Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46A9488E3BA211F0A14CE59BDAE4EC9C.roa
File: 46A9488E3BA211F0A14CE59BDAE4EC9C.roa (raw, json)
Hash identifier: KyyTKZc3AGzcarwvG9JEcdoJeD2InTkqYQ7iUp4GlgM=
Subject key identifier: 33:C0:E5:AA:A1:6B:F8:5C:C2:D3:50:E7:D3:45:0E:42:47:D0:BA:6B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01581F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46A9488E3BA211F0A14CE59BDAE4EC9C.roa
Signing time: Wed 28 May 2025 09:01:01 +0000
ROA not before: Wed 28 May 2025 09:00:56 +0000
ROA not after: Sat 27 Jun 2026 09:00:56 +0000
asID: 984
IP address blocks: 156.233.109.0/24 maxlen: 24
156.249.172.0/24 maxlen: 24
156.249.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88095 (0x1581f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 09:00:56 2025 GMT
Not After : Jun 27 09:00:56 2026 GMT
Subject: CN=6836d0cd-5f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:af:95:14:d0:db:f3:d0:28:94:e1:71:1b:
15:49:6f:aa:51:c0:a1:49:4a:60:67:be:c0:d3:0a:
04:fd:e9:50:81:fd:42:84:12:75:8a:f4:ce:29:22:
1a:db:66:7f:09:de:0e:2a:c0:2e:57:be:69:8a:d8:
2b:a4:31:bb:55:21:11:a5:ca:bc:58:c7:ee:13:ba:
7a:4b:52:ef:c5:02:57:83:09:bd:6d:65:e1:e1:e2:
47:e7:c0:bb:b8:69:87:88:4f:ab:99:27:da:79:08:
00:23:ba:ca:2b:b3:e2:2f:60:8b:f4:00:fc:c3:8a:
ee:08:c8:05:21:4e:e2:e2:54:53:b3:ca:3b:b4:eb:
54:cb:88:62:5b:c2:03:8a:fe:85:59:c6:34:f3:bc:
4e:0b:0d:76:0c:8e:e2:f6:ad:7b:a2:d4:40:13:27:
83:4b:f3:51:2d:c1:25:0c:ee:27:1b:10:66:35:64:
39:57:29:71:4b:98:50:48:b2:66:51:cf:5b:7c:ce:
da:25:83:c1:f0:5b:eb:6a:c0:26:48:33:40:37:98:
d0:c7:f5:78:e8:04:d6:87:5c:ec:05:51:39:08:94:
12:53:de:5e:4d:4e:f7:15:8a:c6:16:fe:22:56:86:
cf:ec:75:1d:2c:a9:32:75:61:0d:21:30:a6:0c:90:
8f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C0:E5:AA:A1:6B:F8:5C:C2:D3:50:E7:D3:45:0E:42:47:D0:BA:6B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/46A9488E3BA211F0A14CE59BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.109.0/24
156.249.172.0/23
Signature Algorithm: sha256WithRSAEncryption
97:c8:6f:b8:c2:68:a1:3c:69:44:4b:71:86:2d:5b:9b:87:30:
b4:a5:0d:a8:d4:7b:76:c4:6c:7c:36:78:76:0a:09:12:8b:ae:
ba:3e:a3:22:b0:f7:8b:52:74:e7:50:e5:83:c5:66:c1:3a:11:
27:b9:a5:6c:63:97:6c:db:3e:2b:5a:bf:fc:1c:08:d7:01:b3:
a6:a2:5f:84:ca:af:e5:bc:ce:8c:32:24:9d:c4:4f:28:cc:de:
d9:57:4a:b5:ba:13:05:89:45:e5:f5:06:d6:ba:17:11:72:52:
d7:47:37:b9:d0:2b:d9:bf:e0:50:ac:69:f8:26:7c:6f:50:41:
5d:41:a5:3a:69:6c:9c:0b:a7:04:6c:de:4c:f7:de:ed:a1:7b:
ba:10:b7:b1:c0:2f:14:94:20:60:bd:db:d1:f2:c3:44:13:3c:
e4:29:9d:91:d4:4b:99:5c:36:4a:bf:d6:be:81:3f:bc:59:36:
7e:30:31:c8:e2:95:af:56:e5:78:8b:0b:6a:c6:2d:49:57:ae:
ac:e0:f1:a9:89:26:20:a7:1d:6e:04:08:28:85:d5:42:e7:63:
b8:f7:6b:27:4d:ba:ea:5c:42:f1:3a:2e:f0:5f:77:6c:fe:dc:
e1:24:39:b0:3d:27:ce:92:53:96:0a:bc:09:02:1f:f4:7c:25:
23:cd:f3:65
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVgfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MDkwMDU2WhcNMjYwNjI3MDkwMDU2WjAYMRYw
FAYDVQQDEw02ODM2ZDBjZC01ZjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv72vlRTQ2/PQKJThcRsVSW+qUcChSUpgZ77A0woE/elQgf1ChBJ1ivTO
KSIa22Z/Cd4OKsAuV75pitgrpDG7VSERpcq8WMfuE7p6S1LvxQJXgwm9bWXh4eJH
58C7uGmHiE+rmSfaeQgAI7rKK7PiL2CL9AD8w4ruCMgFIU7i4lRTs8o7tOtUy4hi
W8IDiv6FWcY087xOCw12DI7i9q17otRAEyeDS/NRLcElDO4nGxBmNWQ5VylxS5hQ
SLJmUc9bfM7aJYPB8FvrasAmSDNAN5jQx/V46ATWh1zsBVE5CJQSU95eTU73FYrG
Fv4iVobP7HUdLKkydWENITCmDJCPwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDPA
5aqha/hcwtNQ59NFDkJH0LprMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NkE5NDg4RTNCQTIxMUYwQTE0Q0U1OUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOltAwQBnPmsMA0GCSqGSIb3
DQEBCwUAA4IBAQCXyG+4wmihPGlES3GGLVubhzC0pQ2o1Ht2xGx8Nnh2CgkSi666
PqMisPeLUnTnUOWDxWbBOhEnuaVsY5ds2z4rWr/8HAjXAbOmol+Eyq/lvM6MMiSd
xE8ozN7ZV0q1uhMFiUXl9QbWuhcRclLXRze50CvZv+BQrGn4JnxvUEFdQaU6aWyc
C6cEbN5M997toXu6ELexwC8UlCBgvdvR8sNEEzzkKZ2R1EuZXDZKv9a+gT+8WTZ+
MDHI4pWvVuV4iwtqxi1JV66s4PGpiSYgpx1uBAgohdVC52O492snTbrqXELxOi7w
X3ds/tzhJDmwPSfOklOWCrwJAh/0fCUjzfNl
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:52:03 2025 by rpki-client