Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C23A3CF42F1F11F0A52929BCDAE4EC9C.roa
File: C23A3CF42F1F11F0A52929BCDAE4EC9C.roa (raw, json)
Hash identifier: NCYvlqqEGqghXtgZjIMQ9A9f8KPx95naFG1+PVh7+ME=
Subject key identifier: F5:4D:24:4B:AB:61:9D:AA:7C:09:FC:8A:BB:AE:D0:62:17:90:BD:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01534F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C23A3CF42F1F11F0A52929BCDAE4EC9C.roa
Signing time: Mon 12 May 2025 10:56:30 +0000
ROA not before: Mon 12 May 2025 10:56:25 +0000
ROA not after: Fri 15 Aug 2025 10:56:25 +0000
asID: 140403
IP address blocks: 156.240.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86863 (0x1534f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 10:56:25 2025 GMT
Not After : Aug 15 10:56:25 2025 GMT
Subject: CN=6821d3de-8247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e1:55:b7:2a:47:93:10:25:86:09:68:49:09:
d6:e4:94:72:16:57:69:2d:ef:3b:c2:aa:8b:e5:ce:
d9:11:97:c0:ec:ff:e4:dc:00:1b:5a:1e:4a:5c:65:
4f:bb:27:97:e0:9e:f9:45:13:63:cb:14:ad:55:fc:
c2:2a:d7:33:70:29:bb:53:f2:9b:6d:7e:76:a4:a5:
1a:f3:47:37:1d:65:e6:fd:6a:5c:6e:0c:36:a8:25:
fc:61:30:e8:bd:9c:c7:4d:da:0d:0a:a5:62:f7:63:
c1:4b:1d:52:2d:41:e6:f2:fe:0b:82:14:9b:f8:c5:
6b:4e:90:9d:45:23:ee:ae:cc:e2:4a:cc:0a:0a:3a:
9c:4d:a1:7a:e2:98:89:85:40:f8:0a:60:28:b7:7b:
ea:19:a9:40:c5:f5:ba:97:c9:48:61:08:28:ed:ca:
28:5c:b5:c3:76:6a:31:57:62:f5:2c:cb:1e:09:34:
56:4b:52:87:98:53:c3:8c:a5:ea:64:7e:14:9e:da:
5a:e4:1b:2c:ba:5a:1b:ed:e0:88:e8:f3:f5:9c:7c:
14:47:d6:c3:90:50:f1:60:91:11:0c:64:fb:62:80:
8f:1e:6d:d8:fe:d7:e1:3e:56:cb:bb:12:bd:0f:4f:
2c:99:c7:f2:1f:85:69:c2:d9:25:0f:5d:18:c2:85:
35:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4D:24:4B:AB:61:9D:AA:7C:09:FC:8A:BB:AE:D0:62:17:90:BD:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C23A3CF42F1F11F0A52929BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.62.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ad:22:a7:63:90:e4:a7:c2:30:a7:72:73:2c:f8:59:45:a3:
8c:27:de:29:0a:b8:d6:37:58:14:ad:3d:1b:dc:11:1a:db:3a:
17:4d:2c:d1:f8:cf:78:84:88:c9:71:09:49:e9:ad:85:79:10:
9b:bd:6f:c5:25:65:85:6a:a1:bc:98:1d:08:60:8d:a0:f4:f7:
02:c1:3e:3a:db:ae:a5:9c:99:6f:79:13:c4:37:34:b3:31:39:
01:15:a2:e1:1f:a9:d0:61:59:05:b9:a3:4b:b7:98:5e:2b:f9:
18:8f:14:90:fd:6c:e8:8e:76:0b:ca:25:32:c7:0b:14:88:85:
3e:4d:83:54:08:46:0c:16:cb:2a:0a:de:a3:ac:dd:9c:6f:82:
5e:97:f6:84:ce:45:0b:15:4d:72:0f:98:75:d7:ae:ee:ea:0e:
5d:a2:17:cb:17:ee:c1:47:14:9d:cd:8d:d2:16:81:c8:97:e1:
aa:12:13:d7:51:04:00:7d:74:54:70:1a:4f:bb:f8:b8:8c:36:
4a:45:ee:5a:55:0e:1e:6c:1c:ed:04:2d:a4:79:5c:98:3b:24:
07:d8:05:c8:35:ba:57:68:2f:23:70:fe:20:99:7a:63:04:cf:
a8:3e:1d:e6:ce:9c:73:c5:de:ba:b5:2e:99:68:56:68:11:a7:
dd:44:67:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVNPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTA1NjI1WhcNMjUwODE1MTA1NjI1WjAYMRYw
FAYDVQQDEw02ODIxZDNkZS04MjQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqeFVtypHkxAlhgloSQnW5JRyFldpLe87wqqL5c7ZEZfA7P/k3AAbWh5K
XGVPuyeX4J75RRNjyxStVfzCKtczcCm7U/KbbX52pKUa80c3HWXm/Wpcbgw2qCX8
YTDovZzHTdoNCqVi92PBSx1SLUHm8v4LghSb+MVrTpCdRSPursziSswKCjqcTaF6
4piJhUD4CmAot3vqGalAxfW6l8lIYQgo7cooXLXDdmoxV2L1LMseCTRWS1KHmFPD
jKXqZH4Untpa5Bssulob7eCI6PP1nHwUR9bDkFDxYJERDGT7YoCPHm3Y/tfhPlbL
uxK9D08smcfyH4VpwtklD10YwoU10QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPVN
JEurYZ2qfAn8iruu0GIXkL0HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjNBM0NGNDJGMUYxMUYwQTUyOTI5QkNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPA+MA0GCSqGSIb3DQEBCwUA
A4IBAQAVrSKnY5Dkp8Iwp3JzLPhZRaOMJ94pCrjWN1gUrT0b3BEa2zoXTSzR+M94
hIjJcQlJ6a2FeRCbvW/FJWWFaqG8mB0IYI2g9PcCwT46266lnJlveRPENzSzMTkB
FaLhH6nQYVkFuaNLt5heK/kYjxSQ/WzojnYLyiUyxwsUiIU+TYNUCEYMFssqCt6j
rN2cb4Jel/aEzkULFU1yD5h1167u6g5dohfLF+7BRxSdzY3SFoHIl+GqEhPXUQQA
fXRUcBpPu/i4jDZKRe5aVQ4ebBztBC2keVyYOyQH2AXINbpXaC8jcP4gmXpjBM+o
Ph3mzpxzxd66tS6ZaFZoEafdRGdl
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:01:34 2025 by rpki-client