Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67E8433C3BC611F08AD11785DAE4EC9C.roa
File: 67E8433C3BC611F08AD11785DAE4EC9C.roa (raw, json)
Hash identifier: V1iSp6LIQrbJ+KwylFBMtaldjbZ9EI3NbBkf2q1u10I=
Subject key identifier: 84:11:B6:76:3E:A2:CA:8B:8C:47:72:86:3A:81:52:D9:EA:8F:54:EE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015872
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67E8433C3BC611F08AD11785DAE4EC9C.roa
Signing time: Wed 28 May 2025 13:19:39 +0000
ROA not before: Wed 28 May 2025 13:19:34 +0000
ROA not after: Wed 04 Jun 2025 13:19:34 +0000
asID: 9009
IP address blocks: 156.225.77.0/24 maxlen: 24
156.225.79.0/24 maxlen: 24
156.246.39.0/24 maxlen: 24
156.246.40.0/24 maxlen: 24
156.246.42.0/24 maxlen: 24
156.246.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 04 Jun 2025 13:19:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88178 (0x15872)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 13:19:34 2025 GMT
Not After : Jun 4 13:19:34 2025 GMT
Subject: CN=68370d6a-e16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c7:4b:e7:cd:4c:62:56:f1:9a:b5:df:4c:b5:
67:20:83:4e:c0:4e:0d:f5:b0:96:3d:11:b5:f2:06:
03:e9:57:fa:2c:a7:0a:e4:27:90:40:6c:f9:b9:d4:
a1:e2:28:08:16:d1:87:07:be:99:f5:ba:66:fd:e5:
08:d8:40:e8:1e:e7:90:33:6a:f7:30:6a:8e:33:69:
93:c8:a4:8b:ae:10:2a:2d:d7:d7:24:09:cf:a8:81:
4a:9f:dc:a5:64:7c:9d:59:57:59:c3:b7:79:1f:5e:
40:45:be:fb:01:cd:6e:30:4b:cd:e2:7b:c3:47:ab:
89:01:ba:53:dc:07:37:02:34:b0:82:f6:7c:11:19:
f0:20:df:b9:1d:80:ef:15:38:40:07:95:6b:1d:16:
db:9d:92:78:1d:38:99:d6:7b:f9:41:7a:48:78:8b:
f0:9a:fb:f9:3f:01:c8:0c:8c:cc:3a:49:81:c5:72:
a1:a5:e5:29:a8:a7:b2:5b:0c:ee:24:1b:29:7e:5f:
28:db:e3:91:9b:37:99:0d:45:65:e8:92:5c:11:a2:
aa:ad:2e:67:91:39:ba:d7:25:28:17:e5:52:37:c4:
02:39:b7:c3:cf:de:8e:7f:9a:11:d2:bc:6f:07:f9:
b4:96:a5:d5:b7:c2:49:da:7b:bd:26:21:2b:49:c5:
21:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:11:B6:76:3E:A2:CA:8B:8C:47:72:86:3A:81:52:D9:EA:8F:54:EE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67E8433C3BC611F08AD11785DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.77.0/24
156.225.79.0/24
156.246.39.0-156.246.40.255
156.246.42.0/24
156.246.56.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:3e:06:d8:44:46:ec:6b:d1:67:2e:4f:57:8d:cf:7c:5b:37:
5f:fd:93:b6:e3:43:f2:4f:03:02:c0:7d:01:e6:f3:87:47:bf:
11:2e:a0:3e:a3:34:7c:1f:7e:af:d7:26:c2:c7:4e:d3:9f:77:
62:14:df:9d:67:3b:1b:62:de:0d:30:ef:c1:15:6b:a5:0e:e2:
9a:e6:4d:74:37:bf:74:b6:07:c6:12:c9:57:0b:e8:3d:89:d9:
2d:84:d7:79:d8:d2:51:f1:b0:a1:70:4a:b0:bf:9d:69:fa:cb:
74:02:73:10:9b:7e:9e:92:69:bb:0b:f0:a5:4d:9b:97:fe:4d:
36:8c:28:d2:e1:a2:e6:8a:0a:63:c3:52:05:a2:9f:b6:91:47:
9b:8b:53:6c:2a:d2:3f:8c:5e:f9:f4:b9:e7:27:38:30:2e:bd:
f7:32:c1:67:7e:c7:7b:33:dc:9a:af:30:13:51:a8:93:b3:97:
b8:be:ad:da:fe:56:3d:d5:e0:1f:d7:43:8e:1f:47:f3:6e:0a:
2f:af:50:e5:7a:8d:9e:e4:6a:49:02:30:23:f8:f6:6c:53:a3:
a4:87:e6:22:fb:58:44:7b:0c:02:f7:34:50:5f:e8:2a:c1:65:
e3:77:19:4b:0b:41:09:1c:66:ac:23:f2:36:c8:1e:b4:1d:e8:
88:9f:ad:45
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAVhyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTMxOTM0WhcNMjUwNjA0MTMxOTM0WjAYMRYw
FAYDVQQDEw02ODM3MGQ2YS1lMTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6cdL581MYlbxmrXfTLVnIINOwE4N9bCWPRG18gYD6Vf6LKcK5CeQQGz5
udSh4igIFtGHB76Z9bpm/eUI2EDoHueQM2r3MGqOM2mTyKSLrhAqLdfXJAnPqIFK
n9ylZHydWVdZw7d5H15ARb77Ac1uMEvN4nvDR6uJAbpT3Ac3AjSwgvZ8ERnwIN+5
HYDvFThAB5VrHRbbnZJ4HTiZ1nv5QXpIeIvwmvv5PwHIDIzMOkmBxXKhpeUpqKey
WwzuJBspfl8o2+ORmzeZDUVl6JJcEaKqrS5nkTm61yUoF+VSN8QCObfDz96Of5oR
0rxvB/m0lqXVt8JJ2nu9JiErScUhfQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFIQR
tnY+osqLjEdyhjqBUtnqj1TuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0U4NDMzQzNCQzYxMUYwOEFEMTE3ODVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAnOFNAwQAnOFPMAwDBACc9icD
BACc9igDBACc9ioDBACc9jgwDQYJKoZIhvcNAQELBQADggEBALg+BthERuxr0Wcu
T1eNz3xbN1/9k7bjQ/JPAwLAfQHm84dHvxEuoD6jNHwffq/XJsLHTtOfd2IU351n
Oxti3g0w78EVa6UO4prmTXQ3v3S2B8YSyVcL6D2J2S2E13nY0lHxsKFwSrC/nWn6
y3QCcxCbfp6SabsL8KVNm5f+TTaMKNLhouaKCmPDUgWin7aRR5uLU2wq0j+MXvn0
uecnODAuvfcywWd+x3sz3JqvMBNRqJOzl7i+rdr+Vj3V4B/XQ44fR/NuCi+vUOV6
jZ7kakkCMCP49mxTo6SH5iL7WER7DAL3NFBf6CrBZeN3GUsLQQkcZqwj8jbIHrQd
6IifrUU=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:49:08 2025 by rpki-client