Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/421FE3B03F9711F08C0673D5DAE4EC9C.roa
File: 421FE3B03F9711F08C0673D5DAE4EC9C.roa (raw, json)
Hash identifier: NQG4z7TjzVyVEYzJHSyJY+B6lc8gek4PsZqDiguyCjE=
Subject key identifier: AB:9C:F4:03:45:EE:CE:E0:61:82:F0:91:F4:59:C7:19:2E:33:BD:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01596F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/421FE3B03F9711F08C0673D5DAE4EC9C.roa
Signing time: Mon 02 Jun 2025 09:52:13 +0000
ROA not before: Mon 02 Jun 2025 09:52:08 +0000
ROA not after: Sun 13 Jul 2025 09:52:08 +0000
asID: 18046
IP address blocks: 156.236.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 08 Jun 2025 00:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88431 (0x1596f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 2 09:52:08 2025 GMT
Not After : Jul 13 09:52:08 2025 GMT
Subject: CN=683d744d-17fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:af:76:2c:8a:31:ad:70:18:8a:de:54:84:
74:f1:e7:2e:e3:14:29:1e:78:fc:7f:14:74:d7:fb:
01:a2:c0:25:32:0b:9b:4b:1e:18:f8:83:1e:54:22:
b1:fe:8c:5f:cf:9d:a0:6a:31:e2:35:29:e9:81:53:
56:8b:64:2e:bf:78:1e:04:fb:ee:37:4c:61:3d:43:
65:a9:45:ad:c7:69:c0:b8:c4:25:04:62:8f:ac:71:
64:76:35:f6:ca:eb:9b:7c:e0:7d:c3:e6:88:9f:48:
84:f3:ea:fa:f1:72:4e:cc:8e:d5:8e:6f:b4:1b:58:
63:21:dc:11:9e:02:a8:38:a8:9b:d5:67:b2:b3:60:
ee:fe:8e:92:5f:10:35:a9:83:64:03:2c:ff:e1:21:
c0:33:04:d7:4c:73:6b:89:b8:c1:74:4f:e6:d0:ef:
ed:88:ae:2f:fb:53:43:4d:5a:10:46:79:ec:25:00:
23:45:ef:d3:21:77:8b:5e:e4:58:db:50:73:b9:69:
81:95:ac:d4:9a:d0:f2:7a:09:bc:06:42:1a:84:f5:
52:fc:15:a1:d8:ef:4c:f5:6f:b5:49:2c:3d:8b:dd:
4c:a2:ed:b9:ae:64:4e:51:c2:aa:07:0c:cb:4e:13:
cc:cd:de:cc:cd:59:87:f6:c7:5c:25:dc:f4:30:10:
d8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9C:F4:03:45:EE:CE:E0:61:82:F0:91:F4:59:C7:19:2E:33:BD:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/421FE3B03F9711F08C0673D5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.13.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:70:5b:d0:a9:c7:83:f5:ec:d4:5a:9f:20:64:7b:c3:42:53:
9c:f3:d9:e4:71:53:aa:97:ca:f8:30:08:da:36:73:12:97:07:
6c:ae:50:f5:76:50:46:39:87:72:37:65:4c:bb:e7:3f:a7:25:
97:47:6e:3f:a8:26:36:9f:8d:f3:4e:b0:56:49:e8:9f:4d:d9:
f6:3e:d4:ff:53:d5:ef:2d:4b:ca:5b:63:f2:0c:ae:5d:43:2b:
27:ff:14:8c:42:37:f7:4c:ae:07:f3:16:a4:b2:9b:92:87:bc:
65:72:5e:48:77:46:f6:57:37:5d:6a:73:69:08:1c:37:97:e1:
bd:6c:09:1e:d8:e3:0e:8e:b0:f8:bc:98:fe:f6:b2:73:25:97:
cf:f0:60:c9:82:f2:d0:37:9e:b8:a4:8b:46:34:4a:ed:aa:46:
bc:ff:cf:85:68:62:d3:5a:98:43:72:41:f9:50:e1:41:e5:ba:
b2:ca:24:b7:9e:6a:15:9f:28:7c:92:47:81:1f:91:89:e9:b7:
9e:52:df:39:b8:29:de:0d:39:e4:00:7f:86:83:f2:5d:d0:cd:
a9:fd:48:4a:4d:c3:a4:ba:c4:74:c7:e9:14:a4:14:b6:e7:c0:
b5:76:c2:97:89:8f:14:ff:3d:76:c5:84:86:70:73:2c:02:6b:
f1:da:d7:9a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVlvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjAyMDk1MjA4WhcNMjUwNzEzMDk1MjA4WjAYMRYw
FAYDVQQDEw02ODNkNzQ0ZC0xN2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp7ivdiyKMa1wGIreVIR08ecu4xQpHnj8fxR01/sBosAlMgubSx4Y+IMe
VCKx/oxfz52gajHiNSnpgVNWi2Quv3geBPvuN0xhPUNlqUWtx2nAuMQlBGKPrHFk
djX2yuubfOB9w+aIn0iE8+r68XJOzI7Vjm+0G1hjIdwRngKoOKib1Weys2Du/o6S
XxA1qYNkAyz/4SHAMwTXTHNribjBdE/m0O/tiK4v+1NDTVoQRnnsJQAjRe/TIXeL
XuRY21BzuWmBlazUmtDyegm8BkIahPVS/BWh2O9M9W+1SSw9i91Mou25rmROUcKq
BwzLThPMzd7MzVmH9sdcJdz0MBDYRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKuc
9ANF7s7gYYLwkfRZxxkuM70+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjFGRTNCMDNGOTcxMUYwOEMwNjczRDVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwNMA0GCSqGSIb3DQEBCwUA
A4IBAQAecFvQqceD9ezUWp8gZHvDQlOc89nkcVOql8r4MAjaNnMSlwdsrlD1dlBG
OYdyN2VMu+c/pyWXR24/qCY2n43zTrBWSeifTdn2PtT/U9XvLUvKW2PyDK5dQysn
/xSMQjf3TK4H8xakspuSh7xlcl5Id0b2VzddanNpCBw3l+G9bAke2OMOjrD4vJj+
9rJzJZfP8GDJgvLQN564pItGNErtqka8/8+FaGLTWphDckH5UOFB5bqyyiS3nmoV
nyh8kkeBH5GJ6beeUt85uCneDTnkAH+Gg/Jd0M2p/UhKTcOkusR0x+kUpBS258C1
dsKXiY8U/z12xYSGcHMsAmvx2tea
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:03:30 2025 by rpki-client