Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8302C772300511F09FB57EBCDAE4EC9C.roa
File: 8302C772300511F09FB57EBCDAE4EC9C.roa (raw, json)
Hash identifier: 2esAhRvKkwSvbqyn8aYn9moDOs9Z+czkpIgpSR7wAgM=
Subject key identifier: 3B:D0:BF:AF:7A:DC:43:69:57:E5:FD:09:D8:FC:9B:9C:B7:9B:8A:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015402
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8302C772300511F09FB57EBCDAE4EC9C.roa
Signing time: Tue 13 May 2025 14:21:08 +0000
ROA not before: Tue 13 May 2025 14:21:04 +0000
ROA not after: Fri 04 Jul 2025 14:21:04 +0000
asID: 216047
IP address blocks: 156.234.118.0/24 maxlen: 24
156.234.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87042 (0x15402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 14:21:04 2025 GMT
Not After : Jul 4 14:21:04 2025 GMT
Subject: CN=68235554-de9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:7f:83:94:1d:0f:de:ae:c8:39:9c:1b:42:27:
2a:2e:94:cf:6a:e4:d9:1f:b9:ec:c6:5d:17:a1:5b:
5e:0f:be:47:7e:d7:9f:a4:c4:3a:ef:50:a6:0f:3a:
62:4c:ad:fa:9e:bf:fd:47:fa:b0:b8:b7:8c:d4:ef:
9a:2d:b5:88:d9:76:cc:7e:b7:2f:45:2e:b6:3d:6d:
43:6c:3c:6d:fe:a4:43:dd:58:20:d5:82:58:a4:d7:
82:67:10:81:15:3c:3a:2f:c5:40:f2:4f:df:c2:33:
fc:76:58:ce:85:6a:ad:0b:ac:0c:a5:c1:e5:9a:84:
67:27:0c:59:62:69:88:f4:bb:95:47:ba:23:69:74:
12:29:d8:73:c3:9c:dd:41:4b:b5:f8:ca:68:e7:59:
fe:05:4c:f8:a7:34:73:c5:9a:ff:49:be:0c:03:38:
10:19:fc:83:40:58:12:15:6e:71:22:cc:2b:0f:bc:
05:2b:08:f6:d2:47:e3:cf:93:cc:0e:6d:47:bc:7f:
37:88:0c:bf:44:91:ff:dc:c7:b8:c5:25:1f:7c:63:
00:41:2c:55:fe:41:26:26:b1:bc:2c:65:99:d3:8b:
6e:6a:38:c0:a1:46:40:49:cd:91:bd:ac:1b:86:ab:
32:e5:27:73:a5:3a:3c:8c:a7:14:40:00:6d:51:f7:
97:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D0:BF:AF:7A:DC:43:69:57:E5:FD:09:D8:FC:9B:9C:B7:9B:8A:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8302C772300511F09FB57EBCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.118.0/24
156.234.123.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:c2:a5:de:46:7a:32:f5:f6:00:46:15:9e:bd:31:81:22:c7:
de:18:d2:aa:61:e1:b0:03:22:77:38:d8:88:a4:6d:20:cd:15:
07:e1:2d:20:d3:02:ad:e0:90:e8:e7:fd:c8:5a:98:85:52:91:
d6:7f:67:e2:69:da:57:8e:da:8c:d6:22:7b:64:08:0b:2c:96:
9f:e0:26:ba:18:ba:a0:56:52:5c:9b:8c:19:0d:8a:6d:5f:92:
a9:c3:c1:58:dc:5d:53:64:38:7d:ce:32:e2:8b:ac:c8:a6:09:
8d:7a:da:c2:27:07:ab:29:fa:83:99:72:88:5d:1b:0a:ac:80:
d1:99:42:69:dc:ee:c0:e1:ce:4c:6c:df:31:26:85:b8:36:ee:
4a:d5:e0:74:76:ff:7a:67:57:c8:3b:8d:e4:71:61:62:4f:12:
18:99:29:86:0d:14:db:0d:1a:db:36:7a:ff:b4:7e:1a:4b:d5:
ff:07:93:10:27:a5:30:4a:1e:bd:8f:75:ad:06:3e:6f:d7:0f:
d3:c3:5c:a7:cb:c9:23:04:a5:ac:14:84:a2:ac:8f:1d:15:10:
15:6e:bd:0d:65:26:3b:95:fc:29:0c:0c:6d:82:18:3b:c3:76:
00:0c:6b:ff:2a:38:6d:15:36:a8:95:76:9b:d5:a5:15:35:c0:
12:7c:6c:da
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVQCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMTQyMTA0WhcNMjUwNzA0MTQyMTA0WjAYMRYw
FAYDVQQDEw02ODIzNTU1NC1kZTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmn+DlB0P3q7IOZwbQicqLpTPauTZH7nsxl0XoVteD75HftefpMQ671Cm
DzpiTK36nr/9R/qwuLeM1O+aLbWI2XbMfrcvRS62PW1DbDxt/qRD3Vgg1YJYpNeC
ZxCBFTw6L8VA8k/fwjP8dljOhWqtC6wMpcHlmoRnJwxZYmmI9LuVR7ojaXQSKdhz
w5zdQUu1+Mpo51n+BUz4pzRzxZr/Sb4MAzgQGfyDQFgSFW5xIswrD7wFKwj20kfj
z5PMDm1HvH83iAy/RJH/3Me4xSUffGMAQSxV/kEmJrG8LGWZ04tuajjAoUZASc2R
vawbhqsy5SdzpTo8jKcUQABtUfeXnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDvQ
v6963ENpV+X9Cdj8m5y3m4oHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MzAyQzc3MjMwMDUxMUYwOUZCNTdFQkNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOp2AwQAnOp7MA0GCSqGSIb3
DQEBCwUAA4IBAQBPwqXeRnoy9fYARhWevTGBIsfeGNKqYeGwAyJ3ONiIpG0gzRUH
4S0g0wKt4JDo5/3IWpiFUpHWf2fiadpXjtqM1iJ7ZAgLLJaf4Ca6GLqgVlJcm4wZ
DYptX5Kpw8FY3F1TZDh9zjLii6zIpgmNetrCJwerKfqDmXKIXRsKrIDRmUJp3O7A
4c5MbN8xJoW4Nu5K1eB0dv96Z1fIO43kcWFiTxIYmSmGDRTbDRrbNnr/tH4aS9X/
B5MQJ6UwSh69j3WtBj5v1w/Tw1yny8kjBKWsFISirI8dFRAVbr0NZSY7lfwpDAxt
ghg7w3YADGv/KjhtFTaolXab1aUVNcASfGza
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:42:52 2025 by rpki-client