Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FE9DA142F3411F0B2E1DAC3DAE4EC9C.roa
File: 4FE9DA142F3411F0B2E1DAC3DAE4EC9C.roa (raw, json)
Hash identifier: +p+qR0vRniUKBKuUkmwNcw1G4nuk/xk8GDv56hALclw=
Subject key identifier: F0:63:1F:06:BA:44:D6:8C:3C:AB:3F:9E:8C:DF:70:E2:EC:94:6E:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015377
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FE9DA142F3411F0B2E1DAC3DAE4EC9C.roa
Signing time: Mon 12 May 2025 13:23:38 +0000
ROA not before: Mon 12 May 2025 13:23:33 +0000
ROA not after: Thu 19 Jun 2025 13:23:33 +0000
asID: 20473
IP address blocks: 156.253.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86903 (0x15377)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 13:23:33 2025 GMT
Not After : Jun 19 13:23:33 2025 GMT
Subject: CN=6821f65a-9715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:dd:da:97:b0:5c:e3:ac:c0:55:eb:80:0c:d4:
2c:86:57:77:44:5a:e2:e1:98:3d:91:ac:ef:85:07:
68:cc:82:92:91:64:2e:8c:29:ed:5d:f3:50:6e:51:
2a:c7:92:c4:1e:4c:fb:55:7d:cd:32:fd:05:92:97:
8d:d3:2b:d0:e9:31:14:9b:69:66:c7:88:b3:e5:a0:
ab:37:43:a2:a4:27:91:8d:0f:dd:55:12:6f:1a:7f:
4a:6d:ab:4d:a4:8c:fd:21:2f:71:39:86:e4:74:27:
ca:a0:9c:67:6e:d9:cb:21:e8:68:58:04:62:8c:29:
2f:eb:40:f8:d9:90:27:fe:44:b9:bc:c9:4b:7f:ac:
b8:8b:55:fb:6c:bd:c4:17:0e:3d:a5:db:7e:67:2e:
56:31:1f:a6:5f:1e:b4:3e:49:11:1d:4a:65:5a:14:
d3:6e:76:b5:bc:36:5f:23:1f:86:3e:10:00:0e:f2:
5f:a7:02:ac:5b:28:0e:51:38:6a:00:9a:cc:6c:92:
e4:00:89:6e:53:00:13:0c:14:ae:8a:25:d1:a8:a9:
36:1e:0f:5a:fc:51:18:79:2f:ed:2c:98:f5:d4:98:
c1:4a:0f:51:db:67:d3:ba:e5:9d:05:e0:84:e4:7f:
60:c6:95:fc:ab:05:8d:ef:b7:30:6c:a1:3a:dc:93:
02:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:63:1F:06:BA:44:D6:8C:3C:AB:3F:9E:8C:DF:70:E2:EC:94:6E:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4FE9DA142F3411F0B2E1DAC3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:0a:03:03:96:66:aa:b0:f4:22:92:e3:bf:98:4b:7f:2e:c2:
5f:1d:1f:ca:15:e9:56:a6:d4:cd:68:fc:fb:7e:18:e8:9b:3a:
48:de:06:96:eb:ba:6c:00:4f:c5:e1:2e:11:e8:97:b6:e6:01:
9a:2d:5c:d4:23:f1:6f:47:d8:4f:a9:e4:9d:a2:26:be:70:ce:
53:45:ef:c5:43:0c:02:fe:dd:5f:9c:e0:65:b1:45:b0:43:0e:
a9:c2:52:54:30:ec:e7:a7:68:c7:a1:2b:63:2c:26:ed:71:31:
88:62:58:8b:ce:90:62:4b:64:23:e7:0f:18:71:f7:aa:ee:14:
c7:3a:0d:cd:19:4b:28:5b:dd:ce:4e:bc:1a:37:75:bc:57:f2:
a2:29:d1:fb:1a:78:70:16:f8:fa:1f:95:a7:6f:ce:11:a6:2e:
27:2b:3a:a4:98:be:c6:fd:5e:5e:88:b6:ff:59:2e:68:42:d3:
91:e8:8f:90:23:78:bb:16:5e:88:0f:81:48:be:ee:04:9f:77:
7d:12:98:95:69:0f:f5:2e:6e:23:20:50:6c:a4:75:df:8a:29:
bd:ab:7e:76:3c:46:1c:dc:6d:c8:29:0c:d1:0c:32:14:95:a3:
5b:de:ae:fc:97:58:33:f4:e3:91:66:83:8d:ee:41:08:4d:9a:
67:13:e4:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVN3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTMyMzMzWhcNMjUwNjE5MTMyMzMzWjAYMRYw
FAYDVQQDEw02ODIxZjY1YS05NzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzN3al7Bc46zAVeuADNQshld3RFri4Zg9kazvhQdozIKSkWQujCntXfNQ
blEqx5LEHkz7VX3NMv0FkpeN0yvQ6TEUm2lmx4iz5aCrN0OipCeRjQ/dVRJvGn9K
batNpIz9IS9xOYbkdCfKoJxnbtnLIehoWARijCkv60D42ZAn/kS5vMlLf6y4i1X7
bL3EFw49pdt+Zy5WMR+mXx60PkkRHUplWhTTbna1vDZfIx+GPhAADvJfpwKsWygO
UThqAJrMbJLkAIluUwATDBSuiiXRqKk2Hg9a/FEYeS/tLJj11JjBSg9R22fTuuWd
BeCE5H9gxpX8qwWN77cwbKE63JMCfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPBj
Hwa6RNaMPKs/nozfcOLslG5QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RkU5REExNDJGMzQxMUYwQjJFMURBQzNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP04MA0GCSqGSIb3DQEBCwUA
A4IBAQBbCgMDlmaqsPQikuO/mEt/LsJfHR/KFelWptTNaPz7fhjomzpI3gaW67ps
AE/F4S4R6Je25gGaLVzUI/FvR9hPqeSdoia+cM5TRe/FQwwC/t1fnOBlsUWwQw6p
wlJUMOznp2jHoStjLCbtcTGIYliLzpBiS2Qj5w8Ycfeq7hTHOg3NGUsoW93OTrwa
N3W8V/KiKdH7GnhwFvj6H5Wnb84Rpi4nKzqkmL7G/V5eiLb/WS5oQtOR6I+QI3i7
Fl6ID4FIvu4En3d9EpiVaQ/1Lm4jIFBspHXfiim9q352PEYc3G3IKQzRDDIUlaNb
3q78l1gz9OORZoON7kEITZpnE+RO
-----END CERTIFICATE-----
Generated at Wed Jun 4 11:26:59 2025 by rpki-client