Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/851A2DAE3BCF11F0A8C6F9BDDAE4EC9C.roa
File: 851A2DAE3BCF11F0A8C6F9BDDAE4EC9C.roa (raw, json)
Hash identifier: 2bhUnN5vnANCvkxEt96HNsNxXm+Q8LAfOjMUrPHQo8o=
Subject key identifier: 95:4C:E0:EC:74:56:DB:4B:D2:B5:F1:32:55:1E:F9:A8:DC:63:B8:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01588D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/851A2DAE3BCF11F0A8C6F9BDDAE4EC9C.roa
Signing time: Wed 28 May 2025 14:24:53 +0000
ROA not before: Wed 28 May 2025 14:24:48 +0000
ROA not after: Sun 08 Jun 2025 14:24:48 +0000
asID: 399077
IP address blocks: 156.240.212.0/24 maxlen: 24
156.240.213.0/24 maxlen: 24
156.240.214.0/24 maxlen: 24
156.240.215.0/24 maxlen: 24
156.240.216.0/24 maxlen: 24
156.240.217.0/24 maxlen: 24
156.240.218.0/24 maxlen: 24
156.240.219.0/24 maxlen: 24
156.240.220.0/24 maxlen: 24
156.240.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88205 (0x1588d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 14:24:48 2025 GMT
Not After : Jun 8 14:24:48 2025 GMT
Subject: CN=68371cb5-3035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:30:76:b0:56:8b:aa:0b:32:20:81:00:23:15:
af:1e:74:07:0c:b3:4d:06:d9:31:af:f3:9f:58:ad:
55:3b:1e:39:56:95:ee:f5:12:66:2a:f3:7d:e5:e1:
2d:32:a8:ed:d9:fe:dc:aa:2b:a4:54:5f:fc:24:54:
8d:55:07:4b:65:c7:4d:e9:01:71:9e:55:85:13:ae:
de:1e:29:9d:bb:d7:49:31:fe:e9:33:d2:93:a2:0b:
1d:cd:6a:c7:9e:89:96:7c:13:c9:24:1c:0d:f3:0d:
78:e7:36:f4:ff:c1:57:2d:7c:28:d8:3b:b5:31:b9:
92:a7:3b:5a:0b:7e:ce:f0:b7:03:a1:90:c1:ba:52:
af:09:a5:46:89:45:67:aa:2f:a8:a4:01:c0:97:ad:
37:f2:13:dd:41:1b:fe:4d:c6:ee:74:8b:08:b6:95:
20:51:6f:49:e6:78:d3:3c:e4:e2:74:13:10:da:26:
4c:af:e0:cc:3c:b9:b0:d1:7e:00:34:f8:f7:cc:4c:
12:74:68:b7:74:af:9d:76:69:b4:48:4a:78:9b:37:
5a:5e:1a:30:e6:7b:e2:05:de:12:79:06:a4:c2:e7:
47:1d:63:c7:ac:47:49:b4:7b:35:98:8a:0e:16:df:
99:25:73:c4:77:2e:fc:ab:ab:f8:a3:2a:f7:26:fa:
b3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4C:E0:EC:74:56:DB:4B:D2:B5:F1:32:55:1E:F9:A8:DC:63:B8:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/851A2DAE3BCF11F0A8C6F9BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.212.0-156.240.221.255
Signature Algorithm: sha256WithRSAEncryption
2f:16:dc:ca:2e:34:57:39:00:3d:12:8a:73:07:94:44:d3:0b:
f2:28:6c:4c:23:06:8b:ec:d5:c1:a6:e1:65:ad:76:7a:b6:1d:
44:c4:9c:26:cb:e2:43:0c:d8:fd:d0:49:e0:57:cd:34:a8:2f:
c0:01:16:2c:e8:6f:fb:72:20:c7:5f:eb:79:49:de:00:69:aa:
df:e5:3e:1c:16:fb:4c:4b:74:2d:5d:c5:49:48:cb:2b:63:58:
6a:9a:8f:1b:7f:b4:23:1f:57:10:97:07:a7:24:dc:9b:2c:64:
68:47:9b:2d:cd:31:3e:88:91:ff:3e:b1:fb:9c:6d:c0:80:d7:
7e:b9:84:32:f7:60:6b:38:38:c2:df:9c:e3:bf:50:db:2f:d9:
07:49:01:7c:cf:f3:68:e7:9b:b8:62:35:e0:4e:df:90:c0:14:
bd:7c:17:55:a8:e2:b8:b4:f5:41:2a:59:11:37:92:76:7e:78:
76:01:d3:62:8b:28:44:dd:85:10:25:38:e7:1e:6f:0d:ea:e0:
10:06:35:1b:76:12:49:3f:46:99:c1:cd:08:91:09:bc:a4:4a:
db:26:d3:6c:49:4d:63:d1:cc:fe:51:8a:e7:87:a9:a5:7f:d5:
bc:f7:1a:a7:ce:26:ce:52:d4:36:55:04:98:80:7b:3e:35:8f:
b9:86:e5:c4
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAViNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTQyNDQ4WhcNMjUwNjA4MTQyNDQ4WjAYMRYw
FAYDVQQDEw02ODM3MWNiNS0zMDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4DB2sFaLqgsyIIEAIxWvHnQHDLNNBtkxr/OfWK1VOx45VpXu9RJmKvN9
5eEtMqjt2f7cqiukVF/8JFSNVQdLZcdN6QFxnlWFE67eHimdu9dJMf7pM9KTogsd
zWrHnomWfBPJJBwN8w145zb0/8FXLXwo2Du1MbmSpztaC37O8LcDoZDBulKvCaVG
iUVnqi+opAHAl6038hPdQRv+TcbudIsItpUgUW9J5njTPOTidBMQ2iZMr+DMPLmw
0X4ANPj3zEwSdGi3dK+ddmm0SEp4mzdaXhow5nviBd4SeQakwudHHWPHrEdJtHs1
mIoOFt+ZJXPEdy78q6v4oyr3JvqzqwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJVM
4Ox0VttL0rXxMlUe+ajcY7g+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NTFBMkRBRTNCQ0YxMUYwQThDNkY5QkREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKc8NQDBAGc8NwwDQYJKoZI
hvcNAQELBQADggEBAC8W3MouNFc5AD0SinMHlETTC/IobEwjBovs1cGm4WWtdnq2
HUTEnCbL4kMM2P3QSeBXzTSoL8ABFizob/tyIMdf63lJ3gBpqt/lPhwW+0xLdC1d
xUlIyytjWGqajxt/tCMfVxCXB6ck3JssZGhHmy3NMT6Ikf8+sfucbcCA1365hDL3
YGs4OMLfnOO/UNsv2QdJAXzP82jnm7hiNeBO35DAFL18F1Wo4ri09UEqWRE3knZ+
eHYB02KLKETdhRAlOOcebw3q4BAGNRt2Ekk/RpnBzQiRCbykStsm02xJTWPRzP5R
iueHqaV/1bz3GqfOJs5S1DZVBJiAez41j7mG5cQ=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:24:53 2025 by rpki-client