Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8302B43A30A011F0BACBECCEDAE4EC9C.roa
File: 8302B43A30A011F0BACBECCEDAE4EC9C.roa (raw, json)
Hash identifier: 12uw/ltXNDJi5UWWKiTyleu9FDpSAKw6NZvVvXlTRKo=
Subject key identifier: 9C:E7:04:A8:C4:85:98:79:A5:9B:E9:5C:4D:BF:72:8A:9B:47:5A:A8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01541A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8302B43A30A011F0BACBECCEDAE4EC9C.roa
Signing time: Wed 14 May 2025 08:50:40 +0000
ROA not before: Wed 14 May 2025 08:50:36 +0000
ROA not after: Wed 15 Oct 2025 08:50:36 +0000
asID: 137263
IP address blocks: 156.224.82.0/24 maxlen: 24
156.224.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87066 (0x1541a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 14 08:50:36 2025 GMT
Not After : Oct 15 08:50:36 2025 GMT
Subject: CN=68245960-ca3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:41:d2:0d:e2:00:bc:9c:4d:6d:7d:27:6d:79:
bc:cf:fd:a7:3d:55:c5:43:9b:a9:7f:ec:78:4b:ea:
00:3d:57:18:2b:4d:36:46:be:93:11:bb:74:ee:d4:
d6:50:73:6b:d0:f3:0c:1a:40:f6:13:07:19:4b:69:
a7:f8:9f:ad:e1:cf:24:37:89:fa:5c:52:5a:b2:54:
4c:28:3a:ff:77:63:85:59:74:81:13:2d:df:3d:0c:
2a:65:c7:b9:4b:3e:88:cc:62:ca:89:f0:e3:c7:e9:
69:67:a7:6b:84:e6:d3:74:26:44:c9:d1:a7:af:a3:
77:77:8e:92:be:79:04:75:2d:41:4e:d0:9d:d9:51:
72:c1:06:8c:07:1e:e8:a7:ab:c6:10:1d:40:9d:5d:
0e:bd:fc:05:63:92:35:d8:d2:f6:d9:91:f2:23:84:
ae:88:10:9b:59:72:a0:b7:69:7f:5b:65:7e:86:73:
fd:a3:c1:ed:a1:f4:10:12:ee:7c:a4:1f:3f:71:65:
a7:c4:e8:15:c9:a4:13:ea:87:3a:1e:18:8a:6c:f0:
04:6c:38:f1:ee:53:ac:1d:fa:e7:fa:14:dd:11:c0:
46:b6:53:66:20:a7:66:9b:e0:43:d4:55:ca:70:47:
6e:56:90:b5:97:c5:ec:d6:0f:38:0c:34:2d:58:7c:
d1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E7:04:A8:C4:85:98:79:A5:9B:E9:5C:4D:BF:72:8A:9B:47:5A:A8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8302B43A30A011F0BACBECCEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.82.0/23
Signature Algorithm: sha256WithRSAEncryption
44:7d:fb:aa:33:30:a2:d5:83:35:74:f6:d9:ef:5a:da:c9:48:
c1:06:ed:19:b7:ff:e7:a2:fd:36:91:0d:b5:37:6f:8f:9c:b1:
10:3f:fe:9a:6c:57:bd:0d:73:a8:6f:31:3a:c8:d8:bd:32:62:
f7:f2:aa:38:df:d2:db:cd:b0:14:13:f6:dd:ae:c5:de:ac:ad:
cf:38:50:46:1d:c4:b5:a4:0b:c7:68:1a:96:fa:8d:9e:16:0c:
6f:83:ea:40:04:3c:63:cb:23:19:97:80:25:da:49:6f:c4:a3:
cc:5e:d7:30:b6:43:be:6a:51:e3:64:e6:00:ce:6a:ef:07:3a:
c3:59:ba:fc:15:d8:0f:95:8d:2f:91:24:b4:a8:36:6a:f1:af:
78:bb:fa:80:0e:cf:47:69:e9:ec:ff:30:d0:8f:d1:47:9a:e5:
66:ef:80:94:db:80:f1:ea:f8:6a:e1:2b:ab:48:ec:e6:3b:b6:
fb:a4:ce:07:d8:c7:64:79:db:22:2f:08:8d:ae:ea:21:e1:47:
6c:87:c5:22:ab:36:da:f2:f1:6d:e9:22:d8:c5:0b:b6:dd:50:
ce:10:1b:13:67:7e:94:e0:0c:12:87:f4:9d:d2:6a:28:92:cd:
c7:ea:45:fd:03:16:80:0f:05:3b:3e:68:55:dc:fb:ea:87:e4:
9e:0b:9f:7d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVQaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE0MDg1MDM2WhcNMjUxMDE1MDg1MDM2WjAYMRYw
FAYDVQQDEw02ODI0NTk2MC1jYTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUHSDeIAvJxNbX0nbXm8z/2nPVXFQ5upf+x4S+oAPVcYK002Rr6TEbt0
7tTWUHNr0PMMGkD2EwcZS2mn+J+t4c8kN4n6XFJaslRMKDr/d2OFWXSBEy3fPQwq
Zce5Sz6IzGLKifDjx+lpZ6drhObTdCZEydGnr6N3d46SvnkEdS1BTtCd2VFywQaM
Bx7op6vGEB1AnV0OvfwFY5I12NL22ZHyI4SuiBCbWXKgt2l/W2V+hnP9o8HtofQQ
Eu58pB8/cWWnxOgVyaQT6oc6HhiKbPAEbDjx7lOsHfrn+hTdEcBGtlNmIKdmm+BD
1FXKcEduVpC1l8Xs1g84DDQtWHzR+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJzn
BKjEhZh5pZvpXE2/coqbR1qoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MzAyQjQzQTMwQTAxMUYwQkFDQkVDQ0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOBSMA0GCSqGSIb3DQEBCwUA
A4IBAQBEffuqMzCi1YM1dPbZ71rayUjBBu0Zt//nov02kQ21N2+PnLEQP/6abFe9
DXOobzE6yNi9MmL38qo439LbzbAUE/bdrsXerK3POFBGHcS1pAvHaBqW+o2eFgxv
g+pABDxjyyMZl4Al2klvxKPMXtcwtkO+alHjZOYAzmrvBzrDWbr8FdgPlY0vkSS0
qDZq8a94u/qADs9Haens/zDQj9FHmuVm74CU24Dx6vhq4SurSOzmO7b7pM4H2Mdk
edsiLwiNruoh4Udsh8Uiqzba8vFt6SLYxQu23VDOEBsTZ36U4AwSh/Sd0mooks3H
6kX9AxaADwU7PmhV3Pvqh+SeC599
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:29:19 2025 by rpki-client