Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C94413F03AD511F086C17FE8DAE4EC9C.roa
File: C94413F03AD511F086C17FE8DAE4EC9C.roa (raw, json)
Hash identifier: 8PbxGSU7ZicI37N/bsMzze0t8iwuHI6mieqEncS3y7M=
Subject key identifier: 5A:D9:12:C8:D1:52:88:0F:C2:37:88:E6:0F:92:26:E1:5E:2F:2D:8E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C94413F03AD511F086C17FE8DAE4EC9C.roa
Signing time: Tue 27 May 2025 08:37:13 +0000
ROA not before: Tue 27 May 2025 08:37:08 +0000
ROA not after: Mon 30 Jun 2025 08:37:08 +0000
asID: 62468
IP address blocks: 156.245.128.0/21 maxlen: 24
156.245.188.0/23 maxlen: 24
156.245.198.0/23 maxlen: 24
156.245.200.0/22 maxlen: 24
156.245.209.0/24 maxlen: 24
156.245.210.0/24 maxlen: 24
156.245.242.0/23 maxlen: 24
156.245.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87985 (0x157b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 08:37:08 2025 GMT
Not After : Jun 30 08:37:08 2025 GMT
Subject: CN=683579b9-d747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bc:68:90:9f:f8:9d:a3:35:2c:c2:ab:e1:14:
42:f1:a2:0d:b6:8d:dd:59:0e:4e:2f:ff:4c:59:91:
0e:d4:e9:9f:16:06:6d:c4:e9:1c:49:60:60:03:01:
d9:cd:e0:b2:17:96:41:29:44:f0:63:92:0f:bb:29:
08:f3:75:83:9d:0d:10:75:3f:4d:8c:b1:35:77:55:
79:db:94:44:53:8e:90:41:89:e4:30:82:3c:2f:b3:
59:2a:75:ef:4f:9e:6f:23:97:89:48:f9:5f:ce:41:
16:20:d7:6d:9f:63:be:f3:eb:55:40:01:1e:d0:c4:
59:ef:9a:69:a9:87:ca:ee:03:91:b0:a8:c5:e4:44:
82:96:9e:1e:dd:c6:c4:f0:1f:8c:89:77:ca:53:2b:
00:ca:14:68:ce:07:c8:9a:ec:92:b9:9b:4b:c6:d0:
a5:07:76:04:55:09:b7:81:65:87:eb:8c:94:9a:be:
06:97:33:41:40:48:87:76:8f:97:b6:3c:73:57:f5:
1e:e9:54:8b:e5:4d:7f:96:80:1c:9c:8b:76:ad:61:
4e:47:95:28:63:da:ba:91:8e:f6:ae:ee:cc:2c:44:
bc:51:4c:92:fb:11:1f:d6:13:a2:d4:7a:bb:ac:6f:
64:a6:44:45:49:cc:32:02:1d:3d:20:69:a5:44:86:
bf:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D9:12:C8:D1:52:88:0F:C2:37:88:E6:0F:92:26:E1:5E:2F:2D:8E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C94413F03AD511F086C17FE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
156.245.188.0/23
156.245.198.0-156.245.203.255
156.245.209.0-156.245.210.255
156.245.242.0/23
156.245.248.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:85:68:f5:66:6f:04:a0:be:1f:4b:7c:e1:f9:1a:d9:a8:69:
16:67:96:65:0f:3a:3b:92:44:77:35:6b:00:d4:2d:2a:24:d2:
35:7a:3b:10:30:d0:a4:29:91:36:21:53:4e:05:00:b2:98:30:
3d:1d:08:05:88:16:5f:7b:0b:c6:90:f4:66:21:57:51:88:7c:
e0:89:2d:14:2a:ab:16:af:5c:5c:40:66:71:e6:73:1f:cb:71:
ae:6d:12:18:36:b8:f4:8b:0b:9b:dc:dd:3e:ab:ca:44:61:d4:
62:95:39:a1:8c:ad:c7:d7:dd:c3:6b:54:bc:80:14:6f:4f:9f:
bb:ef:c7:5a:9c:5a:d6:79:fe:95:80:d4:59:b1:3a:7f:d8:3d:
9b:16:fc:ab:b8:58:53:db:c0:02:4f:6d:e6:47:d3:c5:e3:3d:
87:1a:42:05:33:2f:a0:e1:97:e4:97:58:40:bf:d5:3a:8a:07:
97:1b:e8:26:6e:a2:4b:b3:48:f5:12:ac:ae:f4:91:7f:6d:46:
ad:bc:49:00:d6:07:e2:6e:c9:e4:a5:f3:2b:0f:9f:8b:b0:92:
96:db:06:31:d9:d8:3f:99:11:64:e0:8d:4a:09:d3:e5:02:f1:
0d:52:ee:95:c3:4a:57:20:dc:e9:f2:f7:33:9f:53:fa:ae:3f:
a2:7c:0b:d8
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIDAVexMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MDgzNzA4WhcNMjUwNjMwMDgzNzA4WjAYMRYw
FAYDVQQDEw02ODM1NzliOS1kNzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAybxokJ/4naM1LMKr4RRC8aINto3dWQ5OL/9MWZEO1OmfFgZtxOkcSWBg
AwHZzeCyF5ZBKUTwY5IPuykI83WDnQ0QdT9NjLE1d1V525REU46QQYnkMII8L7NZ
KnXvT55vI5eJSPlfzkEWINdtn2O+8+tVQAEe0MRZ75ppqYfK7gORsKjF5ESClp4e
3cbE8B+MiXfKUysAyhRozgfImuySuZtLxtClB3YEVQm3gWWH64yUmr4GlzNBQEiH
do+XtjxzV/Ue6VSL5U1/loAcnIt2rWFOR5UoY9q6kY72ru7MLES8UUyS+xEf1hOi
1Hq7rG9kpkRFScwyAh09IGmlRIa/jQIDAQABo4IC0DCCAswwHQYDVR0OBBYEFFrZ
EsjRUogPwjeI5g+SJuFeLy2OMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOTQ0MTNGMDNBRDUxMUYwODZDMTdGRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
ME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQDnPWAAwQBnPW8MAwDBAGc9cYD
BAKc9cgwDAMEAJz10QMEAJz10gMEAZz18gMEA5z1+DANBgkqhkiG9w0BAQsFAAOC
AQEAWoVo9WZvBKC+H0t84fka2ahpFmeWZQ86O5JEdzVrANQtKiTSNXo7EDDQpCmR
NiFTTgUAspgwPR0IBYgWX3sLxpD0ZiFXUYh84IktFCqrFq9cXEBmceZzH8txrm0S
GDa49IsLm9zdPqvKRGHUYpU5oYytx9fdw2tUvIAUb0+fu+/HWpxa1nn+lYDUWbE6
f9g9mxb8q7hYU9vAAk9t5kfTxeM9hxpCBTMvoOGX5JdYQL/VOooHlxvoJm6iS7NI
9RKsrvSRf21GrbxJANYH4m7J5KXzKw+fi7CSltsGMdnYP5kRZOCNSgnT5QLxDVLu
lcNKVyDc6fL3M59T+q4/onwL2A==
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:25:24 2025 by rpki-client