Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1CA19AE2FD211F0A57D7EEEDAE4EC9C.roa
File: F1CA19AE2FD211F0A57D7EEEDAE4EC9C.roa (raw, json)
Hash identifier: WWRuZHXdyUsHrG6tIpNiijL6pJn1UsazixQ13KrUNOw=
Subject key identifier: EC:B1:6A:F2:04:0D:88:E9:E8:21:47:3F:8D:C6:B6:3F:01:5F:BE:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1CA19AE2FD211F0A57D7EEEDAE4EC9C.roa
Signing time: Tue 13 May 2025 08:19:10 +0000
ROA not before: Tue 13 May 2025 08:19:05 +0000
ROA not after: Wed 13 May 2026 08:19:05 +0000
asID: 41095
IP address blocks: 156.227.7.0/24 maxlen: 24
156.227.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86996 (0x153d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 08:19:05 2025 GMT
Not After : May 13 08:19:05 2026 GMT
Subject: CN=6823007e-4ce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e3:30:c1:cb:ce:f9:e2:a2:d7:17:48:14:f6:
0a:c9:6e:1a:dd:b4:f7:1a:f6:6e:ee:5f:69:bd:63:
ac:c2:6e:b8:eb:9e:fe:9b:99:ba:f8:01:84:6a:7b:
e6:a3:7b:63:ee:a6:9b:b7:fe:09:7c:a1:38:58:e9:
44:66:01:f5:1d:15:20:c6:01:e4:25:20:21:c4:f5:
88:ab:b3:e6:95:d7:99:29:9f:90:59:e7:57:ae:bd:
79:8f:e4:8c:9a:7e:92:aa:79:52:a0:c4:af:71:c4:
d0:2a:78:11:34:89:a9:59:1e:63:e4:e1:f5:e0:d2:
ce:f5:89:cc:49:b0:5e:97:bc:11:5d:df:17:77:a1:
72:6b:cf:16:1b:15:03:57:26:61:29:9f:20:39:9a:
c1:ec:97:9b:10:15:51:2c:09:08:af:0c:b6:32:1c:
1b:ad:97:04:fd:6a:df:de:83:e8:6d:df:0e:ea:fb:
ec:84:b1:69:8b:4e:3b:c9:81:8d:4b:8c:76:c1:5c:
c9:52:57:0e:02:fe:30:11:d2:87:17:b6:4d:eb:64:
30:d4:97:ad:3f:75:96:88:d8:e7:b0:db:c2:6f:2f:
ab:c5:de:d3:12:42:8e:30:ab:08:de:c4:39:01:f1:
4c:68:f6:14:36:cb:72:1d:a2:3d:0d:8d:94:8a:41:
dd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B1:6A:F2:04:0D:88:E9:E8:21:47:3F:8D:C6:B6:3F:01:5F:BE:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F1CA19AE2FD211F0A57D7EEEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.7.0/24
156.227.144.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:4e:8e:6e:52:4e:6c:84:f3:aa:8d:47:64:6d:b0:55:65:64:
85:b0:3d:bf:8f:6a:ea:35:f8:87:e2:e4:ad:26:38:4e:c5:a7:
f8:6c:a5:ac:32:37:15:5c:5b:a1:e7:fc:98:4c:18:85:31:01:
d5:a6:07:5c:e7:85:77:5c:6f:29:1e:23:8a:8f:cd:60:65:f5:
a8:d7:45:74:8b:03:e6:7d:0a:3d:66:f9:cc:4c:9e:e4:07:37:
9f:54:f3:0b:15:c6:e7:fd:e3:93:d6:ca:cf:da:15:fa:56:8e:
ff:ee:dc:91:95:b8:5e:5c:a4:f8:21:c1:a0:92:63:a4:db:d6:
2f:e7:b4:d3:df:f9:39:02:b1:81:c8:b6:2f:1d:1b:a6:fd:18:
b6:c6:75:d6:55:11:68:77:39:c2:cf:de:17:05:5e:96:0c:d9:
2d:88:48:5f:fd:92:b3:cb:a0:0d:5e:f9:6f:8a:e9:53:72:3b:
2e:95:4c:f3:31:b8:36:8a:43:13:05:f9:95:09:3f:17:05:36:
f2:25:7f:46:fc:03:1e:18:99:88:9d:2b:0e:e7:1c:b0:72:aa:
64:23:79:eb:b4:7c:dc:43:4d:51:75:9d:93:89:87:fe:fd:4a:
f4:bc:50:9f:41:56:19:c1:02:48:33:10:1b:9a:7b:e2:e4:e9:
21:8c:bc:d7
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVPUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMDgxOTA1WhcNMjYwNTEzMDgxOTA1WjAYMRYw
FAYDVQQDEw02ODIzMDA3ZS00Y2U4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs+MwwcvO+eKi1xdIFPYKyW4a3bT3GvZu7l9pvWOswm64657+m5m6+AGE
anvmo3tj7qabt/4JfKE4WOlEZgH1HRUgxgHkJSAhxPWIq7PmldeZKZ+QWedXrr15
j+SMmn6SqnlSoMSvccTQKngRNImpWR5j5OH14NLO9YnMSbBel7wRXd8Xd6Fya88W
GxUDVyZhKZ8gOZrB7JebEBVRLAkIrwy2MhwbrZcE/Wrf3oPobd8O6vvshLFpi047
yYGNS4x2wVzJUlcOAv4wEdKHF7ZN62Qw1JetP3WWiNjnsNvCby+rxd7TEkKOMKsI
3sQ5AfFMaPYUNstyHaI9DY2UikHdmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOyx
avIEDYjp6CFHP43Gtj8BX77fMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMUNBMTlBRTJGRDIxMUYwQTU3RDdFRUVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOMHAwQAnOOQMA0GCSqGSIb3
DQEBCwUAA4IBAQAvTo5uUk5shPOqjUdkbbBVZWSFsD2/j2rqNfiH4uStJjhOxaf4
bKWsMjcVXFuh5/yYTBiFMQHVpgdc54V3XG8pHiOKj81gZfWo10V0iwPmfQo9ZvnM
TJ7kBzefVPMLFcbn/eOT1srP2hX6Vo7/7tyRlbheXKT4IcGgkmOk29Yv57TT3/k5
ArGByLYvHRum/Ri2xnXWVRFodznCz94XBV6WDNktiEhf/ZKzy6ANXvlviulTcjsu
lUzzMbg2ikMTBfmVCT8XBTbyJX9G/AMeGJmInSsO5xywcqpkI3nrtHzcQ01RdZ2T
iYf+/Ur0vFCfQVYZwQJIMxAbmnvi5OkhjLzX
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:28:18 2025 by rpki-client