Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C01A0783BB811F09DF6C9A8DAE4EC9C.roa
File: 3C01A0783BB811F09DF6C9A8DAE4EC9C.roa (raw, json)
Hash identifier: D5QlbFCOTgnok0zpglZoySP3yaghkbwGjRwlf5NVFdM=
Subject key identifier: C6:C7:83:1B:2D:B6:99:DD:AB:88:61:AD:20:44:5D:BF:97:94:84:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015857
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C01A0783BB811F09DF6C9A8DAE4EC9C.roa
Signing time: Wed 28 May 2025 11:38:12 +0000
ROA not before: Wed 28 May 2025 11:38:07 +0000
ROA not after: Wed 02 Jul 2025 11:38:07 +0000
asID: 395793
IP address blocks: 156.228.16.0/23 maxlen: 24
156.228.48.0/21 maxlen: 24
156.243.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88151 (0x15857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 11:38:07 2025 GMT
Not After : Jul 2 11:38:07 2025 GMT
Subject: CN=6836f5a4-69a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6a:4a:1e:c7:8f:cd:d9:a7:f4:c7:65:a3:d4:
e1:2d:d1:86:2b:eb:08:43:ba:fa:4a:63:1b:ee:66:
37:c1:81:7f:81:c3:a7:40:b9:e4:ae:3e:24:76:c4:
90:b5:e6:83:51:75:01:ff:db:71:ab:a6:09:bd:c2:
41:6c:5e:d4:fb:ff:1c:d7:8a:c5:01:d1:2f:fb:dd:
30:e0:c7:fd:51:7d:a7:35:13:d9:5f:60:5d:99:a3:
7d:5c:6d:2e:86:75:2d:da:1c:d3:4b:56:c8:f5:f5:
a1:2c:0e:f5:34:aa:dc:7a:3b:9b:b5:e7:17:e2:fc:
79:07:52:55:f7:fd:d1:a2:f2:62:21:5d:9a:4b:2e:
33:91:9d:20:bc:e9:41:ac:da:0c:97:41:9c:09:7f:
20:9f:79:f0:be:cb:31:69:4f:58:cf:62:79:ec:2f:
e7:bf:f2:37:90:d1:97:6c:9e:0f:3c:f0:70:fd:d9:
1f:64:07:a5:08:6d:0a:10:0b:25:47:70:17:34:4c:
c1:71:a1:9b:4d:d9:a5:68:24:bc:67:e4:7a:6e:38:
f7:ac:56:fd:14:88:8e:b6:1f:e2:93:86:15:e8:00:
a6:ca:67:22:22:0c:b8:11:b3:99:54:6c:f3:0c:51:
6b:c6:03:1f:f5:ce:14:23:c2:6d:3a:8f:28:3f:9a:
6c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C7:83:1B:2D:B6:99:DD:AB:88:61:AD:20:44:5D:BF:97:94:84:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3C01A0783BB811F09DF6C9A8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.16.0/23
156.228.48.0/21
156.243.241.0/24
Signature Algorithm: sha256WithRSAEncryption
94:84:72:54:a0:a4:ac:8a:23:24:3d:63:47:75:97:88:e9:2a:
78:55:fe:84:2c:24:49:54:53:dc:18:10:cd:d2:66:e4:88:a3:
64:92:57:7b:5f:fc:e0:e4:4d:c2:b0:67:eb:41:37:23:c7:29:
0a:8c:e5:e6:16:b3:50:e1:b4:36:84:ec:70:25:86:ba:84:64:
20:46:51:eb:9b:84:a4:29:88:2d:f4:ec:b6:d6:45:65:ff:81:
51:19:be:d2:5a:69:75:4c:15:72:2d:1c:90:4a:4f:74:ab:c8:
0e:f8:2d:33:fd:a0:b2:1f:5d:e8:87:14:53:e5:aa:9d:9f:f6:
1d:54:02:a0:2c:85:51:96:94:06:90:04:d9:64:04:e9:de:4f:
2f:ec:2d:68:9c:b5:fa:42:f2:f1:4f:a2:fb:6a:fb:f3:ef:07:
dc:8a:24:0f:fd:13:f6:21:7e:02:c5:2b:f3:05:fb:c8:ee:8c:
ed:33:c4:87:1f:5e:89:48:d5:33:72:5a:27:e5:19:90:05:05:
52:c1:cb:b8:38:48:30:ed:7b:4d:05:6f:89:9d:43:c3:d5:6b:
f7:ee:08:1c:57:bf:81:ec:9a:5c:03:3b:10:be:ef:69:03:a8:
b9:10:cd:ed:78:83:0e:cf:bb:17:ce:41:db:49:83:6b:bf:b7:
aa:8a:5f:a5
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVhXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTEzODA3WhcNMjUwNzAyMTEzODA3WjAYMRYw
FAYDVQQDEw02ODM2ZjVhNC02OWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs2pKHsePzdmn9Mdlo9ThLdGGK+sIQ7r6SmMb7mY3wYF/gcOnQLnkrj4k
dsSQteaDUXUB/9txq6YJvcJBbF7U+/8c14rFAdEv+90w4Mf9UX2nNRPZX2BdmaN9
XG0uhnUt2hzTS1bI9fWhLA71NKrcejubtecX4vx5B1JV9/3RovJiIV2aSy4zkZ0g
vOlBrNoMl0GcCX8gn3nwvssxaU9Yz2J57C/nv/I3kNGXbJ4PPPBw/dkfZAelCG0K
EAslR3AXNEzBcaGbTdmlaCS8Z+R6bjj3rFb9FIiOth/ik4YV6ACmymciIgy4EbOZ
VGzzDFFrxgMf9c4UI8JtOo8oP5psXQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFMbH
gxsttpndq4hhrSBEXb+XlITSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQzAxQTA3ODNCQjgxMUYwOURGNkM5QThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBnOQQAwQDnOQwAwQAnPPxMA0G
CSqGSIb3DQEBCwUAA4IBAQCUhHJUoKSsiiMkPWNHdZeI6Sp4Vf6ELCRJVFPcGBDN
0mbkiKNkkld7X/zg5E3CsGfrQTcjxykKjOXmFrNQ4bQ2hOxwJYa6hGQgRlHrm4Sk
KYgt9Oy21kVl/4FRGb7SWml1TBVyLRyQSk90q8gO+C0z/aCyH13ohxRT5aqdn/Yd
VAKgLIVRlpQGkATZZATp3k8v7C1onLX6QvLxT6L7avvz7wfciiQP/RP2IX4CxSvz
BfvI7oztM8SHH16JSNUzclon5RmQBQVSwcu4OEgw7XtNBW+JnUPD1Wv37ggcV7+B
7JpcAzsQvu9pA6i5EM3teIMOz7sXzkHbSYNrv7eqil+l
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:04 2025 by rpki-client