Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE9013822FF311F08FD1C5C6DAE4EC9C.roa
File: CE9013822FF311F08FD1C5C6DAE4EC9C.roa (raw, json)
Hash identifier: z/a13i1D/phLkKl0tpMgslr14uWyYQMwfJ3zVSLjEjQ=
Subject key identifier: 2B:1E:35:9B:8F:03:53:27:B2:9B:07:95:1E:4D:C0:91:08:08:7C:A5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153EE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE9013822FF311F08FD1C5C6DAE4EC9C.roa
Signing time: Tue 13 May 2025 12:14:24 +0000
ROA not before: Tue 13 May 2025 12:14:19 +0000
ROA not after: Sat 16 Aug 2025 12:14:19 +0000
asID: 140403
IP address blocks: 156.245.9.0/24 maxlen: 24
156.250.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87022 (0x153ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 12:14:19 2025 GMT
Not After : Aug 16 12:14:19 2025 GMT
Subject: CN=682337a0-371a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:8a:11:e4:04:55:16:96:19:6b:40:7a:34:4a:
04:f6:62:b8:fe:8e:52:c9:8c:82:a8:fa:01:ad:9c:
bb:59:d8:e0:e8:2d:0b:86:b8:f8:38:4a:91:a1:3e:
34:d3:8d:5d:47:f3:f5:52:73:ca:71:c1:b3:46:c4:
e6:4e:55:e5:7f:1f:ca:14:ab:82:fd:bd:d8:77:e7:
75:bd:40:c4:dc:5d:a0:07:f5:b4:50:77:1e:10:a2:
a0:55:7a:8d:a7:fe:47:e3:57:94:7e:dd:ed:e0:07:
38:b9:d1:81:ce:48:4a:0b:18:03:9b:46:81:95:aa:
9d:f1:53:25:2e:4e:a4:32:8b:1e:67:79:fa:ff:c4:
02:69:52:86:ce:7f:33:81:0e:76:e7:ca:68:fe:cb:
3d:13:5d:1c:10:9f:1e:5c:02:7e:85:01:d0:22:07:
c9:b9:d6:04:2f:85:d6:06:50:02:fd:33:f7:46:72:
f3:37:65:76:b4:d1:ba:fc:db:1b:d5:97:24:6b:d0:
dc:01:a7:d5:69:24:2d:84:9c:27:ab:78:7a:c0:27:
70:44:8b:73:e0:87:4a:f5:13:bf:1b:ad:c3:e2:45:
2c:c9:b5:10:c8:69:8f:4e:0e:29:df:68:2a:46:cc:
7f:99:fd:ed:9d:23:1f:5e:6f:02:d1:08:29:ca:e3:
db:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1E:35:9B:8F:03:53:27:B2:9B:07:95:1E:4D:C0:91:08:08:7C:A5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE9013822FF311F08FD1C5C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.9.0/24
156.250.3.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:20:99:6a:ae:fe:bd:7a:24:51:f0:44:fc:8a:56:c1:3a:05:
83:55:24:b4:33:91:04:fd:07:ac:c6:46:8d:05:7f:d9:2d:e3:
87:28:32:13:8b:31:63:eb:53:87:50:ae:55:87:1e:d0:ad:c3:
c1:7f:38:ca:5e:b5:a3:5a:37:e6:9a:c0:23:8c:a6:23:b6:94:
9b:bb:9f:a4:90:c1:63:71:e4:92:08:64:bf:e4:d2:9c:e8:63:
9c:e7:51:a0:93:18:5d:3c:6f:42:1d:9a:2b:37:7c:09:8c:5c:
49:cc:7a:e0:03:b6:25:66:48:14:6e:37:97:e0:ec:9e:92:bf:
75:9f:20:ec:8c:bd:cf:a4:15:8c:f5:14:32:de:66:9c:f4:7d:
e3:f4:d5:f4:2d:45:ae:02:74:cc:dd:44:4b:d3:69:f6:6b:e1:
1a:61:f9:5d:45:54:d1:41:80:75:39:bf:07:ca:e2:4e:8d:4d:
32:3a:6c:d6:3b:49:c8:51:66:e4:39:4b:8c:e7:44:32:0a:9d:
dd:2c:da:90:a8:f5:99:16:67:85:d0:90:bd:d6:88:16:cb:19:
cd:db:c9:14:aa:23:22:79:57:5d:f3:84:2a:db:5a:d3:6c:86:
f4:8d:b7:87:59:5b:98:78:36:1f:be:e9:25:6d:e2:74:9a:54:
d1:fc:ea:7d
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVPuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMTIxNDE5WhcNMjUwODE2MTIxNDE5WjAYMRYw
FAYDVQQDEw02ODIzMzdhMC0zNzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8YoR5ARVFpYZa0B6NEoE9mK4/o5SyYyCqPoBrZy7Wdjg6C0Lhrj4OEqR
oT40041dR/P1UnPKccGzRsTmTlXlfx/KFKuC/b3Yd+d1vUDE3F2gB/W0UHceEKKg
VXqNp/5H41eUft3t4Ac4udGBzkhKCxgDm0aBlaqd8VMlLk6kMoseZ3n6/8QCaVKG
zn8zgQ5258po/ss9E10cEJ8eXAJ+hQHQIgfJudYEL4XWBlAC/TP3RnLzN2V2tNG6
/Nsb1Zcka9DcAafVaSQthJwnq3h6wCdwRItz4IdK9RO/G63D4kUsybUQyGmPTg4p
32gqRsx/mf3tnSMfXm8C0QgpyuPbuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCse
NZuPA1MnspsHlR5NwJEICHylMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTkwMTM4MjJGRjMxMUYwOEZEMUM1QzZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnPUJAwQAnPoDMA0GCSqGSIb3
DQEBCwUAA4IBAQANIJlqrv69eiRR8ET8ilbBOgWDVSS0M5EE/QesxkaNBX/ZLeOH
KDITizFj61OHUK5Vhx7QrcPBfzjKXrWjWjfmmsAjjKYjtpSbu5+kkMFjceSSCGS/
5NKc6GOc51GgkxhdPG9CHZorN3wJjFxJzHrgA7YlZkgUbjeX4Oyekr91nyDsjL3P
pBWM9RQy3mac9H3j9NX0LUWuAnTM3URL02n2a+EaYfldRVTRQYB1Ob8HyuJOjU0y
OmzWO0nIUWbkOUuM50QyCp3dLNqQqPWZFmeF0JC91ogWyxnN28kUqiMieVdd84Qq
21rTbIb0jbeHWVuYeDYfvuklbeJ0mlTR/Op9
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:41:00 2025 by rpki-client