Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F449B5482FFC11F097E8F885DAE4EC9C.roa
File: F449B5482FFC11F097E8F885DAE4EC9C.roa (raw, json)
Hash identifier: B4rqc2/USp8Zky2tSp/GTsGFLJOcvCTAbz7hHR5vvkc=
Subject key identifier: 97:F2:F3:E0:58:96:B4:49:AC:0E:E3:F8:50:AA:21:DE:2C:79:6E:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153F6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F449B5482FFC11F097E8F885DAE4EC9C.roa
Signing time: Tue 13 May 2025 13:19:53 +0000
ROA not before: Tue 13 May 2025 13:19:48 +0000
ROA not after: Fri 20 Jun 2025 13:19:48 +0000
asID: 211265
IP address blocks: 156.231.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87030 (0x153f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 13 13:19:48 2025 GMT
Not After : Jun 20 13:19:48 2025 GMT
Subject: CN=682346f9-e79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cb:89:e8:ec:29:46:73:5b:c6:32:21:5b:0b:
00:47:36:99:50:61:1e:ea:0a:9b:03:96:e9:b7:06:
f3:c1:2b:6d:2d:5e:4f:c9:d4:e9:53:39:88:a2:17:
46:cd:3f:57:2a:6b:26:f0:aa:8e:9c:1a:71:50:8d:
ff:2b:df:0e:55:f5:90:1e:78:ec:0d:03:85:da:95:
33:44:55:f4:cc:06:51:e5:d6:ee:0e:a5:1e:3a:8d:
db:4a:c7:12:4a:83:95:71:d7:45:52:90:df:45:93:
23:ac:bd:2f:c0:d8:1d:63:60:f9:1c:67:c4:c9:10:
f7:c6:7f:14:07:37:b8:08:64:74:03:f0:7f:da:a9:
4c:25:26:05:e7:25:81:cb:f6:35:fe:e2:65:5b:ca:
47:90:c7:fc:e0:fc:39:12:18:5f:4d:7f:c2:79:6f:
06:39:7a:18:6e:80:7f:e4:5a:c1:ad:dd:0d:f3:5f:
57:03:d7:25:6b:72:cd:bf:37:37:06:9b:97:52:73:
8d:d1:be:8e:66:77:b6:33:69:50:79:4a:b3:c5:f4:
ed:a2:20:72:9a:e2:c8:c6:40:f0:c5:f8:d9:4a:d9:
01:d9:b6:8d:b1:de:56:b3:f4:1d:66:52:75:8c:35:
cc:33:c0:09:3f:bc:a4:fa:50:08:4e:cb:3b:da:d7:
45:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F2:F3:E0:58:96:B4:49:AC:0E:E3:F8:50:AA:21:DE:2C:79:6E:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F449B5482FFC11F097E8F885DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.163.0/24
Signature Algorithm: sha256WithRSAEncryption
96:f7:20:c5:86:d0:53:69:9c:6a:d1:d0:48:20:fd:a4:68:79:
c7:f8:de:f4:e0:2e:1c:cb:37:bc:98:18:17:03:0a:b2:a1:b1:
52:d7:07:4e:ad:de:02:9f:b7:99:a8:f2:9f:ff:54:3a:48:4b:
cb:1f:a8:78:c6:4e:df:d1:86:63:a5:e2:4c:c4:bc:32:5b:7d:
07:52:4e:bb:9e:fb:9b:85:00:b6:2d:44:9f:b7:fe:57:14:ce:
51:e3:6e:f3:fd:b7:6d:31:da:5a:a5:ea:b2:3c:21:2c:37:f0:
bd:b9:dd:a7:53:70:a2:c9:76:90:68:12:c5:ec:33:ec:72:26:
ce:da:2f:db:e0:bb:57:04:89:18:21:bd:ae:ad:52:c7:64:0e:
71:4e:73:6e:ea:0a:f9:89:7d:97:a0:fd:dd:a2:2d:74:a2:be:
9d:4b:e5:3a:60:18:46:dd:18:4d:39:8a:a7:91:d6:21:9e:d9:
02:d4:fd:7a:10:83:75:47:d1:1e:97:f9:5a:f3:52:53:61:b0:
aa:19:5c:45:1b:94:d2:17:1d:ef:12:84:e6:e2:2d:a8:a6:4a:
bb:7d:1c:67:36:42:14:40:e7:4c:18:ff:99:98:cf:a4:59:41:
d1:74:99:be:4f:b4:85:4b:0d:f3:a6:9e:da:d8:44:f4:ea:22:
2d:95:09:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVP2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEzMTMxOTQ4WhcNMjUwNjIwMTMxOTQ4WjAYMRYw
FAYDVQQDEw02ODIzNDZmOS1lNzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8uJ6OwpRnNbxjIhWwsARzaZUGEe6gqbA5bptwbzwSttLV5PydTpUzmI
ohdGzT9XKmsm8KqOnBpxUI3/K98OVfWQHnjsDQOF2pUzRFX0zAZR5dbuDqUeOo3b
SscSSoOVcddFUpDfRZMjrL0vwNgdY2D5HGfEyRD3xn8UBze4CGR0A/B/2qlMJSYF
5yWBy/Y1/uJlW8pHkMf84Pw5EhhfTX/CeW8GOXoYboB/5FrBrd0N819XA9cla3LN
vzc3BpuXUnON0b6OZne2M2lQeUqzxfTtoiBymuLIxkDwxfjZStkB2baNsd5Ws/Qd
ZlJ1jDXMM8AJP7yk+lAITss72tdFHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJfy
8+BYlrRJrA7j+FCqId4seW74MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNDQ5QjU0ODJGRkMxMUYwOTdFOEY4ODVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOejMA0GCSqGSIb3DQEBCwUA
A4IBAQCW9yDFhtBTaZxq0dBIIP2kaHnH+N704C4cyze8mBgXAwqyobFS1wdOrd4C
n7eZqPKf/1Q6SEvLH6h4xk7f0YZjpeJMxLwyW30HUk67nvubhQC2LUSft/5XFM5R
427z/bdtMdpapeqyPCEsN/C9ud2nU3CiyXaQaBLF7DPscibO2i/b4LtXBIkYIb2u
rVLHZA5xTnNu6gr5iX2XoP3doi10or6dS+U6YBhG3RhNOYqnkdYhntkC1P16EIN1
R9Eel/la81JTYbCqGVxFG5TSFx3vEoTm4i2opkq7fRxnNkIUQOdMGP+ZmM+kWUHR
dJm+T7SFSw3zpp7a2ET06iItlQl+
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:22:03 2025 by rpki-client