Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3712C7A02F4111F083C8769ADAE4EC9C.roa
File: 3712C7A02F4111F083C8769ADAE4EC9C.roa (raw, json)
Hash identifier: jiOzjVKEfzxPEImRVVw9CejKeOrjQRkksG6WxKe8bfE=
Subject key identifier: 3B:FA:4E:04:9A:98:AD:F7:E8:13:F4:DB:FF:AB:6F:66:78:80:14:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153A7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3712C7A02F4111F083C8769ADAE4EC9C.roa
Signing time: Mon 12 May 2025 14:56:00 +0000
ROA not before: Mon 12 May 2025 14:55:55 +0000
ROA not after: Thu 26 Jun 2025 14:55:55 +0000
asID: 140869
IP address blocks: 156.225.80.0/24 maxlen: 24
156.225.81.0/24 maxlen: 24
156.225.82.0/24 maxlen: 24
156.225.83.0/24 maxlen: 24
156.225.84.0/24 maxlen: 24
156.225.85.0/24 maxlen: 24
156.225.86.0/24 maxlen: 24
156.225.87.0/24 maxlen: 24
156.225.88.0/24 maxlen: 24
156.225.89.0/24 maxlen: 24
156.225.90.0/24 maxlen: 24
156.225.91.0/24 maxlen: 24
156.225.92.0/24 maxlen: 24
156.225.93.0/24 maxlen: 24
156.225.94.0/24 maxlen: 24
156.225.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86951 (0x153a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 14:55:55 2025 GMT
Not After : Jun 26 14:55:55 2025 GMT
Subject: CN=68220bff-2661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:15:e9:09:f6:7d:a1:34:fe:51:02:f9:8b:
7b:a0:56:40:8a:58:9b:b7:72:c0:1b:b1:4e:7d:17:
24:9d:c9:88:49:cf:f9:df:fd:28:1a:f9:d1:6c:07:
1a:35:93:85:db:fc:43:4b:86:5d:d8:85:8c:32:07:
b8:ed:f2:50:7b:c3:42:84:ce:40:23:d9:ee:0a:32:
36:35:0c:79:4f:f8:32:f9:ae:af:a2:15:b3:c5:2b:
c7:34:87:25:d6:c9:1b:f4:e6:8a:d8:44:1e:43:b1:
f0:dd:fe:df:62:33:59:60:70:33:ba:29:8a:da:09:
68:ef:d9:58:92:be:c4:7d:11:27:1d:e2:e1:c2:11:
a9:33:27:5b:a4:44:cb:83:4d:6a:cd:80:e2:cd:d1:
b1:94:75:78:68:8b:db:8b:5c:7a:f5:ff:96:da:a2:
9d:62:b6:fd:6d:7f:1d:1e:9d:75:9b:88:0e:b3:33:
73:72:f5:e4:cf:38:c4:04:d9:33:8e:3f:75:f1:6c:
78:f9:fc:ad:76:c2:93:48:b1:aa:f0:9d:31:a4:05:
4d:62:04:87:7e:ea:84:c6:1a:15:a8:80:ac:b0:f2:
2c:90:4a:b4:4a:12:a9:24:06:74:8d:9a:ef:e8:ff:
4d:f0:47:22:a4:c8:13:24:75:67:d2:90:98:86:e8:
1f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:4E:04:9A:98:AD:F7:E8:13:F4:DB:FF:AB:6F:66:78:80:14:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3712C7A02F4111F083C8769ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.80.0/20
Signature Algorithm: sha256WithRSAEncryption
27:7f:79:44:a5:63:d4:93:af:04:53:f3:3c:46:51:b9:d6:11:
ed:1e:26:c0:43:9d:1f:2e:24:89:57:a9:14:60:c0:3b:29:5c:
b2:be:e6:78:0a:e7:84:92:42:68:a8:1a:61:3a:40:d6:83:be:
a4:b3:a4:e9:5f:1e:94:e7:7d:48:6b:30:15:0f:b7:a6:7d:1a:
23:a4:38:54:df:7c:a1:d4:7a:d4:cc:27:4b:b6:6a:66:02:43:
3e:10:30:fc:b0:d8:f9:2d:98:8b:fb:88:2c:48:2a:05:1b:42:
c3:24:8e:92:83:91:c2:d6:e1:04:e7:aa:f4:d6:34:e4:e5:ec:
1c:0b:ef:0b:95:ed:3b:df:fe:2b:d8:34:25:e3:f7:43:b7:d6:
7e:9d:77:4e:64:09:b2:80:6a:4c:2d:1b:28:93:35:0e:f1:a6:
f3:07:a3:3a:73:a1:64:a4:07:fd:cc:a6:ad:41:65:9d:ce:a0:
71:d0:16:8c:7d:8c:7a:2d:53:52:a5:91:de:97:12:79:d4:3d:
c2:9f:39:a7:e0:8d:0a:74:82:1b:42:7f:41:f4:19:f9:eb:2b:
d0:07:a4:af:d6:44:ac:61:18:a6:55:95:da:89:0e:84:74:c7:
03:23:ea:6b:9d:f6:be:d5:92:08:44:39:e2:03:39:0e:81:59:
a6:4d:42:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVOnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTQ1NTU1WhcNMjUwNjI2MTQ1NTU1WjAYMRYw
FAYDVQQDEw02ODIyMGJmZi0yNjYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAthIV6Qn2faE0/lEC+Yt7oFZAilibt3LAG7FOfRckncmISc/53/0oGvnR
bAcaNZOF2/xDS4Zd2IWMMge47fJQe8NChM5AI9nuCjI2NQx5T/gy+a6vohWzxSvH
NIcl1skb9OaK2EQeQ7Hw3f7fYjNZYHAzuimK2glo79lYkr7EfREnHeLhwhGpMydb
pETLg01qzYDizdGxlHV4aIvbi1x69f+W2qKdYrb9bX8dHp11m4gOszNzcvXkzzjE
BNkzjj918Wx4+fytdsKTSLGq8J0xpAVNYgSHfuqExhoVqICssPIskEq0ShKpJAZ0
jZrv6P9N8EcipMgTJHVn0pCYhugfIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDv6
TgSamK336BP02/+rb2Z4gBTRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNzEyQzdBMDJGNDExMUYwODNDODc2OUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOFQMA0GCSqGSIb3DQEBCwUA
A4IBAQAnf3lEpWPUk68EU/M8RlG51hHtHibAQ50fLiSJV6kUYMA7KVyyvuZ4CueE
kkJoqBphOkDWg76ks6TpXx6U531IazAVD7emfRojpDhU33yh1HrUzCdLtmpmAkM+
EDD8sNj5LZiL+4gsSCoFG0LDJI6Sg5HC1uEE56r01jTk5ewcC+8Lle073/4r2DQl
4/dDt9Z+nXdOZAmygGpMLRsokzUO8abzB6M6c6FkpAf9zKatQWWdzqBx0BaMfYx6
LVNSpZHelxJ51D3Cnzmn4I0KdIIbQn9B9Bn56yvQB6Sv1kSsYRimVZXaiQ6EdMcD
I+prnfa+1ZIIRDniAzkOgVmmTUIU
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:40:24 2025 by rpki-client