Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DED9362E315B11F0971AE6B7DAE4EC9C.roa
File: DED9362E315B11F0971AE6B7DAE4EC9C.roa (raw, json)
Hash identifier: A4PZfKIF0y2SCHe7XlLIZLB5Dzqc01eJrvJ51VyaElM=
Subject key identifier: 9B:0A:9A:A0:B8:A3:56:4C:1F:E0:34:60:EF:9D:DC:D1:45:B9:5B:68
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015472
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DED9362E315B11F0971AE6B7DAE4EC9C.roa
Signing time: Thu 15 May 2025 07:11:50 +0000
ROA not before: Thu 15 May 2025 07:11:45 +0000
ROA not after: Sat 14 Jun 2025 07:11:45 +0000
asID: 57043
IP address blocks: 156.253.44.0/24 maxlen: 24
156.253.45.0/24 maxlen: 24
156.253.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87154 (0x15472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 15 07:11:45 2025 GMT
Not After : Jun 14 07:11:45 2025 GMT
Subject: CN=682593b6-6116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:cf:a6:2b:46:98:2a:2c:8d:de:91:ed:4f:
a9:af:fd:85:e6:ce:03:0c:31:e9:54:02:28:64:8d:
99:e3:49:52:96:cc:d7:8f:10:a4:55:27:07:6b:79:
a6:f2:d1:9f:23:96:98:a5:24:93:8e:10:14:de:d1:
73:e9:45:dd:c5:81:44:a0:10:49:c8:1f:83:e0:59:
e8:21:4e:b8:81:0e:b0:18:b1:bb:23:d2:98:fa:0f:
6a:3b:13:24:d2:14:a0:92:06:21:ca:17:95:68:de:
bd:a5:f0:aa:ac:74:c7:40:51:54:29:e8:62:06:27:
26:b9:dc:85:58:f6:9d:9c:fa:d9:45:a7:17:ed:45:
4e:c1:50:6c:29:cd:ea:4e:e8:b3:fb:68:5b:f2:af:
22:09:f0:2f:c6:5b:67:55:73:6a:26:7e:7d:c4:cb:
0a:bc:84:b0:6b:3c:9d:00:b7:33:a3:34:fe:9b:44:
3d:38:f8:88:da:2e:94:83:c8:c6:bd:37:25:c2:45:
b3:1d:da:b9:d8:1a:d5:c6:2b:3c:51:36:66:e5:66:
a8:ed:76:59:c5:d9:41:69:1e:14:19:be:20:e9:57:
e0:f1:fd:d3:d3:51:52:84:8a:e8:a5:72:59:8e:99:
c5:46:f8:58:29:dc:61:5b:82:bc:a6:a0:26:a6:d0:
13:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0A:9A:A0:B8:A3:56:4C:1F:E0:34:60:EF:9D:DC:D1:45:B9:5B:68
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DED9362E315B11F0971AE6B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.44.0/23
156.253.47.0/24
Signature Algorithm: sha256WithRSAEncryption
02:41:d7:d7:0a:35:9f:46:9a:ed:d6:b7:62:b5:55:f8:62:c1:
2b:bf:4b:b2:3d:7f:17:4a:5d:a2:46:91:ca:fb:e0:93:da:07:
54:e8:27:8a:c6:37:de:12:1e:8a:45:82:a7:31:ee:cc:75:f2:
0d:6c:e1:ab:3a:60:2b:ad:c5:65:48:10:23:b1:35:c6:d7:9e:
5c:0b:eb:b4:e4:b9:45:d1:8a:4d:d3:b6:34:89:24:d5:c6:2f:
33:08:99:fd:e4:7c:a0:e8:89:32:71:90:a2:f6:30:3c:f1:f3:
a2:f2:8e:1c:62:fb:f2:67:77:3e:90:ed:f7:e5:1f:aa:62:b2:
1f:53:63:b1:3d:20:0f:5d:fb:70:98:29:d6:1c:61:50:34:e5:
c8:49:06:16:90:b7:92:c2:86:ea:0c:ce:08:66:d7:62:83:12:
9c:2b:25:bf:3c:fe:63:08:53:6d:b7:d5:12:62:1d:de:3d:f0:
f8:5e:dd:a8:8d:84:4f:fc:97:9c:20:65:c2:ac:96:2d:ba:a7:
49:16:a8:bd:ca:2b:17:70:d7:fb:b5:a8:45:63:8a:6f:ce:9c:
e7:11:27:37:28:d2:9f:1b:bf:78:0e:55:49:07:e2:d8:4a:8f:
b6:50:86:6e:56:f3:30:bd:92:e1:fe:76:8a:51:78:31:e2:52:
85:e9:04:81
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVRyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE1MDcxMTQ1WhcNMjUwNjE0MDcxMTQ1WjAYMRYw
FAYDVQQDEw02ODI1OTNiNi02MTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqL/PpitGmCosjd6R7U+pr/2F5s4DDDHpVAIoZI2Z40lSlszXjxCkVScH
a3mm8tGfI5aYpSSTjhAU3tFz6UXdxYFEoBBJyB+D4FnoIU64gQ6wGLG7I9KY+g9q
OxMk0hSgkgYhyheVaN69pfCqrHTHQFFUKehiBicmudyFWPadnPrZRacX7UVOwVBs
Kc3qTuiz+2hb8q8iCfAvxltnVXNqJn59xMsKvISwazydALczozT+m0Q9OPiI2i6U
g8jGvTclwkWzHdq52BrVxis8UTZm5Wao7XZZxdlBaR4UGb4g6Vfg8f3T01FShIro
pXJZjpnFRvhYKdxhW4K8pqAmptATiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJsK
mqC4o1ZMH+A0YO+d3NFFuVtoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERUQ5MzYyRTMxNUIxMUYwOTcxQUU2QjdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnP0sAwQAnP0vMA0GCSqGSIb3
DQEBCwUAA4IBAQACQdfXCjWfRprt1rditVX4YsErv0uyPX8XSl2iRpHK++CT2gdU
6CeKxjfeEh6KRYKnMe7MdfINbOGrOmArrcVlSBAjsTXG155cC+u05LlF0YpN07Y0
iSTVxi8zCJn95Hyg6IkycZCi9jA88fOi8o4cYvvyZ3c+kO335R+qYrIfU2OxPSAP
XftwmCnWHGFQNOXISQYWkLeSwobqDM4IZtdigxKcKyW/PP5jCFNtt9USYh3ePfD4
Xt2ojYRP/JecIGXCrJYtuqdJFqi9yisXcNf7tahFY4pvzpznESc3KNKfG794DlVJ
B+LYSo+2UIZuVvMwvZLh/naKUXgx4lKF6QSB
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:30:42 2025 by rpki-client