Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68BB02303BD111F09CB936C9DAE4EC9C.roa
File: 68BB02303BD111F09CB936C9DAE4EC9C.roa (raw, json)
Hash identifier: fPEhRBNpN+K/dNVhVHoE540JBiPEWPUCd4rRCocBMME=
Subject key identifier: 01:23:A5:D6:E1:7E:20:85:C8:B6:B8:CA:DC:29:80:C9:6D:E1:DE:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015891
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68BB02303BD111F09CB936C9DAE4EC9C.roa
Signing time: Wed 28 May 2025 14:38:24 +0000
ROA not before: Wed 28 May 2025 14:38:18 +0000
ROA not after: Sun 08 Jun 2025 14:38:18 +0000
asID: 399077
IP address blocks: 156.240.195.0/24 maxlen: 24
156.240.196.0/24 maxlen: 24
156.240.197.0/24 maxlen: 24
156.240.198.0/24 maxlen: 24
156.240.199.0/24 maxlen: 24
156.240.200.0/24 maxlen: 24
156.240.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88209 (0x15891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 14:38:18 2025 GMT
Not After : Jun 8 14:38:18 2025 GMT
Subject: CN=68371fe0-6093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:2c:ba:a5:f3:1d:e2:a1:6b:c4:8c:3d:11:
11:45:ea:36:ca:40:50:cf:33:f9:03:0c:85:fc:bb:
e6:67:4c:82:3c:63:75:20:80:ba:ed:4e:c3:9d:ff:
c3:f9:bf:d5:b1:5c:81:f0:0f:eb:75:39:b3:0a:91:
c5:f7:03:a2:92:34:d2:1d:f5:d3:15:81:1c:7e:77:
80:65:63:db:6a:e7:8b:25:ca:cf:e5:57:60:f8:5f:
53:dc:f7:70:ea:58:92:1e:a5:30:0b:d0:2a:1b:33:
ab:37:fa:6a:91:4a:c7:db:d9:22:4e:21:6a:53:04:
52:a3:7e:15:31:09:12:f5:f9:2b:70:c7:94:1c:e0:
b7:87:8c:e7:fd:ac:3a:ff:fb:67:f5:b0:ab:3c:25:
7b:12:96:46:07:3a:f6:d6:f9:ea:a6:c6:b7:f2:53:
08:f1:a4:94:97:b5:39:96:26:bb:2a:c9:40:ca:ea:
8e:8c:2c:13:1f:aa:54:98:75:68:0e:39:e6:2a:0a:
b6:6a:37:96:4d:5d:40:19:5f:94:ea:8a:6e:22:ab:
af:f4:3b:8c:a7:96:ed:9e:4d:7e:e3:69:49:52:1d:
59:17:d0:28:65:2b:8a:76:23:b7:b0:10:af:45:a7:
be:a4:7f:73:aa:a3:a8:d8:bc:11:36:49:51:70:68:
01:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:23:A5:D6:E1:7E:20:85:C8:B6:B8:CA:DC:29:80:C9:6D:E1:DE:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/68BB02303BD111F09CB936C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.195.0-156.240.201.255
Signature Algorithm: sha256WithRSAEncryption
17:fd:10:a9:9b:3f:40:a3:0e:60:d6:62:e4:f7:3b:65:74:5d:
a0:84:d1:0d:d4:3e:fd:48:ae:54:10:fb:9e:3e:d9:8b:f3:2b:
7b:ba:e8:17:f6:6a:d7:84:52:7a:67:fc:19:3f:5e:0a:8f:7c:
7f:35:6d:e5:e2:43:6b:50:87:54:77:14:11:da:48:e9:9a:57:
07:b2:bc:80:05:51:f3:7b:55:a6:25:91:5a:5e:97:a4:e3:83:
59:1b:db:50:db:f2:a6:ca:f6:25:15:aa:41:4f:af:36:72:65:
67:d5:5f:74:c9:bf:8c:5d:03:3d:91:2d:dd:12:92:47:52:f5:
24:c5:c9:62:5c:24:f0:9b:0f:af:6f:fc:2f:d8:94:21:97:f1:
63:a8:70:c7:0e:98:5b:fc:b5:54:6d:93:49:0d:40:fe:1e:b5:
67:b7:10:67:95:c4:d6:65:c2:0c:e5:10:4f:54:82:7a:1a:ec:
af:f8:7e:05:b8:16:33:23:ec:0b:e7:0c:0f:b9:14:54:db:84:
92:aa:05:bc:56:14:a2:6c:99:dd:d3:ac:b6:37:3d:17:ec:c3:
be:8b:c9:5a:2e:c3:d0:b0:d8:4d:18:15:68:ce:15:e4:17:0f:
99:c9:f3:1b:26:ed:03:dc:79:d1:fa:55:8a:d3:8c:0a:71:e3:
29:1e:f9:58
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAViRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTQzODE4WhcNMjUwNjA4MTQzODE4WjAYMRYw
FAYDVQQDEw02ODM3MWZlMC02MDkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw5ssuqXzHeKha8SMPRERReo2ykBQzzP5AwyF/LvmZ0yCPGN1IIC67U7D
nf/D+b/VsVyB8A/rdTmzCpHF9wOikjTSHfXTFYEcfneAZWPbaueLJcrP5Vdg+F9T
3Pdw6liSHqUwC9AqGzOrN/pqkUrH29kiTiFqUwRSo34VMQkS9fkrcMeUHOC3h4zn
/aw6//tn9bCrPCV7EpZGBzr21vnqpsa38lMI8aSUl7U5lia7KslAyuqOjCwTH6pU
mHVoDjnmKgq2ajeWTV1AGV+U6opuIquv9DuMp5btnk1+42lJUh1ZF9AoZSuKdiO3
sBCvRae+pH9zqqOo2LwRNklRcGgBgwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAEj
pdbhfiCFyLa4ytwpgMlt4d58MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OEJCMDIzMDNCRDExMUYwOUNCOTM2QzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc8MMDBAGc8MgwDQYJKoZI
hvcNAQELBQADggEBABf9EKmbP0CjDmDWYuT3O2V0XaCE0Q3UPv1IrlQQ+54+2Yvz
K3u66Bf2ateEUnpn/Bk/XgqPfH81beXiQ2tQh1R3FBHaSOmaVweyvIAFUfN7VaYl
kVpel6Tjg1kb21Db8qbK9iUVqkFPrzZyZWfVX3TJv4xdAz2RLd0SkkdS9STFyWJc
JPCbD69v/C/YlCGX8WOocMcOmFv8tVRtk0kNQP4etWe3EGeVxNZlwgzlEE9Ugnoa
7K/4fgW4FjMj7AvnDA+5FFTbhJKqBbxWFKJsmd3TrLY3PRfsw76LyVouw9Cw2E0Y
FWjOFeQXD5nJ8xsm7QPcedH6VYrTjApx4yke+Vg=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:41:47 2025 by rpki-client