Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FC21E1E3A1E11F092D7EDBDDAE4EC9C.roa
File: 2FC21E1E3A1E11F092D7EDBDDAE4EC9C.roa (raw, json)
Hash identifier: HMYIv7g7kn+lU4FS9wK076fcieClkoeoVTydHDTc9Sk=
Subject key identifier: DD:74:2B:43:81:ED:E2:8E:1A:0F:05:BE:37:44:E0:B6:CE:24:DA:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01579A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FC21E1E3A1E11F092D7EDBDDAE4EC9C.roa
Signing time: Mon 26 May 2025 10:42:58 +0000
ROA not before: Mon 26 May 2025 10:42:52 +0000
ROA not after: Mon 09 Jun 2025 10:42:52 +0000
asID: 984
IP address blocks: 156.245.192.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87962 (0x1579a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 26 10:42:52 2025 GMT
Not After : Jun 9 10:42:52 2025 GMT
Subject: CN=683445b2-1f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9f:37:16:1b:89:9b:e1:65:eb:aa:67:9b:4e:
69:91:59:f1:bb:6f:e4:94:6c:52:92:6d:7b:df:a9:
fb:92:7a:c7:b9:69:36:79:dc:05:5f:f2:7c:d6:81:
d5:6c:df:ce:87:ac:b5:c5:a9:4b:55:59:24:d7:7e:
6f:6a:57:2e:9a:14:ee:af:87:49:0e:34:94:ef:61:
71:79:a8:5c:28:23:c3:db:20:fc:b2:75:9c:5a:ef:
c4:a5:34:ae:b4:19:a1:05:34:68:b9:7b:ee:6d:a4:
d4:dc:11:3d:88:60:7c:98:8d:2c:23:aa:b6:c1:94:
50:3a:21:30:6a:4e:72:3d:a5:52:60:a1:22:ab:e9:
83:ee:12:f5:7b:f4:79:fd:08:16:bf:91:8c:4e:ad:
64:89:14:9b:51:a6:7e:a5:fb:11:cb:18:36:3b:fa:
b4:02:34:89:28:e3:bd:57:a9:0d:c9:79:ac:26:47:
08:80:7e:68:ea:6d:bd:45:dc:32:c1:ba:6f:05:92:
19:a1:d9:26:fd:57:06:f9:96:be:d0:0f:85:fd:81:
0c:7d:e5:4a:ec:a7:10:26:26:f4:cd:01:2f:49:18:
2a:17:f5:81:62:b1:1b:e0:05:42:2e:ba:fa:7c:00:
d5:c1:5f:e0:47:50:34:ad:77:57:11:a4:da:e1:01:
65:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:74:2B:43:81:ED:E2:8E:1A:0F:05:BE:37:44:E0:B6:CE:24:DA:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2FC21E1E3A1E11F092D7EDBDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.192.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:db:b7:13:21:4a:3b:90:66:7e:da:f0:af:f9:ea:03:b4:94:
e6:e3:93:3e:49:05:3f:bf:72:bd:c6:09:8e:90:53:e8:18:de:
55:e8:ce:dc:e1:db:e2:0a:62:80:88:3d:a0:70:a5:fe:f5:5b:
fa:90:cb:47:85:09:a6:51:30:bf:b1:4c:f8:fb:00:8c:b4:83:
a8:5d:1a:2c:83:60:f5:34:23:c0:2d:d4:a6:a7:17:9f:e1:20:
13:61:1d:59:c2:53:c6:74:4f:2f:29:c3:b1:7e:26:71:c4:f0:
ca:d5:2b:00:01:2d:e6:4d:1b:a3:bd:15:89:f5:57:67:2e:2a:
53:31:e3:18:8b:83:9d:08:bc:d0:e5:b0:67:a1:18:38:5e:00:
4d:9d:de:c6:36:6b:16:39:ff:2d:2d:b5:bf:9f:57:48:9f:0e:
d8:c7:66:d7:c6:cd:22:ca:b1:66:ec:6d:4f:e8:ce:7f:ef:52:
6f:e6:42:a3:28:a2:0c:8c:af:71:51:fd:72:39:7e:7c:12:58:
2b:ae:4e:f2:b3:47:6d:7c:ee:12:47:b9:81:c3:bc:76:60:94:
9a:42:93:65:56:94:c3:52:12:9f:c5:3e:a4:51:80:cd:49:cb:
4c:ee:96:d6:db:44:d2:e0:6a:b9:85:15:83:10:cd:44:86:32:
65:7a:20:47
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVeaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI2MTA0MjUyWhcNMjUwNjA5MTA0MjUyWjAYMRYw
FAYDVQQDEw02ODM0NDViMi0xZjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqp83FhuJm+Fl66pnm05pkVnxu2/klGxSkm1736n7knrHuWk2edwFX/J8
1oHVbN/Oh6y1xalLVVkk135valcumhTur4dJDjSU72FxeahcKCPD2yD8snWcWu/E
pTSutBmhBTRouXvubaTU3BE9iGB8mI0sI6q2wZRQOiEwak5yPaVSYKEiq+mD7hL1
e/R5/QgWv5GMTq1kiRSbUaZ+pfsRyxg2O/q0AjSJKOO9V6kNyXmsJkcIgH5o6m29
RdwywbpvBZIZodkm/VcG+Za+0A+F/YEMfeVK7KcQJib0zQEvSRgqF/WBYrEb4AVC
Lrr6fADVwV/gR1A0rXdXEaTa4QFljQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN10
K0OB7eKOGg8FvjdE4LbOJNozMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRkMyMUUxRTNBMUUxMUYwOTJEN0VEQkREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQA827cTIUo7kGZ+2vCv+eoDtJTm45M+SQU/v3K9xgmOkFPoGN5V6M7c4dvi
CmKAiD2gcKX+9Vv6kMtHhQmmUTC/sUz4+wCMtIOoXRosg2D1NCPALdSmpxef4SAT
YR1ZwlPGdE8vKcOxfiZxxPDK1SsAAS3mTRujvRWJ9VdnLipTMeMYi4OdCLzQ5bBn
oRg4XgBNnd7GNmsWOf8tLbW/n1dInw7Yx2bXxs0iyrFm7G1P6M5/71Jv5kKjKKIM
jK9xUf1yOX58Elgrrk7ys0dtfO4SR7mBw7x2YJSaQpNlVpTDUhKfxT6kUYDNSctM
7pbW20TS4Gq5hRWDEM1EhjJleiBH
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:28:50 2025 by rpki-client