Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE45B840382711F0806382E7DAE4EC9C.roa
File: DE45B840382711F0806382E7DAE4EC9C.roa (raw, json)
Hash identifier: gCAtuKlJXf7NzwFsLGDtXB7EmJBe1/QkkAVIlHkrZ2g=
Subject key identifier: 32:55:C9:ED:DD:E1:A3:5E:E0:2B:F8:18:CE:B8:AC:C8:F0:AD:60:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015739
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE45B840382711F0806382E7DAE4EC9C.roa
Signing time: Fri 23 May 2025 22:47:15 +0000
ROA not before: Fri 23 May 2025 22:47:08 +0000
ROA not after: Wed 17 Jun 2026 22:47:08 +0000
asID: 400619
IP address blocks: 156.241.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87865 (0x15739)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 22:47:08 2025 GMT
Not After : Jun 17 22:47:08 2026 GMT
Subject: CN=6830faf2-77f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bf:3d:41:7a:3e:02:65:7b:8b:e7:bf:90:ec:
e0:fd:94:0b:f8:5b:03:b1:5c:e7:c7:c8:d0:d5:42:
bf:23:cb:b2:b2:93:c6:1a:78:9f:62:ea:e1:8c:69:
c4:51:9e:c3:4d:fc:d0:74:d2:24:a5:af:97:2e:25:
b5:f0:52:44:fa:5c:0a:f6:86:d0:96:de:51:f6:ab:
0b:10:96:a2:4f:d9:9c:94:a1:a5:3e:eb:35:91:8d:
94:12:8b:c1:9c:30:2f:b7:1f:48:16:54:c3:64:51:
ab:59:b6:39:5e:2b:60:70:1b:3a:2b:84:ba:88:24:
08:96:57:c8:f1:a3:3f:82:f6:1c:2e:20:d1:c2:74:
b6:52:a0:c1:95:54:f9:0d:17:31:31:43:ba:87:3c:
fe:3a:00:da:f5:e2:99:f1:d9:84:85:fd:3a:a5:0e:
1f:d0:66:c1:89:47:6f:06:00:60:55:2f:cc:cd:c4:
fa:4d:5a:2d:2a:22:a3:f3:f7:f7:53:cb:a0:7f:84:
5c:12:f1:9e:99:4c:0d:e7:b8:6a:11:07:52:c1:51:
a8:f4:4c:6f:4b:bc:0d:5b:24:5d:56:b5:a3:79:1c:
d3:aa:1c:bb:12:ac:c6:82:b9:94:77:93:f7:46:bb:
05:50:49:af:50:de:44:de:55:2f:56:63:5b:06:f5:
62:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:55:C9:ED:DD:E1:A3:5E:E0:2B:F8:18:CE:B8:AC:C8:F0:AD:60:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DE45B840382711F0806382E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5c:bc:1a:00:cd:cb:eb:3d:eb:85:bc:c1:62:9b:50:01:5f:2d:
76:1b:99:2e:40:d9:a7:6c:20:7d:f1:e2:bb:4d:cc:56:66:5e:
2c:69:a6:3b:b3:dc:93:8e:96:00:29:a3:85:3b:63:3b:80:e2:
c8:9c:52:ce:65:02:7c:46:d8:14:25:82:77:fc:0e:2a:6b:30:
19:93:0e:c6:0b:d1:9f:5d:73:b1:e5:9d:19:1e:65:97:ce:54:
9f:d6:53:76:94:17:44:8d:c8:94:0e:54:53:6c:96:09:b0:47:
e3:f4:70:3f:e5:2d:0e:9e:2a:56:e0:d5:a7:71:ea:74:4a:fd:
44:ca:f2:ef:b6:af:18:13:f4:df:73:2e:0c:76:e4:cd:e9:b1:
de:58:be:99:ed:11:45:33:e1:09:ea:d8:e1:4e:b0:9d:5b:4c:
65:20:fb:ca:26:f7:76:8b:a5:c1:8d:fd:00:29:d9:94:62:d4:
12:45:49:42:fa:f9:66:e9:b2:04:f8:de:52:00:e3:cc:1c:2b:
5f:e4:2f:2d:2c:9f:91:fc:82:a3:c7:f2:e5:24:22:a3:84:04:
a8:66:78:03:47:b7:7c:af:c6:b8:e8:47:31:25:ea:00:be:79:
b7:53:47:2f:58:44:d3:83:96:46:7c:0a:ba:b0:17:72:95:53:
86:ee:59:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVc5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMjI0NzA4WhcNMjYwNjE3MjI0NzA4WjAYMRYw
FAYDVQQDEw02ODMwZmFmMi03N2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmb89QXo+AmV7i+e/kOzg/ZQL+FsDsVznx8jQ1UK/I8uyspPGGnifYurh
jGnEUZ7DTfzQdNIkpa+XLiW18FJE+lwK9obQlt5R9qsLEJaiT9mclKGlPus1kY2U
EovBnDAvtx9IFlTDZFGrWbY5XitgcBs6K4S6iCQIllfI8aM/gvYcLiDRwnS2UqDB
lVT5DRcxMUO6hzz+OgDa9eKZ8dmEhf06pQ4f0GbBiUdvBgBgVS/MzcT6TVotKiKj
8/f3U8ugf4RcEvGemUwN57hqEQdSwVGo9ExvS7wNWyRdVrWjeRzTqhy7EqzGgrmU
d5P3RrsFUEmvUN5E3lUvVmNbBvVi4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDJV
ye3d4aNe4Cv4GM64rMjwrWC8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERTQ1Qjg0MDM4MjcxMUYwODA2MzgyRTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPGAMA0GCSqGSIb3DQEBCwUA
A4IBAQBcvBoAzcvrPeuFvMFim1ABXy12G5kuQNmnbCB98eK7TcxWZl4saaY7s9yT
jpYAKaOFO2M7gOLInFLOZQJ8RtgUJYJ3/A4qazAZkw7GC9GfXXOx5Z0ZHmWXzlSf
1lN2lBdEjciUDlRTbJYJsEfj9HA/5S0OnipW4NWncep0Sv1EyvLvtq8YE/Tfcy4M
duTN6bHeWL6Z7RFFM+EJ6tjhTrCdW0xlIPvKJvd2i6XBjf0AKdmUYtQSRUlC+vlm
6bIE+N5SAOPMHCtf5C8tLJ+R/IKjx/LlJCKjhASoZngDR7d8r8a46EcxJeoAvnm3
U0cvWETTg5ZGfAq6sBdylVOG7lk+
-----END CERTIFICATE-----
Generated at Tue Jun 3 09:04:50 2025 by rpki-client