Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D95D0E5A370011F084DCE0F3DAE4EC9C.roa
File: D95D0E5A370011F084DCE0F3DAE4EC9C.roa (raw, json)
Hash identifier: +YF9o4jv088UGF+jP1IVz8e1uXwqQsBmReQhDh0F9dA=
Subject key identifier: A8:DF:AD:5E:A2:C4:A4:E0:CE:1E:83:EE:B3:AB:08:45:E2:71:21:7E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01568F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D95D0E5A370011F084DCE0F3DAE4EC9C.roa
Signing time: Thu 22 May 2025 11:35:24 +0000
ROA not before: Thu 22 May 2025 11:35:19 +0000
ROA not after: Mon 22 Jun 2026 11:35:19 +0000
asID: 984
IP address blocks: 156.249.16.0/24 maxlen: 24
156.252.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 06 Jun 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87695 (0x1568f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 22 11:35:19 2025 GMT
Not After : Jun 22 11:35:19 2026 GMT
Subject: CN=682f0bfc-174e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:6c:25:b6:66:3a:b6:0f:08:07:33:b1:f7:
2f:0d:94:92:d0:ad:2b:80:5c:ba:04:36:cc:b5:9e:
74:4f:93:36:f2:e5:9e:aa:95:37:34:31:dc:91:73:
11:23:f8:dd:6f:54:69:b4:e1:97:78:14:16:85:5d:
e8:12:f7:85:4d:b9:b1:47:2b:7c:0f:a9:f7:e8:6c:
ed:e6:2b:f6:39:78:9c:9f:2e:bc:b7:7a:0f:61:c8:
33:0f:a8:12:fd:a7:82:4b:82:60:0c:ea:6f:4e:cd:
0c:d0:63:ad:51:f7:f3:8d:3a:e5:44:7c:2e:db:67:
81:cf:79:0e:95:25:0d:8c:62:72:70:0d:6a:44:e5:
b1:b8:a6:99:f8:7b:b5:37:cf:4a:bf:1e:70:d6:07:
40:72:1e:b5:97:1f:0b:92:c2:a7:b4:b4:dc:2c:ef:
1b:31:40:98:fe:be:54:8c:ff:6b:43:bf:4e:67:ca:
10:ff:53:69:79:5a:61:b7:3a:92:54:03:f5:9f:8a:
4d:03:25:9e:95:48:f3:b0:58:5f:00:e4:58:34:21:
ba:a1:d2:97:f3:ef:be:93:e5:25:fb:e0:38:00:08:
8e:0a:0e:59:9d:10:ed:31:29:0f:d4:4f:57:8b:c2:
2a:84:4f:f2:a6:88:8f:49:d5:d1:3f:72:b7:50:42:
7b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DF:AD:5E:A2:C4:A4:E0:CE:1E:83:EE:B3:AB:08:45:E2:71:21:7E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D95D0E5A370011F084DCE0F3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.16.0/24
156.252.19.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ad:8e:15:5c:d6:5a:03:f2:7b:2b:ef:07:8a:85:d4:0d:4f:
ae:89:95:21:05:ad:56:65:01:cd:ab:85:f1:3f:ec:59:6f:ae:
f3:22:92:15:fd:97:9d:9e:a7:40:64:36:1b:95:43:6f:47:69:
f6:db:9f:af:7a:0a:f5:06:55:e1:3c:eb:76:a5:8b:a4:62:a3:
f6:7f:81:2f:17:53:3a:3a:c0:ad:df:15:e7:71:b8:05:b4:c9:
9e:07:30:5b:16:d2:97:cc:53:b9:8a:f5:8c:2d:55:ce:61:39:
5e:02:0f:69:b4:a1:6c:62:7c:8f:f8:d8:cd:ee:7b:71:ee:14:
a4:43:44:68:4b:69:a7:ea:7a:68:56:a4:0f:71:dc:7e:d1:53:
d9:9a:1c:f4:63:29:85:7c:ec:10:b5:e1:51:55:cc:1e:03:f5:
e2:f1:2b:b9:17:54:93:8e:0c:10:11:8f:8b:84:97:95:85:0b:
41:26:6a:3d:02:21:cc:f2:dc:2a:eb:7b:f8:2a:6b:66:78:ca:
59:22:31:2a:ae:4c:47:82:cf:fc:5e:3d:43:c0:4d:a9:76:08:
45:9e:58:b8:39:62:5a:75:56:38:94:f2:d2:ed:e9:03:e1:73:
4e:a1:b9:ff:ef:a2:7f:d0:d2:16:09:02:6e:8e:75:ab:99:b0:
57:08:0f:63
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVaPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIyMTEzNTE5WhcNMjYwNjIyMTEzNTE5WjAYMRYw
FAYDVQQDEw02ODJmMGJmYy0xNzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw1ZsJbZmOrYPCAczsfcvDZSS0K0rgFy6BDbMtZ50T5M28uWeqpU3NDHc
kXMRI/jdb1RptOGXeBQWhV3oEveFTbmxRyt8D6n36Gzt5iv2OXicny68t3oPYcgz
D6gS/aeCS4JgDOpvTs0M0GOtUffzjTrlRHwu22eBz3kOlSUNjGJycA1qROWxuKaZ
+Hu1N89Kvx5w1gdAch61lx8LksKntLTcLO8bMUCY/r5UjP9rQ79OZ8oQ/1NpeVph
tzqSVAP1n4pNAyWelUjzsFhfAORYNCG6odKX8+++k+Ul++A4AAiOCg5ZnRDtMSkP
1E9Xi8IqhE/ypoiPSdXRP3K3UEJ74QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKjf
rV6ixKTgzh6D7rOrCEXicSF+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTVEMEU1QTM3MDAxMUYwODREQ0UwRjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnPkQAwQAnPwTMA0GCSqGSIb3
DQEBCwUAA4IBAQAsrY4VXNZaA/J7K+8HioXUDU+uiZUhBa1WZQHNq4XxP+xZb67z
IpIV/ZednqdAZDYblUNvR2n225+vegr1BlXhPOt2pYukYqP2f4EvF1M6OsCt3xXn
cbgFtMmeBzBbFtKXzFO5ivWMLVXOYTleAg9ptKFsYnyP+NjN7ntx7hSkQ0RoS2mn
6npoVqQPcdx+0VPZmhz0YymFfOwQteFRVcweA/Xi8Su5F1STjgwQEY+LhJeVhQtB
Jmo9AiHM8twq63v4KmtmeMpZIjEqrkxHgs/8Xj1DwE2pdghFnli4OWJadVY4lPLS
7ekD4XNOobn/76J/0NIWCQJujnWrmbBXCA9j
-----END CERTIFICATE-----
Generated at Thu Jun 5 01:56:41 2025 by rpki-client