Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/166FAA3230A811F08E200383DAE4EC9C.roa
File: 166FAA3230A811F08E200383DAE4EC9C.roa (raw, json)
Hash identifier: nFeEGUJA3txWUQCh2/ch7gPELw0rl/wXdw8kd0ILdZc=
Subject key identifier: C3:B2:34:2F:4C:20:0E:A4:6A:F7:74:8C:22:A3:FC:BD:ED:E7:85:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015436
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/166FAA3230A811F08E200383DAE4EC9C.roa
Signing time: Wed 14 May 2025 09:44:54 +0000
ROA not before: Wed 14 May 2025 09:44:50 +0000
ROA not after: Sun 22 Jun 2025 09:44:50 +0000
asID: 137899
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87094 (0x15436)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 14 09:44:50 2025 GMT
Not After : Jun 22 09:44:50 2025 GMT
Subject: CN=68246616-3ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e8:d9:2b:d7:2f:7d:e6:16:ce:49:02:87:a2:
45:5f:6e:5a:8f:61:9b:13:79:d7:3b:b4:2e:f1:6c:
a1:71:05:f5:54:1d:f3:8d:d9:e0:7a:59:85:6a:0c:
c3:89:ee:45:03:fd:29:73:20:28:48:8f:e7:91:bc:
8e:81:70:9c:b9:47:a9:ce:0d:02:3b:4e:93:2e:42:
b5:d0:c5:6b:b5:ae:b7:7f:05:8f:65:3b:36:bb:7e:
7a:41:02:90:5b:bd:c8:0b:1f:f3:c7:9b:97:f8:d5:
99:5f:24:33:1b:1e:0f:4a:83:6f:1c:21:82:7b:9c:
fb:ba:1e:97:fc:06:88:d6:f1:bd:2c:11:eb:49:05:
38:9c:75:90:9a:13:8e:20:45:7b:36:15:6f:f3:3f:
70:31:73:b6:12:3d:9a:cb:3a:50:71:f6:98:89:fe:
a5:fa:96:ca:ce:88:90:ad:b5:f9:e5:83:bc:12:3c:
54:dd:00:68:b0:21:60:1b:cb:6f:dd:51:7a:6b:f2:
58:c4:3f:e7:29:20:e2:f7:00:27:99:b0:e9:31:6f:
63:f5:6a:52:50:8f:e4:fb:ea:86:c3:1e:3d:6a:01:
cc:5e:ea:ba:a3:70:4f:62:3d:f8:4b:3d:4e:15:5d:
ea:3e:67:2d:81:10:70:df:e6:b8:d8:bb:c1:29:19:
1f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B2:34:2F:4C:20:0E:A4:6A:F7:74:8C:22:A3:FC:BD:ED:E7:85:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/166FAA3230A811F08E200383DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
2c:68:22:99:69:5d:5c:72:26:a8:e6:58:dc:e9:de:22:b8:51:
24:6d:1c:2d:dc:8c:1f:dc:e5:1a:fb:2a:96:f0:82:68:d8:30:
d2:79:45:21:44:40:1a:49:b2:de:cc:77:9e:d0:16:c8:cf:e8:
61:24:d4:49:b7:82:2c:c9:57:2f:18:17:40:25:76:19:88:79:
59:61:e5:b3:93:04:0c:cf:9d:36:fb:c3:7e:b0:d9:3b:39:be:
88:75:42:53:72:22:7c:ab:59:ec:91:b3:9c:58:bb:c1:a4:94:
c2:ad:aa:12:06:89:43:88:ce:8a:86:7b:bb:4a:e5:6c:4d:4b:
39:f1:2b:64:b9:e5:c4:6d:e9:6a:4a:41:79:02:38:7e:3e:06:
8e:ae:b0:7e:b2:56:23:2c:19:70:88:69:b0:54:67:b7:1b:91:
cf:bc:97:ea:0a:20:75:3a:96:f5:23:1b:23:62:51:15:bb:00:
f6:e4:35:65:d3:f4:a4:de:5d:82:e8:20:cc:ad:df:5c:d6:df:
0d:9d:7e:20:65:61:9f:dc:a3:40:d0:b2:77:b6:d1:ea:67:47:
f5:48:30:55:33:b4:5f:08:ab:f7:21:a2:2f:50:c3:9d:e2:34:
a0:60:21:b4:bb:ef:fa:46:85:66:12:d2:b0:08:31:f3:25:9d:
b2:c0:7e:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVQ2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE0MDk0NDUwWhcNMjUwNjIyMDk0NDUwWjAYMRYw
FAYDVQQDEw02ODI0NjYxNi0zZWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsujZK9cvfeYWzkkCh6JFX25aj2GbE3nXO7Qu8WyhcQX1VB3zjdngelmF
agzDie5FA/0pcyAoSI/nkbyOgXCcuUepzg0CO06TLkK10MVrta63fwWPZTs2u356
QQKQW73ICx/zx5uX+NWZXyQzGx4PSoNvHCGCe5z7uh6X/AaI1vG9LBHrSQU4nHWQ
mhOOIEV7NhVv8z9wMXO2Ej2ayzpQcfaYif6l+pbKzoiQrbX55YO8EjxU3QBosCFg
G8tv3VF6a/JYxD/nKSDi9wAnmbDpMW9j9WpSUI/k++qGwx49agHMXuq6o3BPYj34
Sz1OFV3qPmctgRBw3+a42LvBKRkfmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMOy
NC9MIA6kavd0jCKj/L3t54UEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNjZGQUEzMjMwQTgxMUYwOEUyMDAzODNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQAsaCKZaV1cciao5ljc6d4iuFEkbRwt3Iwf3OUa+yqW8IJo2DDSeUUhREAa
SbLezHee0BbIz+hhJNRJt4IsyVcvGBdAJXYZiHlZYeWzkwQMz502+8N+sNk7Ob6I
dUJTciJ8q1nskbOcWLvBpJTCraoSBolDiM6Khnu7SuVsTUs58StkueXEbelqSkF5
Ajh+PgaOrrB+slYjLBlwiGmwVGe3G5HPvJfqCiB1Opb1IxsjYlEVuwD25DVl0/Sk
3l2C6CDMrd9c1t8NnX4gZWGf3KNA0LJ3ttHqZ0f1SDBVM7RfCKv3IaIvUMOd4jSg
YCG0u+/6RoVmEtKwCDHzJZ2ywH6I
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:32:53 2025 by rpki-client