Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E49BF5723D5B11F0BA73E3CEDAE4EC9C.roa
File: E49BF5723D5B11F0BA73E3CEDAE4EC9C.roa (raw, json)
Hash identifier: 5c8eDDJLjp9LdulNbdE2Y1oYH/oeYK1MzmVpMHyveps=
Subject key identifier: B9:AF:63:65:C3:40:42:30:3A:52:1E:40:A5:C6:82:4E:33:A7:36:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158E3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E49BF5723D5B11F0BA73E3CEDAE4EC9C.roa
Signing time: Fri 30 May 2025 13:42:14 +0000
ROA not before: Fri 30 May 2025 13:42:09 +0000
ROA not after: Mon 09 Jun 2025 13:42:09 +0000
asID: 137951
IP address blocks: 156.224.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88291 (0x158e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 30 13:42:09 2025 GMT
Not After : Jun 9 13:42:09 2025 GMT
Subject: CN=6839b5b6-c888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9d:39:3f:15:26:aa:69:cf:7b:d6:ca:2d:d7:
66:a2:09:4b:65:4f:ff:a6:a3:8e:a7:6d:a8:5c:3c:
2b:4c:e9:bb:90:3d:9b:e2:8a:ab:01:05:b7:4d:70:
46:d6:d7:a2:d1:0b:db:7e:22:13:23:6f:2b:14:9b:
a4:fc:6e:32:92:de:4d:67:19:dc:06:68:22:21:8c:
61:a1:bb:e3:7c:d9:83:d4:9e:de:19:8f:89:ec:48:
c8:7d:b4:21:4b:18:5b:ff:38:48:1b:9b:29:0f:58:
8f:d6:db:64:ed:86:39:05:23:b1:07:31:46:f1:d7:
ba:e4:dc:f1:b1:01:d8:e6:6f:21:8f:b1:77:23:c0:
e1:21:7f:08:bf:9a:71:df:3a:29:8a:47:38:fb:1b:
31:f6:5a:72:54:0b:07:80:03:ae:ab:a3:a3:3a:d7:
ea:62:2f:52:a7:88:0b:44:3c:91:6d:ee:db:bc:32:
4c:bc:99:3c:0a:c1:ef:08:57:37:69:39:a9:50:ac:
df:d1:a2:59:e5:76:fa:54:ac:d0:94:c5:1b:27:a3:
8d:7c:6d:be:9a:61:d9:b4:62:da:5b:2c:78:6a:a1:
fb:5a:12:b9:ad:33:6d:17:aa:0c:ee:2c:8a:61:dc:
b6:b6:8b:74:8a:2b:c1:38:64:d0:af:fa:1b:e5:6d:
3e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AF:63:65:C3:40:42:30:3A:52:1E:40:A5:C6:82:4E:33:A7:36:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E49BF5723D5B11F0BA73E3CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.32.0/19
Signature Algorithm: sha256WithRSAEncryption
3d:fd:c3:4d:7d:b5:d6:43:c3:fe:09:61:a3:d5:43:e4:8f:d4:
f6:ae:f6:8b:5d:ab:3f:0e:44:13:f6:4f:56:f6:74:f5:b4:3b:
a5:2c:a3:0d:52:36:e6:be:60:78:03:56:20:15:54:7c:cd:ba:
cc:c6:0c:69:7d:23:29:9d:6c:d9:46:4b:41:92:d1:98:8b:39:
92:e6:2f:07:06:a5:80:e2:cb:ee:a5:d6:1b:ce:71:3f:a2:73:
57:9b:da:4b:5b:14:52:bd:ac:6f:6b:45:01:6f:d4:39:74:ef:
40:68:f4:11:9f:33:c6:6c:56:9b:33:e7:80:9a:66:1a:4a:9e:
91:43:dd:f2:69:de:30:e5:5d:58:f4:ba:88:73:67:7f:85:5a:
0f:60:96:86:dd:0e:6e:71:08:8b:90:69:cc:48:88:26:6d:4d:
fa:75:17:02:2b:60:b9:9b:34:c6:2c:9e:27:17:ac:ae:27:31:
72:3a:c2:e1:4f:3b:3f:8b:7a:eb:3c:89:62:a6:35:db:52:f9:
a0:a5:42:3a:52:a5:8a:b3:e3:ca:c2:7b:1c:67:00:a8:7b:ce:
19:5b:10:be:70:04:b4:d4:08:3a:a3:49:ee:a9:9c:34:e3:00:
72:2b:3f:70:f1:17:b9:d0:e1:e1:75:03:18:ff:28:7a:ef:53:
0a:b5:e7:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVjjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMwMTM0MjA5WhcNMjUwNjA5MTM0MjA5WjAYMRYw
FAYDVQQDEw02ODM5YjViNi1jODg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr505PxUmqmnPe9bKLddmoglLZU//pqOOp22oXDwrTOm7kD2b4oqrAQW3
TXBG1tei0QvbfiITI28rFJuk/G4ykt5NZxncBmgiIYxhobvjfNmD1J7eGY+J7EjI
fbQhSxhb/zhIG5spD1iP1ttk7YY5BSOxBzFG8de65NzxsQHY5m8hj7F3I8DhIX8I
v5px3zopikc4+xsx9lpyVAsHgAOuq6OjOtfqYi9Sp4gLRDyRbe7bvDJMvJk8CsHv
CFc3aTmpUKzf0aJZ5Xb6VKzQlMUbJ6ONfG2+mmHZtGLaWyx4aqH7WhK5rTNtF6oM
7iyKYdy2tot0iivBOGTQr/ob5W0+KwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLmv
Y2XDQEIwOlIeQKXGgk4zpzbcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNDlCRjU3MjNENUIxMUYwQkE3M0UzQ0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnOAgMA0GCSqGSIb3DQEBCwUA
A4IBAQA9/cNNfbXWQ8P+CWGj1UPkj9T2rvaLXas/DkQT9k9W9nT1tDulLKMNUjbm
vmB4A1YgFVR8zbrMxgxpfSMpnWzZRktBktGYizmS5i8HBqWA4svupdYbznE/onNX
m9pLWxRSvaxva0UBb9Q5dO9AaPQRnzPGbFabM+eAmmYaSp6RQ93yad4w5V1Y9LqI
c2d/hVoPYJaG3Q5ucQiLkGnMSIgmbU36dRcCK2C5mzTGLJ4nF6yuJzFyOsLhTzs/
i3rrPIlipjXbUvmgpUI6UqWKs+PKwnscZwCoe84ZWxC+cAS01Ag6o0nuqZw04wBy
Kz9w8Re50OHhdQMY/yh671MKtefa
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:29:41 2025 by rpki-client