Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AD51C4E331E11F0A7B9AE78DAE4EC9C.roa
File: 4AD51C4E331E11F0A7B9AE78DAE4EC9C.roa (raw, json)
Hash identifier: /Es1jiwpS/9I24BbAD+Z2Ouv4v1HitabFKHchWfYio4=
Subject key identifier: 39:A6:42:78:EB:1A:47:C5:DA:9D:C1:52:5C:73:83:D7:3E:3F:21:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01556F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AD51C4E331E11F0A7B9AE78DAE4EC9C.roa
Signing time: Sat 17 May 2025 12:56:05 +0000
ROA not before: Sat 17 May 2025 12:56:00 +0000
ROA not after: Wed 25 Jun 2025 12:56:00 +0000
asID: 203020
IP address blocks: 156.243.159.0/24 maxlen: 24
156.243.160.0/20 maxlen: 24
156.243.176.0/21 maxlen: 24
156.243.184.0/22 maxlen: 24
156.243.188.0/23 maxlen: 24
156.243.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87407 (0x1556f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 17 12:56:00 2025 GMT
Not After : Jun 25 12:56:00 2025 GMT
Subject: CN=68288765-ba3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a2:b6:b4:c8:d2:d9:d2:ea:5b:41:37:46:76:
83:5d:72:66:fa:7f:bd:74:c1:a2:d5:57:ec:01:46:
c3:cd:57:7a:4b:c6:b8:e4:c2:05:22:e6:2f:b7:4f:
57:ac:b9:6a:61:57:f6:6f:ed:05:05:16:d1:a3:a0:
ff:e7:47:11:00:a6:44:9d:4c:f3:4d:bf:42:85:c2:
32:5d:a6:12:e0:8c:db:5c:bc:8d:a1:f7:1c:ba:b6:
85:d9:e6:58:27:c0:2d:e9:5b:2a:6c:04:bf:73:86:
ff:75:1b:10:32:b0:95:97:8a:fd:d0:95:65:df:c7:
1c:b6:f7:20:ce:9b:c6:ec:bc:52:39:d8:f0:a3:43:
cb:ad:73:b7:72:3a:84:8f:2f:68:17:f6:d6:f6:eb:
86:78:92:f4:56:5f:d9:84:12:a8:75:11:9d:c8:09:
2f:d2:43:ba:99:66:1b:8c:47:a6:1c:14:97:d3:e4:
9f:59:ce:1d:d7:ab:38:9c:ef:38:b1:d7:e0:a3:b8:
9e:f0:f0:28:f2:c1:b0:3f:80:82:30:9c:91:45:4e:
f9:a6:c7:b5:70:61:55:fe:ab:56:29:ab:89:06:34:
79:33:8d:b4:05:eb:9b:20:75:59:3e:d4:72:4b:ea:
80:fb:7f:ca:ea:a0:cf:2d:45:f0:f1:36:d6:18:02:
a7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A6:42:78:EB:1A:47:C5:DA:9D:C1:52:5C:73:83:D7:3E:3F:21:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AD51C4E331E11F0A7B9AE78DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.159.0-156.243.190.255
Signature Algorithm: sha256WithRSAEncryption
92:7a:7a:cc:6c:f2:96:69:94:02:77:3d:66:8a:97:72:fa:03:
94:4a:20:8a:94:34:b1:1f:19:90:9c:ea:06:2a:28:15:0a:c2:
26:41:43:2a:22:92:f3:d5:85:eb:6a:00:82:83:bf:9d:96:b5:
43:24:28:08:52:9d:18:7e:6a:b0:fd:53:39:a9:56:68:45:5a:
c9:00:d9:f4:60:6d:de:6b:3d:54:fc:2d:f2:47:44:4c:16:cb:
f3:2b:8f:08:c1:f9:bd:b2:92:61:1d:1e:0a:c9:c9:f9:90:6c:
e6:ce:6d:20:61:34:3b:88:31:b9:6c:7f:a4:c2:9b:85:06:75:
9e:25:ff:1c:49:34:56:ca:cf:17:ea:e0:52:a9:cd:b0:37:cb:
6d:d5:d9:e1:b7:d2:d1:e7:82:f3:df:aa:b2:41:d3:87:8d:25:
ae:b8:8c:81:0f:1e:75:ed:02:fa:1e:7d:0c:ea:73:1b:43:8b:
81:56:f5:00:f8:f7:76:e4:8b:df:ca:76:86:2c:72:ce:5a:74:
5a:ef:d6:5b:26:1e:fd:03:8a:1e:53:29:f5:95:98:3d:9f:24:
61:45:ce:e2:b4:56:d1:bc:a3:de:d1:e4:87:70:ac:ac:b5:7a:
01:5f:f1:c1:2e:5b:ad:4b:48:f5:e5:21:13:9c:6d:cf:66:cf:
a8:13:1a:44
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVVvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE3MTI1NjAwWhcNMjUwNjI1MTI1NjAwWjAYMRYw
FAYDVQQDEw02ODI4ODc2NS1iYTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsKK2tMjS2dLqW0E3RnaDXXJm+n+9dMGi1VfsAUbDzVd6S8a45MIFIuYv
t09XrLlqYVf2b+0FBRbRo6D/50cRAKZEnUzzTb9ChcIyXaYS4IzbXLyNofccuraF
2eZYJ8At6VsqbAS/c4b/dRsQMrCVl4r90JVl38cctvcgzpvG7LxSOdjwo0PLrXO3
cjqEjy9oF/bW9uuGeJL0Vl/ZhBKodRGdyAkv0kO6mWYbjEemHBSX0+SfWc4d16s4
nO84sdfgo7ie8PAo8sGwP4CCMJyRRU75pse1cGFV/qtWKauJBjR5M420BeubIHVZ
PtRyS+qA+3/K6qDPLUXw8TbWGAKnaQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDmm
QnjrGkfF2p3BUlxzg9c+PyF8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QUQ1MUM0RTMzMUUxMUYwQTdCOUFFNzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc858DBACc874wDQYJKoZI
hvcNAQELBQADggEBAJJ6esxs8pZplAJ3PWaKl3L6A5RKIIqUNLEfGZCc6gYqKBUK
wiZBQyoikvPVhetqAIKDv52WtUMkKAhSnRh+arD9UzmpVmhFWskA2fRgbd5rPVT8
LfJHREwWy/MrjwjB+b2ykmEdHgrJyfmQbObObSBhNDuIMblsf6TCm4UGdZ4l/xxJ
NFbKzxfq4FKpzbA3y23V2eG30tHngvPfqrJB04eNJa64jIEPHnXtAvoefQzqcxtD
i4FW9QD493bki9/KdoYscs5adFrv1lsmHv0Dih5TKfWVmD2fJGFFzuK0VtG8o97R
5IdwrKy1egFf8cEuW61LSPXlIROcbc9mz6gTGkQ=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:48:28 2025 by rpki-client