Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22FBC8402F2B11F08F003889DAE4EC9C.roa
File: 22FBC8402F2B11F08F003889DAE4EC9C.roa (raw, json)
Hash identifier: +9r9eKNQMhJNkpIBebwrilmEfBRpVGR5YtE4FfdTVG0=
Subject key identifier: 46:93:F9:9E:6B:24:6D:9A:1B:3E:76:A2:0D:34:41:1A:C9:FB:64:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01535B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22FBC8402F2B11F08F003889DAE4EC9C.roa
Signing time: Mon 12 May 2025 12:17:57 +0000
ROA not before: Mon 12 May 2025 12:17:52 +0000
ROA not after: Sat 14 Jun 2025 12:17:52 +0000
asID: 152700
IP address blocks: 156.228.126.0/24 maxlen: 24
156.228.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86875 (0x1535b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 12:17:52 2025 GMT
Not After : Jun 14 12:17:52 2025 GMT
Subject: CN=6821e6f5-5caa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:39:c6:90:9f:cb:0b:e1:99:b8:d3:ba:02:72:
a9:a1:c4:94:41:0b:9d:b3:37:bf:59:bc:bc:d1:2c:
b7:99:93:53:96:0d:ff:b5:ff:c2:b9:6b:79:30:21:
f6:b7:32:3c:cf:dc:f8:16:ac:15:60:e7:cf:38:21:
aa:86:22:c8:3b:a7:85:eb:77:4f:13:9a:5f:dc:f2:
da:41:39:18:9e:d2:81:07:2f:3f:57:57:62:f4:14:
77:95:70:de:7e:0a:4a:8d:5e:93:82:bd:0b:1a:f3:
5b:3c:0f:2c:ad:09:c1:97:6b:6e:7c:ed:9a:ec:a6:
3e:b4:bb:54:66:dd:d3:6c:30:b6:fe:39:2d:84:16:
9a:37:2e:b6:26:fe:e8:ca:b8:93:14:2e:58:9e:da:
89:38:15:64:69:d4:fd:b4:41:f2:07:55:26:cd:31:
ae:da:0d:a5:4c:3a:83:3b:d0:b5:df:dc:d8:d2:e7:
95:ec:93:b7:3c:91:32:b5:2d:82:78:5d:03:83:b8:
93:c5:46:52:f8:57:69:d4:7f:1f:e7:ba:6f:c5:8e:
f3:4d:15:6f:91:c2:e2:59:1b:29:1b:0f:52:0a:bc:
04:3e:8c:92:43:2f:1e:5b:41:b6:71:6b:ba:08:01:
09:a9:37:19:b0:97:4f:63:ea:11:4e:35:dc:dc:76:
d2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:93:F9:9E:6B:24:6D:9A:1B:3E:76:A2:0D:34:41:1A:C9:FB:64:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/22FBC8402F2B11F08F003889DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.126.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:2f:2e:bc:cd:df:de:58:55:80:c5:9c:3e:73:b4:8f:3c:b5:
bc:17:9e:f9:3d:97:0d:bf:97:40:ba:2e:75:46:c2:02:24:23:
3b:09:3c:41:44:e2:07:d1:f8:65:5d:b7:01:07:94:e1:e8:73:
a2:ad:7f:a0:26:09:69:56:7d:70:21:bd:f9:a7:96:4c:6c:d6:
81:18:f5:83:52:d9:a6:cf:f9:e4:d3:38:ec:b2:52:6a:1f:68:
57:16:83:62:af:18:ec:93:0d:53:54:0f:32:c9:96:82:12:b3:
12:ee:b3:58:e2:c3:6a:af:e2:69:ba:07:4a:c2:bb:15:13:56:
83:d0:f9:e8:a6:ed:a7:e5:94:aa:45:ba:fd:6b:a6:6a:2e:a3:
01:43:8f:81:c5:51:2f:01:96:99:dd:c9:0a:16:be:3b:39:73:
53:ad:5a:da:33:3a:7a:1c:76:4d:01:61:f9:ad:16:e8:78:b1:
d2:eb:f3:bd:ed:49:96:82:68:5a:87:15:d8:46:fd:5a:10:7c:
21:1f:4e:08:86:7b:d7:2c:c9:b9:1b:ee:94:29:f5:2b:3e:29:
ec:60:2f:05:f8:3e:7a:bf:f2:39:83:d5:09:7d:bd:e5:e4:1f:
5c:cc:78:55:ba:a8:6f:f5:ec:31:c7:fd:ba:f9:c4:bc:97:5b:
9c:ae:b3:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVNbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTIxNzUyWhcNMjUwNjE0MTIxNzUyWjAYMRYw
FAYDVQQDEw02ODIxZTZmNS01Y2FhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDnGkJ/LC+GZuNO6AnKpocSUQQudsze/Wby80Sy3mZNTlg3/tf/CuWt5
MCH2tzI8z9z4FqwVYOfPOCGqhiLIO6eF63dPE5pf3PLaQTkYntKBBy8/V1di9BR3
lXDefgpKjV6Tgr0LGvNbPA8srQnBl2tufO2a7KY+tLtUZt3TbDC2/jkthBaaNy62
Jv7oyriTFC5YntqJOBVkadT9tEHyB1UmzTGu2g2lTDqDO9C139zY0ueV7JO3PJEy
tS2CeF0Dg7iTxUZS+Fdp1H8f57pvxY7zTRVvkcLiWRspGw9SCrwEPoySQy8eW0G2
cWu6CAEJqTcZsJdPY+oRTjXc3HbScQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEaT
+Z5rJG2aGz52og00QRrJ+2TTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMkZCQzg0MDJGMkIxMUYwOEYwMDM4ODlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOR+MA0GCSqGSIb3DQEBCwUA
A4IBAQC0Ly68zd/eWFWAxZw+c7SPPLW8F575PZcNv5dAui51RsICJCM7CTxBROIH
0fhlXbcBB5Th6HOirX+gJglpVn1wIb35p5ZMbNaBGPWDUtmmz/nk0zjsslJqH2hX
FoNirxjskw1TVA8yyZaCErMS7rNY4sNqr+JpugdKwrsVE1aD0Pnopu2n5ZSqRbr9
a6ZqLqMBQ4+BxVEvAZaZ3ckKFr47OXNTrVraMzp6HHZNAWH5rRboeLHS6/O97UmW
gmhahxXYRv1aEHwhH04IhnvXLMm5G+6UKfUrPinsYC8F+D56v/I5g9UJfb3l5B9c
zHhVuqhv9ewxx/26+cS8l1ucrrOk
-----END CERTIFICATE-----
Generated at Thu Jun 5 01:54:26 2025 by rpki-client