Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCAFD39237DA11F095E5777CDAE4EC9C.roa
File: CCAFD39237DA11F095E5777CDAE4EC9C.roa (raw, json)
Hash identifier: Ovy01zNwdLXpmQIXhcy+uY4uEM66JW8Hil5LtLxQia4=
Subject key identifier: A8:14:EF:3A:16:D9:2C:9A:33:70:ED:4D:51:DA:5B:6D:E6:00:E4:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCAFD39237DA11F095E5777CDAE4EC9C.roa
Signing time: Fri 23 May 2025 13:35:33 +0000
ROA not before: Fri 23 May 2025 13:35:28 +0000
ROA not after: Sat 28 Jun 2025 13:35:28 +0000
asID: 59187
IP address blocks: 156.238.97.0/24 maxlen: 24
156.238.98.0/24 maxlen: 24
156.238.99.0/24 maxlen: 24
156.238.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87779 (0x156e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 13:35:28 2025 GMT
Not After : Jun 28 13:35:28 2025 GMT
Subject: CN=683079a5-a3f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1e:7b:62:6a:0f:9b:4e:fb:5d:9c:6c:5d:a7:
de:0d:13:52:0f:00:6a:44:b2:a9:d3:d2:2d:e3:cf:
2b:87:25:52:ec:96:74:30:c2:02:26:a1:6a:07:d5:
76:c6:2f:86:dc:51:63:94:80:d9:e3:0c:53:1b:e7:
cd:8a:ef:4f:08:2f:58:37:67:f0:6e:65:0a:50:a4:
aa:20:23:9e:98:c7:50:63:53:f6:27:c2:09:95:6f:
13:81:cd:79:0d:99:7f:64:a2:d4:98:cc:11:f8:85:
97:77:c9:4f:d9:d1:47:2e:2c:a2:06:57:95:02:87:
61:ae:1d:cc:26:a8:97:ce:e8:84:cb:5a:cd:79:67:
d8:0d:5a:f6:5e:69:a4:7f:10:fb:5d:4d:f1:36:11:
3c:e2:bf:41:e4:c2:4e:a1:2d:28:b8:d4:ed:10:56:
3b:19:4d:c4:4c:9e:7e:a3:91:c0:0e:33:f1:ad:24:
57:62:22:f6:3f:83:97:9d:7a:12:32:95:48:4a:59:
c2:c4:8c:ef:0c:34:92:c9:b5:31:ed:0d:40:02:99:
fd:6d:18:ee:fd:d0:a1:3f:81:16:9a:69:38:79:92:
b2:ca:95:c4:b1:4d:78:29:8c:93:87:48:69:33:74:
11:7c:ac:3d:31:57:9e:85:eb:94:31:c0:b2:45:72:
97:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:14:EF:3A:16:D9:2C:9A:33:70:ED:4D:51:DA:5B:6D:E6:00:E4:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCAFD39237DA11F095E5777CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.97.0-156.238.100.255
Signature Algorithm: sha256WithRSAEncryption
93:c4:8f:a2:76:f5:21:2c:7d:8b:4c:85:d5:59:59:ad:80:ec:
9c:09:82:f2:86:43:22:54:0e:51:3e:86:a8:3b:59:08:b8:d7:
42:31:85:7a:18:ad:96:94:d3:67:ae:f3:da:b7:a7:e5:98:64:
42:09:8c:7b:41:41:5a:49:a3:54:9b:0b:eb:12:a8:59:b0:26:
d7:b3:66:47:10:f5:a2:fc:d5:d0:d2:29:30:07:a9:46:c1:84:
d0:3e:77:1a:16:fb:c9:0d:4f:5f:90:bc:12:f8:6a:f0:cf:08:
0f:e0:2e:82:24:af:33:f0:19:83:8e:80:f0:73:2d:36:7a:4b:
19:87:da:74:f3:22:95:81:46:5b:e3:c4:76:6e:06:b8:54:76:
20:4c:4d:f6:37:39:3f:f2:87:d8:1d:cc:e0:1f:d6:60:03:b8:
fc:e8:a2:94:d0:50:09:35:eb:5c:05:80:0c:0c:31:53:a9:49:
5f:8a:ac:28:54:6e:54:76:de:7f:52:3b:27:b9:bd:f1:f2:dd:
f3:ca:27:15:a4:b5:12:cd:b5:2f:35:6c:c6:8b:5e:c2:6d:9e:
49:77:6a:f2:d2:21:94:11:72:4f:70:f9:84:c8:ba:9e:8c:cb:
f3:b2:85:50:23:03:c9:64:b6:d7:e7:9b:b2:75:64:f0:55:34:
22:09:00:a0
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVbjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMTMzNTI4WhcNMjUwNjI4MTMzNTI4WjAYMRYw
FAYDVQQDEw02ODMwNzlhNS1hM2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1R57YmoPm077XZxsXafeDRNSDwBqRLKp09It488rhyVS7JZ0MMICJqFq
B9V2xi+G3FFjlIDZ4wxTG+fNiu9PCC9YN2fwbmUKUKSqICOemMdQY1P2J8IJlW8T
gc15DZl/ZKLUmMwR+IWXd8lP2dFHLiyiBleVAodhrh3MJqiXzuiEy1rNeWfYDVr2
XmmkfxD7XU3xNhE84r9B5MJOoS0ouNTtEFY7GU3ETJ5+o5HADjPxrSRXYiL2P4OX
nXoSMpVISlnCxIzvDDSSybUx7Q1AApn9bRju/dChP4EWmmk4eZKyypXEsU14KYyT
h0hpM3QRfKw9MVeeheuUMcCyRXKX4wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKgU
7zoW2SyaM3DtTVHaW23mAOS7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQ0FGRDM5MjM3REExMUYwOTVFNTc3N0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc7mEDBACc7mQwDQYJKoZI
hvcNAQELBQADggEBAJPEj6J29SEsfYtMhdVZWa2A7JwJgvKGQyJUDlE+hqg7WQi4
10IxhXoYrZaU02eu89q3p+WYZEIJjHtBQVpJo1SbC+sSqFmwJtezZkcQ9aL81dDS
KTAHqUbBhNA+dxoW+8kNT1+QvBL4avDPCA/gLoIkrzPwGYOOgPBzLTZ6SxmH2nTz
IpWBRlvjxHZuBrhUdiBMTfY3OT/yh9gdzOAf1mADuPzoopTQUAk161wFgAwMMVOp
SV+KrChUblR23n9SOye5vfHy3fPKJxWktRLNtS81bMaLXsJtnkl3avLSIZQRck9w
+YTIup6My/OyhVAjA8lkttfnm7J1ZPBVNCIJAKA=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:20 2025 by rpki-client