Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CE77AEC3BA611F0AB0E0AB4DAE4EC9C.roa
File: 3CE77AEC3BA611F0AB0E0AB4DAE4EC9C.roa (raw, json)
Hash identifier: Ac9L3YU5INbyDUMkDNQcZg+FuDTwUSNJ6njgQD6XT6g=
Subject key identifier: F0:F4:48:5B:D2:FA:8E:43:A7:6C:98:8A:F5:6A:23:B0:26:31:AC:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015829
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CE77AEC3BA611F0AB0E0AB4DAE4EC9C.roa
Signing time: Wed 28 May 2025 09:29:23 +0000
ROA not before: Wed 28 May 2025 09:29:18 +0000
ROA not after: Wed 02 Jul 2025 09:29:18 +0000
asID: 5650
IP address blocks: 156.225.56.0/21 maxlen: 24
156.225.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88105 (0x15829)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 09:29:18 2025 GMT
Not After : Jul 2 09:29:18 2025 GMT
Subject: CN=6836d772-009e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:20:bb:3e:c4:bb:63:8a:a6:35:da:26:35:
34:f1:1e:38:c4:fd:4e:8d:f2:c0:ee:31:99:45:02:
40:32:7f:28:0f:77:79:28:70:34:f8:8a:dc:c7:4b:
4c:5e:be:f7:66:39:9e:6d:86:4f:37:40:d0:3f:f2:
fa:0b:b6:02:79:82:dc:f1:99:7e:93:0b:b2:3e:ba:
e5:3b:34:65:82:e3:64:3a:a8:7e:5a:66:da:b3:6a:
f3:2a:44:bb:f5:ec:04:46:11:b2:d6:03:e2:27:5c:
06:2e:5e:4d:6f:e1:75:da:de:de:bd:97:58:04:36:
51:19:37:8b:87:b4:7d:c2:03:5c:9b:ff:d0:6a:7a:
4a:95:43:5b:24:18:d2:07:1e:ac:24:ab:74:c2:f2:
68:de:1b:ec:cd:cd:c5:f9:01:94:4d:4d:c5:78:98:
7d:07:89:e4:6a:f5:ad:05:a6:bb:71:c6:a7:1c:cb:
58:39:a2:63:fc:aa:7a:69:43:5d:0d:e0:9c:3a:84:
bf:dd:ed:4a:a4:dd:04:e1:b1:49:45:1f:47:6b:d9:
77:30:da:e0:2a:96:04:41:ae:41:31:a3:e7:dd:9a:
14:53:d4:4b:5a:cf:bd:9b:a7:90:f8:65:cc:da:eb:
90:c8:a3:e6:a0:15:0e:76:25:71:75:d1:11:6b:78:
4b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F4:48:5B:D2:FA:8E:43:A7:6C:98:8A:F5:6A:23:B0:26:31:AC:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CE77AEC3BA611F0AB0E0AB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.56.0/21
156.225.184.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:15:60:d4:6e:d9:f1:dc:6c:51:27:18:67:4f:4e:45:dd:3e:
31:c7:c7:9a:c8:ed:e8:18:60:0c:ad:77:32:2a:ae:43:9c:b8:
62:f3:03:7b:28:99:18:3a:e0:18:e1:d7:f8:fa:07:c7:4d:92:
93:54:d8:b9:5d:91:a2:69:b6:b7:f1:e8:1e:31:72:45:0b:dd:
ec:68:c8:1e:b0:e7:0c:f5:30:eb:48:14:ae:38:fe:38:25:6b:
62:8c:73:91:f5:67:e8:3c:aa:79:71:b2:d3:89:9d:75:a3:75:
81:1b:c2:4c:89:3b:5a:4f:4b:6b:8c:d8:40:cb:45:a7:41:d7:
89:64:d0:94:16:7d:0d:f3:69:25:8d:a1:eb:c9:e7:8b:a7:1b:
ea:80:19:0c:85:40:43:c7:01:d6:c0:57:c7:16:3e:ae:c9:1d:
6f:f9:6f:3d:ba:e1:6a:af:14:ec:d2:17:50:9f:7a:d6:1e:5d:
b1:73:f7:36:bc:61:ad:e2:f9:75:a8:fa:53:f4:69:cd:7b:db:
76:67:04:39:f1:90:36:95:48:3b:95:75:82:1d:7c:17:b5:5c:
b2:4e:1b:8a:89:04:a6:9a:79:09:03:05:f2:ee:5d:c3:31:65:
7c:de:96:39:4b:7b:57:75:cc:81:1e:48:95:27:2b:6f:6a:65:
9e:ac:ea:74
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVgpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MDkyOTE4WhcNMjUwNzAyMDkyOTE4WjAYMRYw
FAYDVQQDEw02ODM2ZDc3Mi0wMDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvMoguz7Eu2OKpjXaJjU08R44xP1OjfLA7jGZRQJAMn8oD3d5KHA0+Irc
x0tMXr73ZjmebYZPN0DQP/L6C7YCeYLc8Zl+kwuyPrrlOzRlguNkOqh+Wmbas2rz
KkS79ewERhGy1gPiJ1wGLl5Nb+F12t7evZdYBDZRGTeLh7R9wgNcm//QanpKlUNb
JBjSBx6sJKt0wvJo3hvszc3F+QGUTU3FeJh9B4nkavWtBaa7ccanHMtYOaJj/Kp6
aUNdDeCcOoS/3e1KpN0E4bFJRR9Ha9l3MNrgKpYEQa5BMaPn3ZoUU9RLWs+9m6eQ
+GXM2uuQyKPmoBUOdiVxddERa3hL5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPD0
SFvS+o5Dp2yYivVqI7AmMawMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQ0U3N0FFQzNCQTYxMUYwQUIwRTBBQjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnOE4AwQDnOG4MA0GCSqGSIb3
DQEBCwUAA4IBAQBfFWDUbtnx3GxRJxhnT05F3T4xx8eayO3oGGAMrXcyKq5DnLhi
8wN7KJkYOuAY4df4+gfHTZKTVNi5XZGiaba38egeMXJFC93saMgesOcM9TDrSBSu
OP44JWtijHOR9WfoPKp5cbLTiZ11o3WBG8JMiTtaT0trjNhAy0WnQdeJZNCUFn0N
82kljaHryeeLpxvqgBkMhUBDxwHWwFfHFj6uyR1v+W89uuFqrxTs0hdQn3rWHl2x
c/c2vGGt4vl1qPpT9GnNe9t2ZwQ58ZA2lUg7lXWCHXwXtVyyThuKiQSmmnkJAwXy
7l3DMWV83pY5S3tXdcyBHkiVJytvamWerOp0
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:41:26 2025 by rpki-client