Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B6F7D90316211F08215DFDEDAE4EC9C.roa
File: 1B6F7D90316211F08215DFDEDAE4EC9C.roa (raw, json)
Hash identifier: Ygz9mzUEwifu6uLw32DQ2tjS4R2zO7Z+RKBxo47pzaE=
Subject key identifier: 68:AE:8D:8C:11:DF:EE:89:A4:9A:1A:53:72:98:35:57:F3:BF:CA:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015489
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B6F7D90316211F08215DFDEDAE4EC9C.roa
Signing time: Thu 15 May 2025 07:56:29 +0000
ROA not before: Thu 15 May 2025 07:56:24 +0000
ROA not after: Sun 15 Jun 2025 07:56:24 +0000
asID: 134365
IP address blocks: 156.226.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87177 (0x15489)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 15 07:56:24 2025 GMT
Not After : Jun 15 07:56:24 2025 GMT
Subject: CN=68259e2d-56d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:39:81:af:e6:19:e5:80:76:e1:81:76:8a:14:
32:a6:05:c4:d0:fc:87:4e:cf:a0:60:6a:91:9b:06:
ed:88:d1:96:2f:e2:d1:b1:ae:d0:5f:5b:6d:d1:7a:
ac:6a:27:95:e3:9f:12:11:46:11:b7:96:9e:82:93:
75:f5:7e:00:d0:41:be:ee:23:50:7c:d0:eb:46:7e:
ac:48:e3:c7:d5:c6:52:b5:d2:10:53:d2:2c:1f:f4:
3d:e0:3c:ec:9f:fc:3b:11:05:55:79:1a:71:8d:f1:
6c:56:ca:be:25:92:25:7f:7f:26:df:17:2f:4e:71:
94:27:64:c0:67:cb:16:1b:25:25:ac:37:d6:71:94:
aa:74:ed:e7:5b:61:3b:53:0d:8e:14:7a:74:39:65:
f9:e0:67:0c:c1:c1:7d:4f:9d:96:2a:87:0f:c7:44:
79:03:4f:ad:4b:8d:ee:c1:8a:74:65:20:7c:05:16:
67:98:d7:12:57:69:ea:29:27:31:90:fb:2e:05:02:
18:3a:91:2b:4d:8f:90:72:73:3b:b9:f2:e5:79:85:
d7:18:e2:ec:fe:0a:ed:3e:9b:39:cd:12:6b:9b:c5:
4c:37:b8:c1:4f:d4:f5:63:ce:4a:da:5b:c6:a2:c2:
9e:40:24:bd:f1:f3:cd:99:1a:55:9b:7f:e1:28:33:
55:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AE:8D:8C:11:DF:EE:89:A4:9A:1A:53:72:98:35:57:F3:BF:CA:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B6F7D90316211F08215DFDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.176.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:95:04:6d:fe:41:e4:8b:aa:72:6a:40:cd:46:71:6f:c1:92:
de:af:b7:65:ec:84:27:e8:09:7b:23:2a:0b:5d:13:53:65:d7:
03:49:56:de:da:47:34:10:54:aa:e5:00:69:c3:b0:58:18:d4:
ce:50:e2:c5:bb:23:8a:db:21:d0:31:85:c7:f4:a8:c8:a8:07:
59:e2:57:72:51:83:50:2b:4b:db:2d:64:bd:89:eb:d8:7c:e7:
18:f0:2b:71:58:6a:2a:fc:7a:3b:04:82:b8:b5:05:88:e3:a4:
cf:a8:ae:59:54:a1:e9:b4:a5:ad:16:6f:08:7f:96:85:bb:38:
95:87:51:15:e1:db:57:33:80:c8:78:5a:61:4a:71:c8:4d:3c:
21:d6:17:c4:9f:31:7a:ad:1f:d2:ed:7b:19:70:96:67:ee:63:
3f:ed:33:cf:3c:c7:00:57:66:f7:0d:ec:c6:04:dd:ff:24:4e:
de:11:7e:c5:dd:cf:5c:e1:ca:d0:27:e0:2b:59:19:78:56:b4:
c9:ac:b5:c1:43:ba:d4:3c:2b:8a:d3:fd:9f:6a:8c:5a:4c:81:
0a:d6:da:cb:2b:ae:4e:52:4e:3d:17:22:38:04:34:d0:fa:23:
b7:01:dd:32:a8:68:84:74:66:42:f6:47:d8:c0:10:63:d3:e9:
17:2c:63:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVSJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE1MDc1NjI0WhcNMjUwNjE1MDc1NjI0WjAYMRYw
FAYDVQQDEw02ODI1OWUyZC01NmQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyDmBr+YZ5YB24YF2ihQypgXE0PyHTs+gYGqRmwbtiNGWL+LRsa7QX1tt
0XqsaieV458SEUYRt5aegpN19X4A0EG+7iNQfNDrRn6sSOPH1cZStdIQU9IsH/Q9
4Dzsn/w7EQVVeRpxjfFsVsq+JZIlf38m3xcvTnGUJ2TAZ8sWGyUlrDfWcZSqdO3n
W2E7Uw2OFHp0OWX54GcMwcF9T52WKocPx0R5A0+tS43uwYp0ZSB8BRZnmNcSV2nq
KScxkPsuBQIYOpErTY+QcnM7ufLleYXXGOLs/grtPps5zRJrm8VMN7jBT9T1Y85K
2lvGosKeQCS98fPNmRpVm3/hKDNVvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGiu
jYwR3+6JpJoaU3KYNVfzv8rbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjZGN0Q5MDMxNjIxMUYwODIxNURGREVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOKwMA0GCSqGSIb3DQEBCwUA
A4IBAQA7lQRt/kHki6pyakDNRnFvwZLer7dl7IQn6Al7IyoLXRNTZdcDSVbe2kc0
EFSq5QBpw7BYGNTOUOLFuyOK2yHQMYXH9KjIqAdZ4ldyUYNQK0vbLWS9ievYfOcY
8CtxWGoq/Ho7BIK4tQWI46TPqK5ZVKHptKWtFm8If5aFuziVh1EV4dtXM4DIeFph
SnHITTwh1hfEnzF6rR/S7XsZcJZn7mM/7TPPPMcAV2b3DezGBN3/JE7eEX7F3c9c
4crQJ+ArWRl4VrTJrLXBQ7rUPCuK0/2faoxaTIEK1trLK65OUk49FyI4BDTQ+iO3
Ad0yqGiEdGZC9kfYwBBj0+kXLGOK
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:26:37 2025 by rpki-client