Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20FBAAAA329711F09DF357E6DAE4EC9C.roa
File: 20FBAAAA329711F09DF357E6DAE4EC9C.roa (raw, json)
Hash identifier: Pp7m4nQNPCOah9DYFOV+hIKhX6Ed1dgeohqiLA9aLgE=
Subject key identifier: C7:58:31:D9:9F:F7:CB:74:F1:68:5C:27:4C:AE:1B:73:90:F1:C1:83
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01553F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20FBAAAA329711F09DF357E6DAE4EC9C.roa
Signing time: Fri 16 May 2025 20:48:33 +0000
ROA not before: Fri 16 May 2025 20:48:27 +0000
ROA not after: Sat 05 Jul 2025 20:48:27 +0000
asID: 394432
IP address blocks: 156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87359 (0x1553f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 16 20:48:27 2025 GMT
Not After : Jul 5 20:48:27 2025 GMT
Subject: CN=6827a4a1-f694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3b:9a:78:ce:f8:25:6d:3d:e3:94:2b:4b:7a:
6a:f1:85:01:a4:97:ea:8c:4f:2c:f4:19:ea:35:9b:
bb:00:49:73:64:75:5c:57:e0:f1:ab:d5:99:3a:35:
79:37:dd:17:62:01:cc:bd:47:fd:e5:07:a6:c1:36:
e7:b5:17:9e:c4:c7:bb:15:4a:c7:4c:3f:18:41:a7:
cc:24:a8:dd:ce:b2:05:e0:86:1a:03:5b:91:b3:cf:
80:1a:64:a0:8c:27:1d:0d:15:e3:a1:65:62:1d:c7:
e5:55:6f:10:fe:17:fb:03:ee:a6:d0:04:c7:d3:15:
77:1a:62:0f:a9:7e:18:9f:86:1d:bf:b3:69:c3:cb:
6b:bf:e2:58:15:41:12:cc:19:ad:70:d0:91:4b:d8:
c2:1e:d5:68:84:27:9f:9b:ce:01:ff:fa:86:6d:f6:
92:3c:05:d6:47:37:f8:64:57:0d:5f:2a:df:a4:6f:
65:1a:7e:a8:38:78:f0:4c:c4:37:99:a7:20:33:8e:
11:9c:4f:05:22:cc:a0:40:21:e3:3c:1e:96:fb:82:
b9:66:a3:65:72:44:78:0c:4c:e1:87:27:62:90:93:
bc:d5:12:d7:a5:97:be:0c:6b:82:4a:52:27:83:36:
63:d0:4d:b1:79:b9:ee:c7:97:d0:98:e1:dd:6d:66:
a1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:58:31:D9:9F:F7:CB:74:F1:68:5C:27:4C:AE:1B:73:90:F1:C1:83
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20FBAAAA329711F09DF357E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
67:19:c6:74:b3:78:f3:1a:95:ca:52:48:d5:f8:35:b2:4b:ad:
26:e5:3f:bd:59:08:ed:2a:af:c0:98:39:eb:a8:d8:b6:90:b1:
a2:66:9d:f3:31:68:97:62:a8:f9:ed:21:7d:e4:4f:b8:21:f8:
c8:87:79:3a:0d:50:f7:ce:5f:2a:ea:f3:df:2c:d5:4c:9c:6f:
b0:05:bf:31:e6:87:8e:ad:cf:4b:c9:22:84:b0:52:c7:7e:77:
c0:e0:40:8a:4c:27:6b:bd:6a:e1:e7:86:dd:c5:16:eb:92:43:
52:69:cb:28:d4:e0:e2:7c:bc:24:80:5f:dd:3a:bf:51:9e:3f:
3e:a6:c0:3c:a2:dd:53:b4:d3:73:8e:65:e0:6d:75:5f:58:86:
a9:12:04:ab:e9:13:fa:02:f8:cb:69:14:c2:d4:9f:78:0e:89:
9a:42:56:0d:ba:d1:7e:a4:a1:25:27:d4:37:54:3a:71:22:a1:
cc:d8:ba:d8:c3:8f:76:7a:fc:fa:32:02:e8:b0:01:91:17:06:
37:3b:94:87:0f:94:44:00:f4:84:1e:50:1f:61:ba:26:c7:67:
7d:52:e3:0b:0c:f9:0e:16:54:79:a9:d7:e4:e5:ce:72:ad:c9:
a5:86:e5:a9:64:14:20:13:e3:3f:b4:65:98:01:20:71:85:ca:
76:42:76:ce
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVU/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE2MjA0ODI3WhcNMjUwNzA1MjA0ODI3WjAYMRYw
FAYDVQQDEw02ODI3YTRhMS1mNjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAujuaeM74JW0945QrS3pq8YUBpJfqjE8s9BnqNZu7AElzZHVcV+Dxq9WZ
OjV5N90XYgHMvUf95QemwTbntReexMe7FUrHTD8YQafMJKjdzrIF4IYaA1uRs8+A
GmSgjCcdDRXjoWViHcflVW8Q/hf7A+6m0ATH0xV3GmIPqX4Yn4Ydv7Npw8trv+JY
FUESzBmtcNCRS9jCHtVohCefm84B//qGbfaSPAXWRzf4ZFcNXyrfpG9lGn6oOHjw
TMQ3macgM44RnE8FIsygQCHjPB6W+4K5ZqNlckR4DEzhhydikJO81RLXpZe+DGuC
SlIngzZj0E2xebnux5fQmOHdbWah0wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMdY
Mdmf98t08WhcJ0yuG3OQ8cGDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEZCQUFBQTMyOTcxMUYwOURGMzU3RTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc/JADBASc/KAwDQYJKoZI
hvcNAQELBQADggEBAGcZxnSzePMalcpSSNX4NbJLrSblP71ZCO0qr8CYOeuo2LaQ
saJmnfMxaJdiqPntIX3kT7gh+MiHeToNUPfOXyrq898s1Uycb7AFvzHmh46tz0vJ
IoSwUsd+d8DgQIpMJ2u9auHnht3FFuuSQ1JpyyjU4OJ8vCSAX906v1GePz6mwDyi
3VO003OOZeBtdV9YhqkSBKvpE/oC+MtpFMLUn3gOiZpCVg260X6koSUn1DdUOnEi
oczYutjDj3Z6/PoyAuiwAZEXBjc7lIcPlEQA9IQeUB9huibHZ31S4wsM+Q4WVHmp
1+TlznKtyaWG5alkFCAT4z+0ZZgBIHGFynZCds4=
-----END CERTIFICATE-----
Generated at Thu Jun 5 02:01:08 2025 by rpki-client