Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E36C051437EF11F09C4E8482DAE4EC9C.roa
File: E36C051437EF11F09C4E8482DAE4EC9C.roa (raw, json)
Hash identifier: GuZXYWt3gOzglXjSqaQc2SezKK2tuDxwwJkpcIjmd60=
Subject key identifier: 0A:D9:23:CD:1F:1C:0A:58:AE:69:21:71:E9:8D:1B:67:99:1A:15:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0156FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E36C051437EF11F09C4E8482DAE4EC9C.roa
Signing time: Fri 23 May 2025 16:06:30 +0000
ROA not before: Fri 23 May 2025 16:06:26 +0000
ROA not after: Sat 21 Jun 2025 16:06:26 +0000
asID: 139880
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87803 (0x156fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 16:06:26 2025 GMT
Not After : Jun 21 16:06:26 2025 GMT
Subject: CN=68309d06-8022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:70:7d:a3:48:9b:b1:c2:8e:c7:fc:a3:ce:a5:
13:b4:09:b8:da:6c:d2:88:87:a6:e6:53:5d:83:a3:
98:86:f5:db:c6:d7:ea:b8:3f:3c:14:ec:25:c2:7e:
fa:f9:bc:6d:04:a4:8c:2f:22:5c:2c:ac:e0:27:cb:
2e:93:ec:9f:d0:f7:23:67:49:da:45:e5:8d:28:fb:
a9:04:31:16:f7:e3:8a:0c:7a:fe:8f:17:62:43:d9:
33:47:cb:e6:65:3c:87:cf:87:df:61:57:f2:da:f4:
70:03:40:f2:7c:ed:81:cd:77:1d:cd:03:8c:bc:ea:
e9:e1:5a:e4:31:1a:4d:57:63:17:3b:06:0c:c3:9d:
eb:b3:fc:59:30:a0:01:b8:3e:a8:12:e4:8c:20:1c:
81:37:10:c4:21:2e:e7:90:b0:d3:56:0e:68:89:ab:
35:14:89:6c:f5:55:a5:93:72:d2:55:92:09:cf:09:
12:95:3d:2c:a6:0d:13:7f:61:e1:38:a1:8b:e7:39:
e9:c2:b5:a8:f2:04:a0:43:6c:73:de:82:dc:4e:13:
c3:ed:4a:f2:9a:33:52:d9:15:dd:28:46:de:72:86:
53:4b:76:4a:fd:e6:0f:f9:49:8c:17:3f:ad:0e:30:
45:06:89:98:44:87:97:b7:35:17:1b:90:83:3a:df:
13:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D9:23:CD:1F:1C:0A:58:AE:69:21:71:E9:8D:1B:67:99:1A:15:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E36C051437EF11F09C4E8482DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
89:4c:6d:70:90:d6:16:2d:7d:17:bb:92:4e:d5:fd:2a:a5:fe:
7c:0f:70:16:47:48:a0:90:e7:ca:35:65:7a:2f:c4:05:54:45:
51:9d:ea:89:c9:bb:27:1d:07:95:df:a7:dd:9e:6c:59:de:74:
31:5c:e4:9b:8b:8e:8e:ce:df:cf:5b:ff:39:5c:d6:7a:e7:17:
b7:90:a0:48:67:21:f0:c1:b5:68:3c:94:68:e8:72:fe:14:c9:
5e:9c:f0:63:8d:3c:8c:5d:32:dc:7b:9d:39:76:09:b5:4d:e0:
c0:88:49:d3:c0:41:6e:2f:b1:ea:01:c7:e5:2d:fe:19:89:08:
c8:51:64:6f:71:13:84:dd:1b:6d:68:f8:b5:e0:de:c9:fa:5a:
52:30:42:9b:3f:4d:7b:00:e6:f9:6b:8a:4f:a9:37:a3:f5:5d:
fe:cb:bc:dc:af:99:4d:75:25:7b:a5:02:f0:49:0e:4e:a2:25:
9d:53:58:3b:4b:4f:3c:08:72:95:48:a8:11:b8:0e:64:47:c5:
0e:76:0f:33:b1:a5:68:8d:92:7a:34:10:78:e5:9c:0c:f6:c4:
51:d8:82:b8:19:98:08:23:be:34:b4:1d:21:bc:36:c8:f6:53:
79:3d:4b:cb:68:40:24:d7:81:fe:46:93:04:40:11:ab:b7:55:
04:8f:e0:c8
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVb7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMTYwNjI2WhcNMjUwNjIxMTYwNjI2WjAYMRYw
FAYDVQQDEw02ODMwOWQwNi04MDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr3B9o0ibscKOx/yjzqUTtAm42mzSiIem5lNdg6OYhvXbxtfquD88FOwl
wn76+bxtBKSMLyJcLKzgJ8suk+yf0PcjZ0naReWNKPupBDEW9+OKDHr+jxdiQ9kz
R8vmZTyHz4ffYVfy2vRwA0DyfO2BzXcdzQOMvOrp4VrkMRpNV2MXOwYMw53rs/xZ
MKABuD6oEuSMIByBNxDEIS7nkLDTVg5oias1FIls9VWlk3LSVZIJzwkSlT0spg0T
f2HhOKGL5znpwrWo8gSgQ2xz3oLcThPD7UrymjNS2RXdKEbecoZTS3ZK/eYP+UmM
Fz+tDjBFBomYRIeXtzUXG5CDOt8T6QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFArZ
I80fHApYrmkhcemNG2eZGhXgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMzZDMDUxNDM3RUYxMUYwOUM0RTg0ODJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAIlMbXCQ1hYtfRe7kk7V/Sql/nwPcBZHSKCQ58o1ZXovxAVU
RVGd6onJuycdB5Xfp92ebFnedDFc5JuLjo7O389b/zlc1nrnF7eQoEhnIfDBtWg8
lGjocv4UyV6c8GONPIxdMtx7nTl2CbVN4MCISdPAQW4vseoBx+Ut/hmJCMhRZG9x
E4TdG21o+LXg3sn6WlIwQps/TXsA5vlrik+pN6P1Xf7LvNyvmU11JXulAvBJDk6i
JZ1TWDtLTzwIcpVIqBG4DmRHxQ52DzOxpWiNkno0EHjlnAz2xFHYgrgZmAgjvjS0
HSG8Nsj2U3k9S8toQCTXgf5GkwRAEau3VQSP4Mg=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:38:21 2025 by rpki-client