Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CFAFB9E3D6811F08B720E9FDAE4EC9C.roa
File: 3CFAFB9E3D6811F08B720E9FDAE4EC9C.roa (raw, json)
Hash identifier: kW+uQ0ySVYJLUk1dSXc+ct43dpQJ6cvwME/eINW52E4=
Subject key identifier: C0:50:19:EE:1F:74:E8:38:AB:02:F7:CC:84:A9:6B:3D:B9:DC:AC:80
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158F5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CFAFB9E3D6811F08B720E9FDAE4EC9C.roa
Signing time: Fri 30 May 2025 15:10:36 +0000
ROA not before: Fri 30 May 2025 15:10:31 +0000
ROA not after: Mon 09 Jun 2025 15:10:31 +0000
asID: 152849
IP address blocks: 156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88309 (0x158f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 30 15:10:31 2025 GMT
Not After : Jun 9 15:10:31 2025 GMT
Subject: CN=6839ca6c-8666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:84:7e:0a:51:25:e4:81:e9:95:a8:6a:33:95:
cd:a4:1b:9a:21:ee:d6:fe:80:7a:a1:08:6f:24:df:
ae:b8:48:6b:eb:25:c1:cb:c4:8e:06:b6:1a:02:70:
3e:c1:f0:f1:8f:14:0d:83:ed:17:2a:f7:f5:a8:3f:
40:67:22:30:03:d5:41:07:1b:1b:89:39:9b:d0:ff:
4a:7f:0d:0f:b0:ab:10:5a:c1:e7:bd:e8:ef:cb:63:
ed:19:1c:bb:6d:c0:77:5c:d2:7a:d4:c3:d4:91:62:
da:91:43:98:26:63:d6:71:1f:6a:df:2a:95:64:d6:
c4:ff:5d:76:6e:29:98:50:a8:d2:80:80:04:6d:ee:
ea:44:ea:0c:e3:46:c2:9e:97:69:2e:08:33:df:38:
24:db:38:28:2d:12:0e:39:f1:48:90:62:7a:da:63:
01:56:03:15:ea:fc:6d:d4:0f:5b:fa:40:ff:e3:4d:
a5:2a:88:8d:4d:d2:25:39:d4:17:a1:28:57:46:39:
31:53:d4:78:69:66:4d:26:79:e4:0c:ed:c1:91:9d:
0c:a4:d2:61:09:63:a8:8a:e9:1c:9c:1f:00:cf:3c:
78:a8:96:80:5c:e1:9b:da:84:17:59:43:51:c9:49:
be:ea:97:06:9b:10:5f:4e:12:a8:9d:29:ac:c4:19:
ef:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:50:19:EE:1F:74:E8:38:AB:02:F7:CC:84:A9:6B:3D:B9:DC:AC:80
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3CFAFB9E3D6811F08B720E9FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:30:76:b2:ad:a7:dc:22:2e:3a:53:10:7b:95:a8:46:3d:98:
57:41:61:20:26:61:fe:3e:00:cb:d0:ce:b7:86:0e:50:c0:7d:
10:51:88:d5:c8:3c:4e:64:36:76:f7:ec:87:4d:68:7a:1c:92:
7b:6a:f7:30:b1:d6:ee:12:0f:85:d8:bd:ee:ab:f3:1c:fa:4d:
6d:21:78:95:5b:e5:88:ac:14:da:66:63:91:68:37:9a:65:b3:
07:7d:49:ad:8f:42:9f:de:34:96:78:f5:c3:29:89:8a:77:bf:
b2:ef:72:b8:42:6b:9a:72:22:34:f0:eb:a6:30:c1:12:70:8c:
68:29:af:c3:b0:ac:36:0b:c4:3f:6c:4a:f2:a6:46:31:03:90:
17:80:6a:03:32:3c:f4:02:12:2f:c7:a3:03:fc:05:96:b0:18:
e5:a0:19:2c:b9:1e:13:65:2f:46:50:9a:2e:d0:55:cc:e5:eb:
31:e2:02:65:dc:03:4e:67:c1:8a:84:49:8b:38:0a:5d:80:2f:
b1:01:35:60:6f:86:b9:04:ce:8b:31:a6:88:25:4a:b4:2d:4e:
76:a7:52:fb:5b:c3:20:21:2f:50:9c:2a:44:40:78:99:c1:d1:
71:a2:db:e4:59:c3:97:28:e3:fc:69:df:cd:ef:b2:39:63:2d:
98:38:de:89
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVj1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMwMTUxMDMxWhcNMjUwNjA5MTUxMDMxWjAYMRYw
FAYDVQQDEw02ODM5Y2E2Yy04NjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzIR+ClEl5IHplahqM5XNpBuaIe7W/oB6oQhvJN+uuEhr6yXBy8SOBrYa
AnA+wfDxjxQNg+0XKvf1qD9AZyIwA9VBBxsbiTmb0P9Kfw0PsKsQWsHnvejvy2Pt
GRy7bcB3XNJ61MPUkWLakUOYJmPWcR9q3yqVZNbE/112bimYUKjSgIAEbe7qROoM
40bCnpdpLggz3zgk2zgoLRIOOfFIkGJ62mMBVgMV6vxt1A9b+kD/402lKoiNTdIl
OdQXoShXRjkxU9R4aWZNJnnkDO3BkZ0MpNJhCWOoiukcnB8Azzx4qJaAXOGb2oQX
WUNRyUm+6pcGmxBfThKonSmsxBnvlwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMBQ
Ge4fdOg4qwL3zISpaz253KyAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQ0ZBRkI5RTNENjgxMUYwOEI3MjBFOUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQBrMHayrafcIi46UxB7lahGPZhXQWEgJmH+PgDL0M63hg5QwH0QUYjVyDxO
ZDZ29+yHTWh6HJJ7avcwsdbuEg+F2L3uq/Mc+k1tIXiVW+WIrBTaZmORaDeaZbMH
fUmtj0Kf3jSWePXDKYmKd7+y73K4QmuaciI08OumMMEScIxoKa/DsKw2C8Q/bEry
pkYxA5AXgGoDMjz0AhIvx6MD/AWWsBjloBksuR4TZS9GUJou0FXM5esx4gJl3ANO
Z8GKhEmLOApdgC+xATVgb4a5BM6LMaaIJUq0LU52p1L7W8MgIS9QnCpEQHiZwdFx
otvkWcOXKOP8ad/N77I5Yy2YON6J
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:24:59 2025 by rpki-client