Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0CD0B2C3D5811F094FBF9B8DAE4EC9C.roa
File: A0CD0B2C3D5811F094FBF9B8DAE4EC9C.roa (raw, json)
Hash identifier: h6vbes3bAhuI0rcZlGjeo2uaRdH0LRx81h/YYKVkZQw=
Subject key identifier: 93:CD:8B:49:15:26:56:4C:B6:18:45:46:1A:66:20:F7:F7:51:E5:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0CD0B2C3D5811F094FBF9B8DAE4EC9C.roa
Signing time: Fri 30 May 2025 13:18:52 +0000
ROA not before: Fri 30 May 2025 13:18:47 +0000
ROA not after: Mon 07 Jul 2025 13:18:47 +0000
asID: 44901
IP address blocks: 156.229.125.0/24 maxlen: 24
156.229.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88283 (0x158db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 30 13:18:47 2025 GMT
Not After : Jul 7 13:18:47 2025 GMT
Subject: CN=6839b03b-a684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b8:54:c7:6b:b8:ba:2d:36:b0:b0:37:3b:10:
ae:a6:4b:24:8d:b3:b3:1c:ac:62:72:8c:a8:fb:db:
3e:ea:4e:21:05:eb:f1:55:23:78:e9:78:f3:0d:6a:
ed:c3:24:3e:e9:6f:8a:15:fb:60:2c:f2:2e:0d:bb:
46:50:6e:6b:e7:92:e9:7f:03:63:25:06:65:88:91:
45:cd:d2:4d:9f:90:9c:47:fa:5c:74:db:9e:7c:9b:
35:59:84:12:5e:10:86:22:3b:d8:66:6b:bb:67:f8:
32:1f:1d:3e:39:3f:74:d8:47:51:a2:03:e0:ce:9d:
87:45:90:5a:42:a4:ab:61:3f:0c:63:ab:c1:2a:80:
35:77:35:15:d7:4e:1c:e8:76:ce:65:17:ed:91:4d:
b8:4e:1e:72:fd:22:a6:f0:5a:11:69:cc:c5:08:da:
ef:90:cf:66:dc:bd:d9:9c:7d:47:dd:b1:f1:86:57:
52:7c:6f:0c:af:33:3f:1e:54:93:96:a1:3d:b4:0a:
dc:84:9f:6c:e3:d9:e4:96:05:1e:4b:b6:50:68:2e:
11:66:fe:d1:c0:b5:5b:2b:3f:68:59:91:42:31:2e:
6f:f7:ca:1b:d6:40:f8:2a:d8:7e:a0:e0:e0:97:75:
68:6a:ad:71:1c:e5:a4:70:fb:70:9e:72:66:10:5e:
4e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:CD:8B:49:15:26:56:4C:B6:18:45:46:1A:66:20:F7:F7:51:E5:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0CD0B2C3D5811F094FBF9B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.125.0/24
156.229.239.0/24
Signature Algorithm: sha256WithRSAEncryption
27:6b:a8:93:5d:ba:c5:b5:b9:51:a6:24:f4:cc:8e:b8:89:d3:
c0:74:3b:70:16:cf:3d:fa:04:41:66:94:fe:f4:52:5e:2e:2a:
d9:ee:7a:4b:fc:a9:b7:fa:7a:03:3a:6b:3c:e3:58:5c:a0:79:
f2:8b:b3:4f:0c:42:be:81:4c:44:18:7e:30:6c:ec:aa:e2:f2:
65:27:0f:69:92:60:07:ce:37:b8:68:f8:81:0e:6f:39:9d:74:
72:6b:bc:9c:57:f2:65:eb:48:96:4e:65:70:31:ea:63:89:2b:
4a:d5:f1:c3:d5:b8:0e:0c:8f:de:f9:f1:c1:4e:b7:65:0c:04:
14:ab:a2:22:a2:2b:9e:d7:16:5c:98:75:f7:6b:2a:9b:9a:06:
6e:f1:49:d5:4d:0e:7a:0b:c4:49:6c:d2:79:85:39:d9:3a:4c:
21:e8:2c:4e:61:a1:32:1f:57:1e:6a:2b:1f:bd:c0:ed:53:48:
45:4e:4c:79:f4:31:7e:10:4b:ca:13:97:40:dd:7e:fa:3d:1a:
ac:78:0a:9b:98:91:d1:1f:13:85:33:30:54:20:51:06:6b:35:
7a:5e:f6:99:1d:20:3d:3c:b0:3c:66:ab:bf:f8:45:91:e8:84:
ec:fe:3c:46:f8:2d:4f:4a:5b:71:00:ee:6d:70:3d:27:c3:99:
1c:f2:52:41
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVjbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMwMTMxODQ3WhcNMjUwNzA3MTMxODQ3WjAYMRYw
FAYDVQQDEw02ODM5YjAzYi1hNjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr7hUx2u4ui02sLA3OxCupkskjbOzHKxicoyo+9s+6k4hBevxVSN46Xjz
DWrtwyQ+6W+KFftgLPIuDbtGUG5r55LpfwNjJQZliJFFzdJNn5CcR/pcdNuefJs1
WYQSXhCGIjvYZmu7Z/gyHx0+OT902EdRogPgzp2HRZBaQqSrYT8MY6vBKoA1dzUV
104c6HbOZRftkU24Th5y/SKm8FoRaczFCNrvkM9m3L3ZnH1H3bHxhldSfG8MrzM/
HlSTlqE9tArchJ9s49nklgUeS7ZQaC4RZv7RwLVbKz9oWZFCMS5v98ob1kD4Kth+
oODgl3Voaq1xHOWkcPtwnnJmEF5OiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPN
i0kVJlZMthhFRhpmIPf3UeX4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMENEMEIyQzNENTgxMUYwOTRGQkY5QjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOV9AwQAnOXvMA0GCSqGSIb3
DQEBCwUAA4IBAQAna6iTXbrFtblRpiT0zI64idPAdDtwFs89+gRBZpT+9FJeLirZ
7npL/Km3+noDOms841hcoHnyi7NPDEK+gUxEGH4wbOyq4vJlJw9pkmAHzje4aPiB
Dm85nXRya7ycV/Jl60iWTmVwMepjiStK1fHD1bgODI/e+fHBTrdlDAQUq6Iioiue
1xZcmHX3ayqbmgZu8UnVTQ56C8RJbNJ5hTnZOkwh6CxOYaEyH1ceaisfvcDtU0hF
Tkx59DF+EEvKE5dA3X76PRqseAqbmJHRHxOFMzBUIFEGazV6XvaZHSA9PLA8Zqu/
+EWR6ITs/jxG+C1PSltxAO5tcD0nw5kc8lJB
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:15:33 2025 by rpki-client