9c:8d:96:a2:
60:97:5d:d3:87:fc:7d:ee:b5:a1:0b:e8:e6:45:c7:
31:72:0d:2a:a8:ea:fd:94:7c:6c:0c:d7:f7:c2:fd:
7f:85:dc:2d:82:15:b6:23:c0:df:21:cf:ac:7b:e1:
6b:e4:47:be:8b:21:01:62:db:95:c9:38:8a:0b:2a:
fe:cc:25:61:8c:f7:3d:11:68:03:e5:75:34:09:80:
07:d6:80:5c:dd:ae:7a:32:4e:6c:a1:bd:26:7d:eb:
08:de:7d:76:03:2d:7b:dc:f3:46:51:fe:be:7d:47:
b8:0a:cd:5f:1b:ed:ec:bc:7a:16:27:f7:a8:ba:2e:
b3:ff:bd:69:da:1c:79:7a:78:d3:e8:30:35:e4:1b:
1a:c8:45:e8:5f:15:8c:da:c6:aa:1d:b9:2e:3f:46:
dd:27:cb:51:6f:ca:73:7c:42:6c:b8:fe:68:76:36:
f7:c6:cb:c2:3e:2b:1f:cf:05:a7:36:27:5c:30:5c:
97:42:b0:85:ed:12:87:58:25:7c:a3:62:f8:c5:a0:
2f:ae:60:65:a5:29:dd:ac:96:46:b6:56:54:44:fd:
dc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:C6:8A:07:8F:19:F8:D5:22:32:95:43:79:4C:27:2D:04:B4:F6:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/166B864029A111F08D0EE57DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.190.0/23
Signature Algorithm: sha256WithRSAEncryption
03:5f:66:97:19:89:0c:ca:03:bd:9a:2e:e5:9f:d9:30:14:6f:
54:7f:02:fc:cf:1f:30:e3:04:f1:d4:eb:7e:0b:50:b1:8d:5c:
0f:89:53:73:87:4d:3e:4a:74:53:a8:29:a8:b9:d2:80:76:76:
01:b6:bb:09:10:c7:aa:54:78:98:63:33:0f:ed:40:38:2b:21:
a1:ed:af:49:30:a5:d5:03:c4:48:6c:26:81:36:b6:21:7d:1a:
9a:11:a0:09:c1:14:24:55:ef:2e:5e:fe:82:be:fd:4e:ae:47:
8d:4c:1c:59:d7:a2:c7:ba:73:72:1e:26:7f:dc:52:f8:6a:24:
2d:e1:7c:bd:5c:7b:c3:20:c2:6d:df:4d:29:dc:7c:94:6b:df:
3b:89:a9:35:19:95:74:eb:22:38:14:28:c5:d4:08:41:ca:5e:
cd:93:9f:87:62:50:b8:97:6e:8c:c1:8c:c4:7f:7a:8c:73:a9:
ce:3d:b7:d5:ca:42:88:bf:ed:92:be:47:18:92:69:aa:32:33:
fb:59:63:dc:0c:54:68:99:1c:c3:f5:31:8e:81:ad:9c:84:03:
a9:dd:d0:0e:58:92:19:f4:1b:3b:3e:24:62:17:e2:83:06:cf:
21:69:0e:13:26:c2:cc:f2:a6:5b:d7:b6:c6:a6:2d:61:c1:07:
45:4f:46:43
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVIbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA1MTEwNzA1WhcNMjYwNTA1MTEwNzA1WjAYMRYw
FAYDVQQDEw02ODE4OWJkZC0xOWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAslXvuncb/6oNJ1VXoB4xYkLIz2GY4H/pFbZrYD0ZLsAgZVZnmB77WJyN
lqJgl13Th/x97rWhC+jmRccxcg0qqOr9lHxsDNf3wv1/hdwtghW2I8DfIc+se+Fr
5Ee+iyEBYtuVyTiKCyr+zCVhjPc9EWgD5XU0CYAH1oBc3a56Mk5sob0mfesI3n12
Ay173PNGUf6+fUe4Cs1fG+3svHoWJ/eoui6z/71p2hx5enjT6DA15BsayEXoXxWM
2saqHbkuP0bdJ8tRb8pzfEJsuP5odjb3xsvCPisfzwWnNidcMFyXQrCF7RKHWCV8
o2L4xaAvrmBlpSndrJZGtlZURP3cpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPLG
igePGfjVIjKVQ3lMJy0EtPahMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjZCODY0MDI5QTExMUYwOEQwRUU1N0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPK+MA0GCSqGSIb3DQEBCwUA
A4IBAQADX2aXGYkMygO9mi7ln9kwFG9UfwL8zx8w4wTx1Ot+C1CxjVwPiVNzh00+
SnRTqCmoudKAdnYBtrsJEMeqVHiYYzMP7UA4KyGh7a9JMKXVA8RIbCaBNrYhfRqa
EaAJwRQkVe8uXv6Cvv1OrkeNTBxZ16LHunNyHiZ/3FL4aiQt4Xy9XHvDIMJt300p
3HyUa987iak1GZV06yI4FCjF1AhByl7Nk5+HYlC4l26MwYzEf3qMc6nOPbfVykKI
v+2SvkcYkmmqMjP7WWPcDFRomRzD9TGOga2chAOp3dAOWJIZ9Bs7PiRiF+KDBs8h
aQ4TJsLM8qZb17bGpi1hwQdFT0ZD
-----END CERTIFICATE-----
Generated at Thu Jun 5 02:01:09 2025 by rpki-client