Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/816CB5BA3ADE11F0AD2C63A2DAE4EC9C.roa
File: 816CB5BA3ADE11F0AD2C63A2DAE4EC9C.roa (raw, json)
Hash identifier: 6A1akA8h+x1zYYA+FykahrAUEmARsq/+wlUsfS8mfZ4=
Subject key identifier: CA:9A:2F:BC:00:A4:41:64:A8:79:EB:43:18:8E:0D:3B:33:29:72:86
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/816CB5BA3ADE11F0AD2C63A2DAE4EC9C.roa
Signing time: Tue 27 May 2025 09:39:38 +0000
ROA not before: Tue 27 May 2025 09:39:33 +0000
ROA not after: Thu 03 Jul 2025 09:39:33 +0000
asID: 23470
IP address blocks: 156.225.70.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88030 (0x157de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 09:39:33 2025 GMT
Not After : Jul 3 09:39:33 2025 GMT
Subject: CN=6835885a-ae56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ad:d1:fe:15:1a:d6:67:64:c5:b1:59:bc:d5:
7b:3b:04:4c:3d:f5:47:19:9b:f2:4b:e1:8f:40:99:
e9:f6:e3:12:19:6a:e4:5a:a7:71:02:6f:13:fc:66:
23:3f:82:75:63:f6:77:76:73:ab:c4:b5:db:43:80:
a4:be:ef:79:e1:34:fd:81:b2:9b:07:34:36:4b:56:
2d:5c:04:01:4b:b6:a8:8b:36:14:09:b4:fe:4f:49:
ac:6c:1a:eb:a9:60:ee:38:aa:c5:72:75:bc:1b:b4:
c7:1f:ab:2f:06:ea:66:05:50:1f:c5:ed:18:c7:30:
fc:30:bc:4e:a0:d3:44:00:cf:a4:5d:19:28:4a:e1:
92:21:25:97:0d:da:56:c4:b3:17:99:f0:5a:f0:9b:
a8:11:14:be:87:cb:cb:46:fd:7d:0b:56:18:14:16:
20:a2:87:f1:60:be:be:17:ad:66:2c:f9:1f:39:80:
00:1c:3c:da:79:1a:71:1f:cb:48:a6:57:51:7e:75:
4d:f4:11:61:ed:21:b8:32:6b:30:be:49:a6:63:b3:
0a:24:aa:ef:9c:8d:8b:cc:aa:4b:9f:4b:a1:b5:b4:
f0:7c:de:e7:ff:ef:21:ef:53:ed:d5:b9:d0:af:44:
9b:81:72:97:10:91:a5:fe:a3:66:fa:8c:67:1f:c3:
e9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:9A:2F:BC:00:A4:41:64:A8:79:EB:43:18:8E:0D:3B:33:29:72:86
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/816CB5BA3ADE11F0AD2C63A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.70.0/23
Signature Algorithm: sha256WithRSAEncryption
82:53:6d:9f:29:fa:99:94:6b:03:85:d3:cd:28:32:06:80:71:
de:69:8d:61:cd:5d:96:4d:81:b6:45:8b:57:a1:61:2f:ab:83:
a7:34:41:85:f4:e7:c4:a4:c8:10:8b:95:f2:bb:5d:a7:1e:ed:
15:53:0f:46:6f:87:dd:5e:bb:74:4a:85:64:02:f1:e5:f7:86:
56:81:ee:2f:35:1b:32:f4:30:16:b4:93:6d:5c:dc:a9:28:61:
c5:da:c1:b3:2a:13:34:1c:8d:35:f3:7b:33:39:69:b7:f1:56:
9c:98:5b:08:7e:1b:6d:71:28:1c:4c:db:60:fb:34:38:85:aa:
df:8c:66:7c:a6:30:f9:ff:3e:7d:b9:db:1b:ca:48:5a:c7:d1:
ce:6e:c7:bc:41:49:63:c1:2d:44:1b:be:28:b0:18:92:5e:b7:
6c:a5:bf:1a:54:d2:f1:73:c8:69:87:05:b7:bf:9f:82:b0:b5:
10:80:71:93:8f:95:f0:68:42:85:e4:ef:33:f8:f1:fa:b4:a7:
a9:e9:70:0c:db:56:eb:35:c4:f8:75:cf:c3:6b:d6:1d:36:12:
42:c2:3c:95:5b:41:ee:79:ca:44:d7:c3:d2:53:6e:3c:84:01:
8c:d3:e6:96:dc:b5:44:cb:41:9e:d9:a1:15:9f:e2:76:04:4e:
42:da:da:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVfeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MDkzOTMzWhcNMjUwNzAzMDkzOTMzWjAYMRYw
FAYDVQQDEw02ODM1ODg1YS1hZTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu63R/hUa1mdkxbFZvNV7OwRMPfVHGZvyS+GPQJnp9uMSGWrkWqdxAm8T
/GYjP4J1Y/Z3dnOrxLXbQ4Ckvu954TT9gbKbBzQ2S1YtXAQBS7aoizYUCbT+T0ms
bBrrqWDuOKrFcnW8G7THH6svBupmBVAfxe0YxzD8MLxOoNNEAM+kXRkoSuGSISWX
DdpWxLMXmfBa8JuoERS+h8vLRv19C1YYFBYgoofxYL6+F61mLPkfOYAAHDzaeRpx
H8tIpldRfnVN9BFh7SG4MmswvkmmY7MKJKrvnI2LzKpLn0uhtbTwfN7n/+8h71Pt
1bnQr0SbgXKXEJGl/qNm+oxnH8PpYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMqa
L7wApEFkqHnrQxiODTszKXKGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MTZDQjVCQTNBREUxMUYwQUQyQzYzQTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOFGMA0GCSqGSIb3DQEBCwUA
A4IBAQCCU22fKfqZlGsDhdPNKDIGgHHeaY1hzV2WTYG2RYtXoWEvq4OnNEGF9OfE
pMgQi5Xyu12nHu0VUw9Gb4fdXrt0SoVkAvHl94ZWge4vNRsy9DAWtJNtXNypKGHF
2sGzKhM0HI0183szOWm38VacmFsIfhttcSgcTNtg+zQ4harfjGZ8pjD5/z59udsb
ykhax9HObse8QUljwS1EG74osBiSXrdspb8aVNLxc8hphwW3v5+CsLUQgHGTj5Xw
aEKF5O8z+PH6tKep6XAM21brNcT4dc/Da9YdNhJCwjyVW0HuecpE18PSU248hAGM
0+aW3LVEy0Ge2aEVn+J2BE5C2tpG
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:24:37 2025 by rpki-client