Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EFCAB883BBB11F083C495BCDAE4EC9C.roa
File: 5EFCAB883BBB11F083C495BCDAE4EC9C.roa (raw, json)
Hash identifier: nhdJK4w+d8H+darhmEziGpHza9yCZfJdE1zMxqweYjk=
Subject key identifier: E9:D9:3D:65:CE:93:18:F8:B3:E5:25:36:90:4B:7E:50:52:93:C7:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01585E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EFCAB883BBB11F083C495BCDAE4EC9C.roa
Signing time: Wed 28 May 2025 12:00:39 +0000
ROA not before: Wed 28 May 2025 12:00:34 +0000
ROA not after: Sat 07 Jun 2025 12:00:34 +0000
asID: 3561
IP address blocks: 156.248.88.0/22 maxlen: 24
156.255.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88158 (0x1585e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 12:00:34 2025 GMT
Not After : Jun 7 12:00:34 2025 GMT
Subject: CN=6836fae7-f4ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f3:12:4b:d7:11:c6:e5:39:ba:70:b4:04:b9:
ce:0c:25:a6:59:1f:21:82:a4:5e:84:1d:7a:95:55:
c1:ba:77:8c:ad:84:34:e2:9a:c7:45:d0:8b:30:18:
a7:4e:c0:11:74:82:dc:b8:68:d5:58:ce:43:b4:5a:
14:ba:3b:8b:1d:84:9f:05:56:94:c7:9a:73:c1:dd:
1b:bb:bc:67:c6:08:44:b1:33:20:29:a6:54:d9:39:
fc:4a:7e:e2:09:5e:cd:60:51:66:8d:af:8d:9e:d5:
18:71:f3:ba:7a:3b:be:1d:5b:6f:f3:5d:6a:0b:70:
d2:c1:1e:55:58:d0:27:cf:f1:d5:79:bf:46:63:08:
e1:20:e4:22:c2:48:31:7e:61:14:0d:00:bf:0c:7b:
ed:5e:8a:1e:bd:f4:9e:16:c8:19:b6:44:ed:26:22:
fa:4a:64:8c:7e:b3:6c:60:e4:cf:5c:62:55:78:46:
f8:0b:1e:1f:92:8b:dd:11:82:43:7f:07:59:63:b7:
85:3c:18:88:b4:d5:a8:e2:b9:b0:8d:ec:14:7f:7b:
2f:9c:bb:cb:67:51:e5:ca:d2:ff:16:d8:16:dc:d0:
85:a6:58:24:33:f7:8a:ae:cf:a0:ba:8e:74:93:cb:
2f:db:c5:da:84:f4:bf:2c:d1:ca:98:2b:9e:4f:31:
0b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D9:3D:65:CE:93:18:F8:B3:E5:25:36:90:4B:7E:50:52:93:C7:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EFCAB883BBB11F083C495BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.88.0/22
156.255.4.0/22
Signature Algorithm: sha256WithRSAEncryption
48:52:69:f0:8e:f9:bf:fa:3e:8b:a0:cd:84:94:98:50:a3:68:
de:e6:65:2e:9d:3e:8e:f6:48:f9:08:cd:8b:75:60:93:da:26:
0a:e0:d3:72:b7:ef:19:a2:87:f5:86:b9:8e:12:fc:b1:f2:3c:
5d:14:b5:01:17:c9:f5:53:c3:ec:ab:63:70:05:12:f7:c5:56:
07:8e:7b:6d:52:ab:70:dc:bc:05:d7:de:3f:c6:27:34:43:f9:
15:4f:46:4b:6b:fb:a8:72:ec:7e:73:52:65:cb:26:f2:27:c8:
c2:22:9a:d6:46:20:8c:51:3a:8c:ad:cd:a5:cd:ed:0b:a3:a4:
48:4f:33:3c:b7:3c:94:f4:3d:cc:9d:92:b8:63:0c:62:61:ec:
19:6f:c7:c5:36:f4:82:c2:81:4a:93:8b:b6:90:85:64:04:bf:
34:2f:ac:fb:d4:dd:95:67:3b:c3:85:2a:f1:b8:a8:bc:68:da:
1b:0c:3c:bb:8c:3a:5a:4c:35:08:d4:9a:59:c9:6b:21:0b:b5:
9c:9e:a4:a7:cf:bd:2f:44:ac:0c:6b:de:ee:64:b1:84:44:58:
aa:da:57:63:6d:bc:45:62:e8:01:c8:51:ba:d7:61:c0:69:60:
0a:9a:da:10:c2:81:12:f6:39:7a:61:46:53:d8:bf:1d:ec:e4:
cd:f4:26:97
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVheMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTIwMDM0WhcNMjUwNjA3MTIwMDM0WjAYMRYw
FAYDVQQDEw02ODM2ZmFlNy1mNGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAufMSS9cRxuU5unC0BLnODCWmWR8hgqRehB16lVXBuneMrYQ04prHRdCL
MBinTsARdILcuGjVWM5DtFoUujuLHYSfBVaUx5pzwd0bu7xnxghEsTMgKaZU2Tn8
Sn7iCV7NYFFmja+NntUYcfO6eju+HVtv811qC3DSwR5VWNAnz/HVeb9GYwjhIOQi
wkgxfmEUDQC/DHvtXooevfSeFsgZtkTtJiL6SmSMfrNsYOTPXGJVeEb4Cx4fkovd
EYJDfwdZY7eFPBiItNWo4rmwjewUf3svnLvLZ1HlytL/FtgW3NCFplgkM/eKrs+g
uo50k8sv28XahPS/LNHKmCueTzELgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOnZ
PWXOkxj4s+UlNpBLflBSk8fcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RUZDQUI4ODNCQkIxMUYwODNDNDk1QkNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnPhYAwQCnP8EMA0GCSqGSIb3
DQEBCwUAA4IBAQBIUmnwjvm/+j6LoM2ElJhQo2je5mUunT6O9kj5CM2LdWCT2iYK
4NNyt+8Zoof1hrmOEvyx8jxdFLUBF8n1U8Psq2NwBRL3xVYHjnttUqtw3LwF194/
xic0Q/kVT0ZLa/uocux+c1JlyybyJ8jCIprWRiCMUTqMrc2lze0Lo6RITzM8tzyU
9D3MnZK4YwxiYewZb8fFNvSCwoFKk4u2kIVkBL80L6z71N2VZzvDhSrxuKi8aNob
DDy7jDpaTDUI1JpZyWshC7WcnqSnz70vRKwMa97uZLGERFiq2ldjbbxFYugByFG6
12HAaWAKmtoQwoES9jl6YUZT2L8d7OTN9CaX
-----END CERTIFICATE-----
Generated at Thu Jun 5 01:44:05 2025 by rpki-client