Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CF7FABE300211F0B996F1A7DAE4EC9C.roa
File: 5CF7FABE300211F0B996F1A7DAE4EC9C.roa (raw, json)
Hash identifier: J9JDhDvKN3M+kOtCPrwxMTQr4tSOgMgvKAQ2h0kgXQM=
Subject key identifier: 17:27:F6:9A:9A:05:1A:3A:F6:85:A6:47:EE:12:FA:25:7E:58:E5:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153FC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CF7FABE300211F0B996F1A7DAE4EC9C.roa
Signing time: Tue 13 May 2025 13:58:36 +0000
ROA not before: Tue 13 May 2025 13:58:31 +0000
ROA not after: Fri 12 Jun 2026 13:58:31 +0000
asID: 984
IP address blocks: 156.228.156.0/24 maxlen: 24
156.245.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87036 (0x153fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 13:58:31 2025 GMT
Not After : Jun 12 13:58:31 2026 GMT
Subject: CN=6823500c-729e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2a:f6:62:e5:88:24:b2:f7:df:03:42:88:c3:
ea:87:63:97:76:b4:78:03:c0:fc:a4:e1:b3:aa:8a:
4e:f2:0e:58:84:71:42:2a:57:c3:c0:6d:31:5a:8c:
4b:4d:42:86:fe:14:bb:43:d1:96:f7:f8:85:8b:2c:
f3:c3:66:1c:9c:d3:16:e8:bb:a0:84:4b:56:3a:0c:
53:ac:f7:51:85:03:cf:4b:76:a0:b7:ea:84:f0:94:
e4:85:1f:d6:b1:e5:2d:d2:98:0d:9f:57:74:ba:7a:
14:7f:cf:6b:88:cd:95:e4:a0:73:02:d5:35:a2:9a:
98:aa:34:fa:57:27:9c:ab:09:44:91:59:11:53:dd:
ca:98:b9:3b:d7:b7:b2:a9:20:00:19:2e:d3:71:02:
b4:d5:ba:2c:d6:68:20:a4:be:8a:1d:3c:15:e3:52:
74:11:29:d7:35:8e:5c:e4:fa:57:3d:5e:a8:96:fd:
92:74:0a:4d:42:65:1e:15:0e:58:69:23:86:3b:3b:
7e:40:8f:f6:62:aa:91:02:8c:2c:ca:0b:37:7b:34:
96:44:88:a6:90:c0:c8:98:2d:6e:9f:a4:3f:26:df:
85:14:67:e3:fa:0e:3e:fb:2e:d1:b2:4c:69:0d:99:
c6:7f:a7:b0:8c:3c:9d:d7:35:30:39:83:5f:2d:5e:
17:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:27:F6:9A:9A:05:1A:3A:F6:85:A6:47:EE:12:FA:25:7E:58:E5:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CF7FABE300211F0B996F1A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.156.0/24
156.245.195.0/24
Signature Algorithm: sha256WithRSAEncryption
19:d1:12:0b:99:bd:37:be:32:02:53:ba:44:39:c3:6c:f3:c5:
c0:d4:67:10:f5:54:2a:3b:da:34:c1:db:a1:50:ab:08:30:6c:
d9:88:eb:dc:3b:0a:26:9e:f1:9f:4d:5e:03:1b:6c:a5:0d:d7:
08:5d:3f:43:34:a0:50:32:e0:f9:07:73:a2:e6:80:41:98:23:
2c:2b:fd:05:db:ef:f9:6b:6d:8a:51:6f:b1:6d:3b:6b:34:42:
71:c5:d9:f1:80:89:4e:1f:61:b6:ed:ef:d1:74:30:fc:c5:cc:
58:04:5e:15:1f:b0:f9:bb:c5:e8:4e:ff:a4:52:84:cd:c7:91:
3a:82:18:2a:89:16:88:5f:76:82:4c:08:24:2f:aa:b8:1c:b5:
68:9d:c5:d9:65:ab:9e:bb:1c:2a:63:99:50:1a:e8:a2:a0:65:
1f:1b:3e:13:90:51:c4:8a:23:4d:35:0c:88:9e:76:86:73:7a:
79:99:56:e5:b0:7d:91:d7:aa:f7:1c:36:7d:3f:19:0e:41:7d:
9c:c5:2c:f5:ef:e6:f5:a1:6f:ef:1d:4b:18:b7:24:44:79:25:
93:51:f6:85:f7:9f:43:b9:fa:97:1c:69:80:a4:be:79:92:d3:
f7:e4:59:12:12:6c:22:d3:7f:7f:74:0b:7b:a6:6a:52:8e:4e:
75:36:9f:5c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVP8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMTM1ODMxWhcNMjYwNjEyMTM1ODMxWjAYMRYw
FAYDVQQDEw02ODIzNTAwYy03MjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsir2YuWIJLL33wNCiMPqh2OXdrR4A8D8pOGzqopO8g5YhHFCKlfDwG0x
WoxLTUKG/hS7Q9GW9/iFiyzzw2YcnNMW6LughEtWOgxTrPdRhQPPS3agt+qE8JTk
hR/WseUt0pgNn1d0unoUf89riM2V5KBzAtU1opqYqjT6VyecqwlEkVkRU93KmLk7
17eyqSAAGS7TcQK01bos1mggpL6KHTwV41J0ESnXNY5c5PpXPV6olv2SdApNQmUe
FQ5YaSOGOzt+QI/2YqqRAowsygs3ezSWRIimkMDImC1un6Q/Jt+FFGfj+g4++y7R
skxpDZnGf6ewjDyd1zUwOYNfLV4XhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBcn
9pqaBRo69oWmR+4S+iV+WOU/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81Q0Y3RkFCRTMwMDIxMUYwQjk5NkYxQTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOScAwQAnPXDMA0GCSqGSIb3
DQEBCwUAA4IBAQAZ0RILmb03vjICU7pEOcNs88XA1GcQ9VQqO9o0wduhUKsIMGzZ
iOvcOwomnvGfTV4DG2ylDdcIXT9DNKBQMuD5B3Oi5oBBmCMsK/0F2+/5a22KUW+x
bTtrNEJxxdnxgIlOH2G27e/RdDD8xcxYBF4VH7D5u8XoTv+kUoTNx5E6ghgqiRaI
X3aCTAgkL6q4HLVoncXZZaueuxwqY5lQGuiioGUfGz4TkFHEiiNNNQyInnaGc3p5
mVblsH2R16r3HDZ9PxkOQX2cxSz17+b1oW/vHUsYtyREeSWTUfaF959DufqXHGmA
pL55ktP35FkSEmwi039/dAt7pmpSjk51Np9c
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:56:17 2025 by rpki-client