Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98EA97EE2C0511F0B3D71A7DDAE4EC9C.roa
File: 98EA97EE2C0511F0B3D71A7DDAE4EC9C.roa (raw, json)
Hash identifier: 07wv+c9CvZpJb4y56SZ3HpKjtgmRy27kMCfOwSbq+Io=
Subject key identifier: 38:57:CC:5E:A3:B7:04:8D:27:8A:91:C4:89:60:50:C8:51:2A:B6:FB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0152DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98EA97EE2C0511F0B3D71A7DDAE4EC9C.roa
Signing time: Thu 08 May 2025 12:11:40 +0000
ROA not before: Thu 08 May 2025 12:11:35 +0000
ROA not after: Tue 10 Jun 2025 12:11:35 +0000
asID: 7018
IP address blocks: 156.230.1.0/24 maxlen: 24
156.238.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86747 (0x152db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 8 12:11:35 2025 GMT
Not After : Jun 10 12:11:35 2025 GMT
Subject: CN=681c9f7c-4300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:79:78:e9:4e:5b:3e:7c:22:7f:89:07:54:e1:
33:05:82:07:b5:eb:ba:0b:ce:ec:83:e6:69:0a:b1:
55:e2:73:eb:80:8a:3f:20:ea:c6:d5:ab:90:1b:42:
be:39:3f:84:2a:40:fb:f1:1e:69:bd:69:07:8a:ab:
1d:33:03:d9:2f:50:db:93:f6:1b:e4:77:58:35:2f:
9f:cc:59:2f:29:d3:c0:1e:e7:cc:e6:48:d8:5b:f7:
66:49:c7:9e:db:f8:84:bd:b6:78:9d:19:ba:d6:17:
61:6d:b3:46:af:18:ea:ab:d1:a5:7b:bc:21:7b:24:
de:ce:2b:e6:11:10:74:07:01:5c:e5:39:90:b6:56:
08:e4:cd:ac:79:28:78:3d:90:21:27:01:c7:fd:6c:
9a:1f:0f:de:b3:c4:a2:07:13:d4:78:e2:c7:ae:2b:
77:db:d6:65:26:d0:d3:0c:13:61:57:f3:69:d0:01:
c5:a0:17:68:4e:2f:3d:f5:cb:6a:d4:d3:25:f0:39:
24:08:2f:4a:eb:55:6c:25:0c:63:a7:86:95:36:04:
38:73:89:c0:51:9d:f5:bc:59:d7:78:db:43:fb:3a:
bb:c9:fd:21:d6:78:85:be:9c:d0:82:7e:4d:12:81:
fd:48:e6:a7:4d:77:a5:42:2d:34:9d:06:35:78:42:
82:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:57:CC:5E:A3:B7:04:8D:27:8A:91:C4:89:60:50:C8:51:2A:B6:FB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/98EA97EE2C0511F0B3D71A7DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.1.0/24
156.238.12.0/24
Signature Algorithm: sha256WithRSAEncryption
33:ad:e2:53:26:66:52:be:c0:9d:ad:1d:d5:01:f2:1a:4f:37:
a1:96:4e:99:92:af:8f:8c:59:3d:d6:c0:18:a1:bb:e7:c7:14:
c7:6a:c1:a6:4f:fe:3e:0b:06:5b:74:c7:2d:24:a6:9b:ed:05:
1f:4a:f1:22:e9:f2:cb:9f:71:f4:2d:50:4b:42:4d:d8:72:d5:
4e:75:25:90:96:1a:5b:1c:77:74:4e:01:35:0e:54:31:69:26:
17:c4:cd:5f:da:52:d0:bd:df:a4:5e:f2:1e:ce:e4:1d:02:f5:
38:ab:cf:1d:6a:40:97:5c:12:e2:46:61:c5:8d:a5:64:3a:ea:
49:53:cb:af:cb:06:8d:2a:7b:ba:d8:9e:8e:8a:1e:10:42:76:
e3:b1:73:79:b4:61:78:b1:a0:f8:21:ef:c7:31:fd:9c:f2:cd:
49:66:45:b7:dd:06:e2:66:15:14:ae:a0:cb:2e:37:97:65:a6:
64:b5:07:ab:2b:27:19:b4:70:e6:bb:2f:29:1c:d2:32:d7:75:
db:55:d2:37:93:43:06:cb:95:aa:84:af:ac:7e:9a:8b:0f:c5:
e4:47:cd:8a:3f:d4:e9:f1:18:40:d2:e0:23:3a:63:a6:bd:b1:
32:a6:b8:56:1a:84:69:10:6d:86:80:c4:c9:c5:b9:38:7d:0b:
49:88:b4:56
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVLbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA4MTIxMTM1WhcNMjUwNjEwMTIxMTM1WjAYMRYw
FAYDVQQDEw02ODFjOWY3Yy00MzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyHl46U5bPnwif4kHVOEzBYIHteu6C87sg+ZpCrFV4nPrgIo/IOrG1auQ
G0K+OT+EKkD78R5pvWkHiqsdMwPZL1Dbk/Yb5HdYNS+fzFkvKdPAHufM5kjYW/dm
Scee2/iEvbZ4nRm61hdhbbNGrxjqq9Gle7wheyTezivmERB0BwFc5TmQtlYI5M2s
eSh4PZAhJwHH/WyaHw/es8SiBxPUeOLHrit329ZlJtDTDBNhV/Np0AHFoBdoTi89
9ctq1NMl8DkkCC9K61VsJQxjp4aVNgQ4c4nAUZ31vFnXeNtD+zq7yf0h1niFvpzQ
gn5NEoH9SOanTXelQi00nQY1eEKC8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDhX
zF6jtwSNJ4qRxIlgUMhRKrb7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OEVBOTdFRTJDMDUxMUYwQjNENzFBN0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOYBAwQAnO4MMA0GCSqGSIb3
DQEBCwUAA4IBAQAzreJTJmZSvsCdrR3VAfIaTzehlk6Zkq+PjFk91sAYobvnxxTH
asGmT/4+CwZbdMctJKab7QUfSvEi6fLLn3H0LVBLQk3YctVOdSWQlhpbHHd0TgE1
DlQxaSYXxM1f2lLQvd+kXvIezuQdAvU4q88dakCXXBLiRmHFjaVkOupJU8uvywaN
Knu62J6Oih4QQnbjsXN5tGF4saD4Ie/HMf2c8s1JZkW33QbiZhUUrqDLLjeXZaZk
tQerKycZtHDmuy8pHNIy13XbVdI3k0MGy5WqhK+sfpqLD8XkR82KP9Tp8RhA0uAj
OmOmvbEyprhWGoRpEG2GgMTJxbk4fQtJiLRW
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:57:07 2025 by rpki-client