Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B810DE58332111F0B115AF8FDAE4EC9C.roa
File: B810DE58332111F0B115AF8FDAE4EC9C.roa (raw, json)
Hash identifier: xoBPItRtT8NctH3MQ7E7w2W1YwKZoMrySvLIz/HSSYU=
Subject key identifier: E0:0E:9D:CF:A4:49:BE:80:B0:54:AF:02:28:84:3F:9F:6F:AF:7F:FE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01557D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B810DE58332111F0B115AF8FDAE4EC9C.roa
Signing time: Sat 17 May 2025 13:20:37 +0000
ROA not before: Sat 17 May 2025 13:20:32 +0000
ROA not after: Fri 08 Aug 2025 13:20:32 +0000
asID: 150706
IP address blocks: 156.236.96.0/22 maxlen: 24
156.236.108.0/22 maxlen: 24
156.236.112.0/21 maxlen: 24
156.236.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87421 (0x1557d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 17 13:20:32 2025 GMT
Not After : Aug 8 13:20:32 2025 GMT
Subject: CN=68288d25-9902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:46:74:f7:e9:88:59:dd:61:25:22:05:9a:b0:
12:08:11:cc:ea:50:8c:97:c9:ea:cd:1a:00:3e:86:
dd:70:75:63:04:ce:e1:47:74:7d:c9:ab:db:44:3e:
4b:57:c5:8f:c5:fd:94:42:71:c0:75:92:99:8f:eb:
32:e9:a9:b1:67:dd:6c:fa:8b:e6:94:62:eb:5a:85:
6a:94:fe:09:ea:63:d9:a7:65:6d:9a:a6:5b:89:e0:
2e:df:bf:91:e7:30:21:44:ad:5f:cd:c8:f7:41:7b:
cc:4f:82:27:da:97:4d:87:86:31:50:a5:b3:e5:b9:
57:f5:0b:29:96:d7:19:79:9f:72:c0:72:66:94:85:
f1:d5:63:e3:b8:a8:f6:f1:ca:26:c3:f0:2e:ad:04:
5c:7d:44:8c:4e:02:51:4f:19:56:dd:92:64:dd:0e:
05:65:99:71:2b:21:e3:2f:3b:17:65:6d:41:2f:36:
dc:81:07:bc:55:2d:ea:96:71:13:0e:82:ed:c1:a3:
00:e2:10:6f:68:ab:0c:42:55:4a:4c:e9:e0:ef:51:
30:2b:4b:f3:3c:d7:5a:17:d6:03:6a:ef:de:44:93:
ee:e1:96:67:61:2a:83:13:c1:cb:ac:7c:05:cd:03:
b2:2b:83:1d:67:e0:d4:bc:f4:e7:0c:b7:3c:6e:78:
1e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0E:9D:CF:A4:49:BE:80:B0:54:AF:02:28:84:3F:9F:6F:AF:7F:FE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B810DE58332111F0B115AF8FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.96.0/22
156.236.108.0-156.236.119.255
156.236.124.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:e7:8f:2d:3c:3f:69:0c:ba:1f:29:1f:d7:6c:f3:ff:5d:e7:
5e:93:12:82:ba:57:26:2c:a9:a6:bd:0d:7f:e9:56:cf:9b:be:
aa:fa:04:cf:a8:c9:29:8e:b7:f2:e4:2c:09:eb:84:d1:0f:4b:
d3:e8:5c:04:2c:cc:6e:ec:9e:2d:db:f3:c5:35:c6:03:1c:73:
74:8b:f2:da:b4:87:a1:e1:1a:9c:84:67:26:4f:ed:ef:7f:10:
70:07:87:3f:ed:0e:52:05:79:a3:57:3e:f7:73:bc:1c:a3:ca:
4f:4b:72:03:ca:27:d7:aa:f2:4e:bd:1d:80:6c:c0:c4:8f:86:
5e:93:c1:e8:ae:ce:47:f9:58:c9:04:68:dc:11:e5:3c:3e:5d:
12:22:d0:ea:c2:07:3a:11:26:46:42:f0:1c:8b:bd:f5:99:07:
f5:12:67:eb:3e:80:5d:5c:b6:95:fb:c2:72:1a:cb:88:ce:3e:
a1:81:6d:07:f2:63:62:a2:21:af:b9:b5:83:85:12:1c:3c:cd:
ea:e6:00:36:39:5d:4a:92:bf:b2:d9:89:e0:82:a0:68:00:b2:
7f:80:85:59:2d:7a:b8:04:16:f0:63:bb:23:6d:ae:4d:f5:f4:
aa:1b:ff:1e:29:2d:75:a4:f1:bb:28:a8:76:62:98:67:a6:08:
fa:45:e5:2b
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAVV9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE3MTMyMDMyWhcNMjUwODA4MTMyMDMyWjAYMRYw
FAYDVQQDEw02ODI4OGQyNS05OTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmEZ09+mIWd1hJSIFmrASCBHM6lCMl8nqzRoAPobdcHVjBM7hR3R9yavb
RD5LV8WPxf2UQnHAdZKZj+sy6amxZ91s+ovmlGLrWoVqlP4J6mPZp2VtmqZbieAu
37+R5zAhRK1fzcj3QXvMT4In2pdNh4YxUKWz5blX9QspltcZeZ9ywHJmlIXx1WPj
uKj28comw/AurQRcfUSMTgJRTxlW3ZJk3Q4FZZlxKyHjLzsXZW1BLzbcgQe8VS3q
lnETDoLtwaMA4hBvaKsMQlVKTOng71EwK0vzPNdaF9YDau/eRJPu4ZZnYSqDE8HL
rHwFzQOyK4MdZ+DUvPTnDLc8bngeYQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOAO
nc+kSb6AsFSvAiiEP59vr3/+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CODEwREU1ODMzMjExMUYwQjExNUFGOEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCnOxgMAwDBAKc7GwDBAOc7HAD
BAKc7HwwDQYJKoZIhvcNAQELBQADggEBAB3njy08P2kMuh8pH9ds8/9d516TEoK6
VyYsqaa9DX/pVs+bvqr6BM+oySmOt/LkLAnrhNEPS9PoXAQszG7sni3b88U1xgMc
c3SL8tq0h6HhGpyEZyZP7e9/EHAHhz/tDlIFeaNXPvdzvByjyk9LcgPKJ9eq8k69
HYBswMSPhl6Tweiuzkf5WMkEaNwR5Tw+XRIi0OrCBzoRJkZC8ByLvfWZB/USZ+s+
gF1ctpX7wnIay4jOPqGBbQfyY2KiIa+5tYOFEhw8zermADY5XUqSv7LZieCCoGgA
sn+AhVktergEFvBjuyNtrk319Kob/x4pLXWk8bsoqHZimGemCPpF5Ss=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:32:31 2025 by rpki-client