Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E9BF098300611F0BA44BAC2DAE4EC9C.roa
File: 4E9BF098300611F0BA44BAC2DAE4EC9C.roa (raw, json)
Hash identifier: YqO2j2PYwqcGYTiAUpke1OJ7v9FE+fhrZEKTHCMnl+Y=
Subject key identifier: E9:9F:B9:63:0E:0B:D3:F4:14:28:58:F1:32:F9:5E:F4:B9:B4:1E:01
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015404
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E9BF098300611F0BA44BAC2DAE4EC9C.roa
Signing time: Tue 13 May 2025 14:26:50 +0000
ROA not before: Tue 13 May 2025 14:26:45 +0000
ROA not after: Fri 04 Jul 2025 14:26:45 +0000
asID: 18013
IP address blocks: 156.234.0.0/24 maxlen: 24
156.234.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87044 (0x15404)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 14:26:45 2025 GMT
Not After : Jul 4 14:26:45 2025 GMT
Subject: CN=682356aa-b68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1e:99:ac:80:eb:3b:ba:92:7b:26:a5:94:53:
dd:ae:bc:49:cd:06:1f:ad:1a:3a:85:ab:df:25:55:
27:41:58:fc:2e:03:fc:7a:21:6f:a1:55:07:3d:01:
0d:34:c9:c8:fd:e6:2d:21:e5:ac:d6:b9:91:0c:75:
98:a2:fa:2d:14:17:c4:05:61:23:2f:cf:f7:3b:9b:
79:9f:90:0d:a7:8a:fc:ee:24:17:c9:1c:e9:f0:20:
2d:02:29:9e:8f:90:85:91:49:bb:aa:ea:72:ec:46:
21:a6:db:8c:1c:54:4d:52:80:6b:78:81:be:1a:e5:
e5:b0:3d:9f:ba:94:28:19:84:d1:d9:70:e7:4e:fc:
3d:28:d2:21:e3:82:6e:60:2b:92:c5:6a:f5:ae:b4:
f6:3e:01:76:bd:c4:66:0c:d9:ca:71:23:4b:3d:66:
69:87:bd:c2:43:d0:ec:a9:3e:85:79:e4:12:9b:ab:
e6:7c:00:40:b1:8a:29:59:d5:d3:73:c4:49:bc:29:
4d:ff:36:aa:de:b0:c8:c4:3e:86:1f:a8:85:02:d6:
64:53:39:7c:17:f4:f4:69:7f:8d:2f:0e:f7:32:73:
f1:48:8c:87:a8:56:a4:f3:44:45:db:7b:65:14:2a:
c2:fe:90:29:64:d0:19:a4:f4:0d:13:26:87:1e:f5:
f3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:9F:B9:63:0E:0B:D3:F4:14:28:58:F1:32:F9:5E:F4:B9:B4:1E:01
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E9BF098300611F0BA44BAC2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
156.234.7.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:5a:e5:93:3c:ee:6a:04:62:af:f9:22:d7:02:3b:7a:4f:0e:
e5:3d:1e:18:0d:58:45:f9:f2:36:19:04:88:64:03:7f:b6:39:
90:88:6b:94:4d:cf:db:30:60:51:b1:99:6a:96:d0:f5:bb:3b:
a5:82:2e:d3:b3:cc:9f:2d:f7:d6:a1:e5:81:6d:00:b0:94:24:
63:15:8d:02:6b:62:e8:b0:eb:b7:26:9e:0b:a4:66:91:55:2d:
31:ad:f4:db:ff:85:d5:77:77:d5:9b:b5:6b:c5:f8:bf:76:56:
00:3d:32:3e:73:c6:bb:17:2f:8d:b6:c5:03:e3:12:71:36:e3:
0c:7b:c2:7d:22:2c:b3:60:ac:2e:6e:91:db:fc:6c:61:69:3b:
70:f3:f3:8c:1a:65:8c:f2:27:22:37:c7:6b:18:68:13:7a:23:
ca:f1:7e:e3:7b:aa:b2:bb:00:b1:97:d0:8e:91:b6:9b:f0:97:
d5:98:0e:73:ab:d8:f7:d2:7a:f3:96:e6:89:e3:4d:27:6c:43:
11:94:28:e1:19:7c:f2:2e:1e:c6:ae:1f:8b:47:b8:7b:75:d9:
53:07:9e:81:7e:87:30:a1:1d:7a:a0:7d:fc:43:a3:a3:17:34:
27:a9:78:43:7a:d4:ef:88:30:ff:a7:f3:a2:1d:22:03:f5:83:
fb:62:19:b8
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVQEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMTQyNjQ1WhcNMjUwNzA0MTQyNjQ1WjAYMRYw
FAYDVQQDEw02ODIzNTZhYS1iNjhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4h6ZrIDrO7qSeyallFPdrrxJzQYfrRo6havfJVUnQVj8LgP8eiFvoVUH
PQENNMnI/eYtIeWs1rmRDHWYovotFBfEBWEjL8/3O5t5n5ANp4r87iQXyRzp8CAt
Aimej5CFkUm7qupy7EYhptuMHFRNUoBreIG+GuXlsD2fupQoGYTR2XDnTvw9KNIh
44JuYCuSxWr1rrT2PgF2vcRmDNnKcSNLPWZph73CQ9DsqT6FeeQSm6vmfABAsYop
WdXTc8RJvClN/zaq3rDIxD6GH6iFAtZkUzl8F/T0aX+NLw73MnPxSIyHqFak80RF
23tlFCrC/pApZNAZpPQNEyaHHvXz3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOmf
uWMOC9P0FChY8TL5XvS5tB4BMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTlCRjA5ODMwMDYxMUYwQkE0NEJBQzJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOoAAwQAnOoHMA0GCSqGSIb3
DQEBCwUAA4IBAQC0WuWTPO5qBGKv+SLXAjt6Tw7lPR4YDVhF+fI2GQSIZAN/tjmQ
iGuUTc/bMGBRsZlqltD1uzulgi7Ts8yfLffWoeWBbQCwlCRjFY0Ca2LosOu3Jp4L
pGaRVS0xrfTb/4XVd3fVm7Vrxfi/dlYAPTI+c8a7Fy+NtsUD4xJxNuMMe8J9Iiyz
YKwubpHb/GxhaTtw8/OMGmWM8iciN8drGGgTeiPK8X7je6qyuwCxl9COkbab8JfV
mA5zq9j30nrzluaJ400nbEMRlCjhGXzyLh7Grh+LR7h7ddlTB56BfocwoR16oH38
Q6OjFzQnqXhDetTviDD/p/OiHSID9YP7Yhm4
-----END CERTIFICATE-----
Generated at Thu Jun 5 01:56:40 2025 by rpki-client