Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D45B2D94365411F089911CF4DAE4EC9C.roa
File: D45B2D94365411F089911CF4DAE4EC9C.roa (raw, json)
Hash identifier: 0AFx3G8XJnnxQ+3QhbuhUGgxwMvgktA28ovJmGhBx14=
Subject key identifier: F3:68:5A:8D:29:E3:AC:C8:9D:01:A0:C1:01:FA:28:73:B7:63:32:9B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01566B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D45B2D94365411F089911CF4DAE4EC9C.roa
Signing time: Wed 21 May 2025 15:04:02 +0000
ROA not before: Wed 21 May 2025 15:03:56 +0000
ROA not after: Sat 21 Jun 2025 15:03:56 +0000
asID: 139880
IP address blocks: 156.227.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87659 (0x1566b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 21 15:03:56 2025 GMT
Not After : Jun 21 15:03:56 2025 GMT
Subject: CN=682deb62-82a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:2d:7e:37:cb:f1:a4:da:da:ee:9b:0d:0b:f2:
3b:05:a8:4b:76:fe:f6:aa:5e:eb:60:77:d5:bb:50:
5f:67:97:13:4c:de:e1:95:6d:bc:b2:18:73:fe:b8:
68:83:6b:b1:ba:98:ce:c6:d1:be:81:e5:9d:7a:a7:
69:14:e2:03:37:da:44:36:5a:09:56:a5:db:1c:f0:
61:8d:29:9e:ce:cc:d8:2e:2d:08:16:b4:56:7b:4c:
84:c0:89:40:ac:b7:4e:72:0d:37:ba:b6:92:fa:66:
78:ea:77:43:ad:a4:80:5d:65:c8:cd:b8:43:2d:e3:
e2:b1:8d:d4:e7:62:a2:05:fd:d5:e7:3b:c3:2d:af:
a8:b2:a3:3c:bc:06:13:17:13:81:96:b3:c1:23:f1:
ef:c9:35:43:5d:7b:35:ce:9d:5b:0a:b5:4b:a5:81:
97:09:60:ac:e1:d5:f0:f1:ca:ec:1d:82:63:2e:a3:
d7:c2:c1:00:a5:35:5e:a6:59:56:42:77:25:0d:cc:
84:94:45:ff:08:d2:62:c2:60:7f:6b:c4:51:1a:52:
cf:dd:8f:e5:7d:b6:69:e1:9b:a1:6a:88:85:0f:be:
8c:07:f4:50:3b:8a:84:58:dd:47:e9:4c:48:33:84:
b7:23:35:42:8a:b7:a2:66:78:7f:77:e0:4c:6e:08:
3f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:68:5A:8D:29:E3:AC:C8:9D:01:A0:C1:01:FA:28:73:B7:63:32:9B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D45B2D94365411F089911CF4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4c:ed:69:3a:d9:72:2a:27:51:a3:ab:f8:67:bc:f4:8c:c7:64:
f2:3e:73:99:5c:26:18:33:a4:50:5f:cd:df:23:e9:c0:18:86:
1f:78:d1:f8:dd:07:3d:e5:f2:bd:b1:63:1e:24:2d:f6:75:17:
f4:0d:e7:ab:ad:6e:83:9b:ea:b9:18:38:45:44:2a:80:39:ce:
5e:44:ea:5e:e1:ae:c2:3b:d4:b0:59:bd:a7:68:e0:a2:9e:2f:
39:88:dd:0b:1c:fd:8a:f6:7c:0c:d1:fb:6f:12:60:5f:8d:08:
f4:2b:a8:1a:f1:03:a7:da:f4:5c:fc:f5:be:f9:89:b6:83:28:
fa:ef:f9:a4:d3:f5:69:b1:26:ef:ce:8d:75:30:80:76:cf:d0:
f3:b2:36:95:aa:85:14:06:a8:3c:9e:fc:fd:33:76:6a:34:de:
03:7a:34:d6:52:9c:08:97:59:81:59:51:52:75:8b:3d:49:11:
52:e1:00:b8:33:35:e2:ec:0d:97:74:f5:62:28:5d:e3:a6:01:
98:b5:f2:f9:f6:0d:02:27:b8:48:6a:0d:3d:7e:51:04:ff:10:
f1:2c:cc:24:60:98:37:90:02:cf:d7:56:ab:5a:18:41:eb:78:
a6:83:37:29:d2:59:3d:2f:bf:54:2e:e9:ac:9c:7d:b5:38:a2:
1e:0c:49:9c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVZrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIxMTUwMzU2WhcNMjUwNjIxMTUwMzU2WjAYMRYw
FAYDVQQDEw02ODJkZWI2Mi04MmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9C1+N8vxpNra7psNC/I7BahLdv72ql7rYHfVu1BfZ5cTTN7hlW28shhz
/rhog2uxupjOxtG+geWdeqdpFOIDN9pENloJVqXbHPBhjSmezszYLi0IFrRWe0yE
wIlArLdOcg03uraS+mZ46ndDraSAXWXIzbhDLePisY3U52KiBf3V5zvDLa+osqM8
vAYTFxOBlrPBI/HvyTVDXXs1zp1bCrVLpYGXCWCs4dXw8crsHYJjLqPXwsEApTVe
pllWQnclDcyElEX/CNJiwmB/a8RRGlLP3Y/lfbZp4ZuhaoiFD76MB/RQO4qEWN1H
6UxIM4S3IzVCireiZnh/d+BMbgg/jwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPNo
Wo0p46zInQGgwQH6KHO3YzKbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENDVCMkQ5NDM2NTQxMUYwODk5MTFDRjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnONAMA0GCSqGSIb3DQEBCwUA
A4IBAQBM7Wk62XIqJ1Gjq/hnvPSMx2TyPnOZXCYYM6RQX83fI+nAGIYfeNH43Qc9
5fK9sWMeJC32dRf0DeerrW6Dm+q5GDhFRCqAOc5eROpe4a7CO9SwWb2naOCini85
iN0LHP2K9nwM0ftvEmBfjQj0K6ga8QOn2vRc/PW++Ym2gyj67/mk0/VpsSbvzo11
MIB2z9DzsjaVqoUUBqg8nvz9M3ZqNN4DejTWUpwIl1mBWVFSdYs9SRFS4QC4MzXi
7A2XdPViKF3jpgGYtfL59g0CJ7hIag09flEE/xDxLMwkYJg3kALP11arWhhB63im
gzcp0lk9L79ULumsnH21OKIeDEmc
-----END CERTIFICATE-----
Generated at Thu Jun 5 01:56:41 2025 by rpki-client