Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B965B170380811F088FCFF9FDAE4EC9C.roa
File: B965B170380811F088FCFF9FDAE4EC9C.roa (raw, json)
Hash identifier: Iyml/dbVZug5TPOyizaKvdOBV97gKqW+coHsQxYNKwA=
Subject key identifier: 2C:C2:20:34:5E:C0:F4:DF:04:C5:D1:FC:0C:47:99:1C:CE:1F:39:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01570F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B965B170380811F088FCFF9FDAE4EC9C.roa
Signing time: Fri 23 May 2025 19:04:17 +0000
ROA not before: Fri 23 May 2025 19:04:12 +0000
ROA not after: Sat 05 Jul 2025 19:04:12 +0000
asID: 137899
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87823 (0x1570f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 19:04:12 2025 GMT
Not After : Jul 5 19:04:12 2025 GMT
Subject: CN=6830c6b1-c0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c0:2e:17:60:4c:34:8b:76:f6:f6:9f:cc:0f:
51:33:38:8c:b1:3a:fe:2e:39:74:37:7f:82:ba:b6:
fa:fd:64:b2:94:a2:1c:af:53:88:2c:37:08:88:47:
f6:e2:4e:91:1f:a2:e2:1b:ab:29:ec:e6:0f:d1:dc:
91:b6:a9:d5:07:fe:3c:98:8c:41:13:6f:e2:fd:e0:
f5:25:e9:be:0a:0d:ae:fa:f1:e3:7b:c4:bc:76:d2:
5f:0e:01:e4:dd:d2:1e:1a:24:cc:31:b7:87:ec:c9:
b3:5a:14:15:06:e3:4e:88:fa:db:b2:5c:2c:7b:23:
6b:00:9c:25:ef:02:63:56:76:ea:95:96:39:49:c1:
1a:05:79:ab:ad:08:84:c8:eb:07:89:46:08:2e:cf:
b0:a1:a5:c3:4e:89:36:8b:dc:38:ea:85:03:0b:4f:
7b:be:14:8e:fa:bb:ab:d9:19:fe:41:b7:e5:63:fb:
f6:4d:cb:40:b4:5d:2e:5a:4a:49:31:a8:c3:e0:0f:
f7:f0:2a:b3:ad:1b:43:da:d4:4d:de:21:b0:31:71:
2d:1f:21:74:7b:ef:1d:4b:8e:9d:b0:d8:fe:84:6b:
1f:bc:1e:97:22:ea:c6:dd:74:e5:ea:0c:be:96:12:
d5:05:98:a2:6b:0d:57:50:69:ca:06:33:3e:38:ab:
5e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C2:20:34:5E:C0:F4:DF:04:C5:D1:FC:0C:47:99:1C:CE:1F:39:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B965B170380811F088FCFF9FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:4a:a4:18:33:7c:83:19:7f:a0:31:23:9e:63:61:82:3a:6e:
d9:2f:8d:90:c1:67:f2:39:d2:3d:ee:a3:a8:64:c6:94:74:c1:
b8:26:2f:ee:07:7a:b9:f4:6b:c6:61:d1:68:a6:f3:8a:6f:e9:
27:7f:cd:63:8f:b2:a1:b1:f3:14:9c:30:bf:cf:22:16:6f:ca:
ae:36:c5:b4:95:a7:5a:68:79:7b:8e:3b:9e:43:75:41:f2:c2:
28:be:17:94:fa:fc:13:95:b6:45:c0:44:f8:b2:1a:6c:27:61:
55:04:50:3a:4d:47:31:da:ea:76:fa:30:15:c1:14:b3:c0:bf:
64:9d:ac:88:58:d3:e7:80:ff:24:21:5b:ca:f2:39:a2:42:b6:
3b:ce:db:ed:fc:89:82:5b:6a:a6:58:5c:9b:e9:31:7b:bc:96:
8f:a6:f3:06:15:db:5c:83:50:33:2f:23:2f:35:19:1f:18:d3:
92:26:e9:e5:f8:f5:b9:b0:1a:21:ed:4f:66:2a:81:c2:6c:9e:
4b:1d:f4:dc:1b:86:10:81:b0:c0:0b:c8:ab:ed:99:1b:da:f6:
cf:5a:a9:1e:7e:ed:a3:38:b7:76:64:a5:9c:2b:95:90:b2:57:
ac:0b:92:ee:ae:84:e3:4b:94:c9:09:ee:20:c9:d3:aa:ea:f1:
05:8b:94:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVcPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMTkwNDEyWhcNMjUwNzA1MTkwNDEyWjAYMRYw
FAYDVQQDEw02ODMwYzZiMS1jMGJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnMAuF2BMNIt29vafzA9RMziMsTr+Ljl0N3+Curb6/WSylKIcr1OILDcI
iEf24k6RH6LiG6sp7OYP0dyRtqnVB/48mIxBE2/i/eD1Jem+Cg2u+vHje8S8dtJf
DgHk3dIeGiTMMbeH7MmzWhQVBuNOiPrbslwseyNrAJwl7wJjVnbqlZY5ScEaBXmr
rQiEyOsHiUYILs+woaXDTok2i9w46oUDC097vhSO+rur2Rn+QbflY/v2TctAtF0u
WkpJMajD4A/38CqzrRtD2tRN3iGwMXEtHyF0e+8dS46dsNj+hGsfvB6XIurG3XTl
6gy+lhLVBZiiaw1XUGnKBjM+OKtecwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCzC
IDRewPTfBMXR/AxHmRzOHzn5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTY1QjE3MDM4MDgxMUYwODhGQ0ZGOUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQCKSqQYM3yDGX+gMSOeY2GCOm7ZL42QwWfyOdI97qOoZMaUdMG4Ji/uB3q5
9GvGYdFopvOKb+knf81jj7KhsfMUnDC/zyIWb8quNsW0ladaaHl7jjueQ3VB8sIo
vheU+vwTlbZFwET4shpsJ2FVBFA6TUcx2up2+jAVwRSzwL9knayIWNPngP8kIVvK
8jmiQrY7ztvt/ImCW2qmWFyb6TF7vJaPpvMGFdtcg1AzLyMvNRkfGNOSJunl+PW5
sBoh7U9mKoHCbJ5LHfTcG4YQgbDAC8ir7Zkb2vbPWqkefu2jOLd2ZKWcK5WQsles
C5LuroTjS5TJCe4gydOq6vEFi5Qi
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:23:51 2025 by rpki-client