Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB7725B83BC911F0B10B0F99DAE4EC9C.roa
File: DB7725B83BC911F0B10B0F99DAE4EC9C.roa (raw, json)
Hash identifier: ldAKcmHFzfBEqVI/NKKTbXvEoscp0hqQEqdw1ZSf5vE=
Subject key identifier: 71:36:19:ED:09:73:F6:18:C3:35:8E:3E:FA:F2:FE:E3:C9:19:73:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015881
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB7725B83BC911F0B10B0F99DAE4EC9C.roa
Signing time: Wed 28 May 2025 13:44:21 +0000
ROA not before: Wed 28 May 2025 13:44:16 +0000
ROA not after: Mon 04 Aug 2025 13:44:16 +0000
asID: 211961
IP address blocks: 156.233.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88193 (0x15881)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 13:44:16 2025 GMT
Not After : Aug 4 13:44:16 2025 GMT
Subject: CN=68371335-ad3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:74:45:2a:fe:ba:e6:05:74:d5:cb:79:da:75:
75:03:b0:14:7b:59:b5:0b:d9:5d:d3:bc:9f:d7:c5:
8f:ac:87:5b:88:97:40:7e:77:dd:72:c4:6b:c6:5a:
cf:37:8d:6b:fe:64:7b:3f:7b:ff:24:04:42:08:8c:
1e:aa:ce:52:8d:96:b6:89:93:b1:d1:aa:38:16:2c:
20:c3:21:6a:f2:ca:a6:37:3d:7c:b1:99:63:17:bd:
96:d9:ee:be:45:0e:c7:0f:ce:01:75:c0:e0:c0:b2:
2e:d7:ae:ca:4b:bf:e5:9d:db:09:4e:c4:71:3e:42:
49:e8:8c:95:26:17:1e:b3:18:84:af:f9:59:29:ce:
5c:d6:64:bb:18:a5:10:04:21:e0:60:29:f1:a2:20:
4b:f7:39:dc:37:4d:c1:71:a4:19:ad:b0:12:01:78:
97:ab:d3:05:7a:b6:18:56:ce:6a:c2:92:10:b0:79:
9c:3d:ab:22:46:91:48:7e:72:50:91:06:ac:37:5b:
bd:c6:c1:83:22:6a:83:a8:e1:c4:31:93:e3:d8:9f:
6b:39:8f:97:44:1b:2d:2a:53:ee:ff:db:10:c3:2b:
15:9c:b1:4a:21:67:ca:13:7d:1e:c0:26:db:e8:c6:
dd:4a:5b:c8:1c:a1:8b:03:2e:eb:48:cd:51:03:7e:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:36:19:ED:09:73:F6:18:C3:35:8E:3E:FA:F2:FE:E3:C9:19:73:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB7725B83BC911F0B10B0F99DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.34.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:31:59:9d:74:c7:0e:5a:d9:13:f9:e0:5c:35:99:69:93:77:
0a:e3:a3:68:08:6f:11:2a:61:21:fe:73:99:eb:9d:3d:0c:9d:
f9:6d:ea:06:11:2e:40:ee:17:76:71:2f:58:7d:aa:e9:79:81:
32:3d:75:7f:52:a0:cb:8a:ef:d9:e9:b7:03:1f:94:8f:df:cb:
f4:ce:35:3f:57:ac:48:69:64:00:ba:d1:cc:7e:17:be:a0:55:
ba:3f:6b:80:18:41:69:bd:b3:8c:97:56:07:43:29:92:26:74:
40:02:eb:e7:24:0e:3a:6b:c4:9b:30:09:db:ba:5b:f9:4b:1b:
7b:e5:6a:f8:a8:57:f8:8d:bc:25:b4:85:a9:53:9d:90:bd:98:
eb:d5:7e:b8:a6:19:0f:ac:88:53:b7:1f:a8:ea:87:54:7b:14:
eb:3c:c3:d6:ac:f1:41:a9:7c:4d:2e:d1:54:74:27:14:65:65:
4c:c5:ed:53:24:b6:4e:36:53:05:5b:8d:c9:f4:54:b9:21:ac:
f6:26:13:9a:b4:7f:f1:a2:df:08:d4:f5:bf:8b:50:04:a3:c4:
e7:8e:30:d0:d4:e5:15:07:11:cc:84:c8:e1:7d:92:e0:64:0c:
9a:cd:d3:5d:4e:d9:96:b1:73:9d:46:27:0a:38:b6:b7:88:3e:
bf:01:84:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAViBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTM0NDE2WhcNMjUwODA0MTM0NDE2WjAYMRYw
FAYDVQQDEw02ODM3MTMzNS1hZDNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtHRFKv665gV01ct52nV1A7AUe1m1C9ld07yf18WPrIdbiJdAfnfdcsRr
xlrPN41r/mR7P3v/JARCCIweqs5SjZa2iZOx0ao4FiwgwyFq8sqmNz18sZljF72W
2e6+RQ7HD84BdcDgwLIu167KS7/lndsJTsRxPkJJ6IyVJhcesxiEr/lZKc5c1mS7
GKUQBCHgYCnxoiBL9zncN03BcaQZrbASAXiXq9MFerYYVs5qwpIQsHmcPasiRpFI
fnJQkQasN1u9xsGDImqDqOHEMZPj2J9rOY+XRBstKlPu/9sQwysVnLFKIWfKE30e
wCbb6MbdSlvIHKGLAy7rSM1RA36YDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHE2
Ge0Jc/YYwzWOPvry/uPJGXO6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjc3MjVCODNCQzkxMUYwQjEwQjBGOTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkiMA0GCSqGSIb3DQEBCwUA
A4IBAQCOMVmddMcOWtkT+eBcNZlpk3cK46NoCG8RKmEh/nOZ6509DJ35beoGES5A
7hd2cS9YfarpeYEyPXV/UqDLiu/Z6bcDH5SP38v0zjU/V6xIaWQAutHMfhe+oFW6
P2uAGEFpvbOMl1YHQymSJnRAAuvnJA46a8SbMAnbulv5Sxt75Wr4qFf4jbwltIWp
U52QvZjr1X64phkPrIhTtx+o6odUexTrPMPWrPFBqXxNLtFUdCcUZWVMxe1TJLZO
NlMFW43J9FS5Iaz2JhOatH/xot8I1PW/i1AEo8TnjjDQ1OUVBxHMhMjhfZLgZAya
zdNdTtmWsXOdRicKOLa3iD6/AYQL
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:33:59 2025 by rpki-client