Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F671780C2F4211F08F8A73A5DAE4EC9C.roa
File: F671780C2F4211F08F8A73A5DAE4EC9C.roa (raw, json)
Hash identifier: bkws+EPyYm/A4PIXQR4kYxul+SYubqa4vpsTyFJIP1g=
Subject key identifier: 85:00:AE:47:79:EA:34:55:BE:BA:A7:28:6B:EE:6D:6D:E7:F0:22:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153AD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F671780C2F4211F08F8A73A5DAE4EC9C.roa
Signing time: Mon 12 May 2025 15:08:30 +0000
ROA not before: Mon 12 May 2025 15:08:25 +0000
ROA not after: Wed 12 Nov 2025 15:08:25 +0000
asID: 41095
IP address blocks: 156.231.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86957 (0x153ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 15:08:25 2025 GMT
Not After : Nov 12 15:08:25 2025 GMT
Subject: CN=68220eee-eb88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2c:65:72:c9:4e:5e:42:5b:a1:52:11:9f:f9:
e0:d6:2e:56:cb:04:ac:a0:f6:5e:ab:e7:79:b4:8b:
96:34:32:94:6b:a6:a4:57:92:33:c7:47:3c:25:05:
87:51:eb:36:a3:a8:39:58:de:4b:b9:2b:2b:e1:73:
a4:ec:05:8d:5b:ca:b2:31:bd:f5:59:f3:75:3b:c7:
f4:b2:d5:69:07:79:23:9f:0c:51:a4:17:a0:48:6f:
87:ca:ee:b0:5e:8c:44:0f:60:aa:7f:5c:b4:cd:a7:
77:4c:a7:a6:4c:4f:af:3f:3c:b5:8e:2d:ce:49:91:
11:8c:30:2d:d0:11:1e:52:c9:ef:f3:6a:2c:99:db:
0a:40:bd:31:63:eb:f1:63:7f:04:69:0c:c7:f9:e4:
ab:ef:17:d3:95:2f:2f:08:da:59:69:c6:9b:ee:21:
f8:5c:a6:bb:3a:a4:47:a2:f2:11:c2:78:5c:b8:85:
c7:ee:46:75:12:4d:51:aa:a4:b3:c2:79:88:9c:9a:
bd:d4:1e:2f:44:18:31:04:3b:26:d7:52:fb:d9:5a:
0c:03:f0:e2:e3:1c:9f:ba:11:4d:e1:e0:a7:90:96:
cc:11:d0:97:65:c2:58:95:af:ca:97:99:c7:f9:1a:
de:d6:61:22:15:8a:71:b1:84:94:2f:e4:2c:26:e6:
99:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:00:AE:47:79:EA:34:55:BE:BA:A7:28:6B:EE:6D:6D:E7:F0:22:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F671780C2F4211F08F8A73A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.56.0/24
Signature Algorithm: sha256WithRSAEncryption
82:52:bd:83:a2:0f:a7:2d:33:d2:e3:82:ca:7b:00:34:9c:1a:
80:9f:65:12:28:db:70:6d:e0:e5:28:a6:04:bd:8e:37:f6:3d:
c1:54:8e:96:a5:3e:ba:ad:a0:b8:9b:3a:c4:84:d6:33:8f:18:
59:20:cf:a7:31:16:1f:f7:13:64:42:bf:0b:11:6a:4b:1e:94:
7e:07:03:dd:14:e5:73:9f:23:84:4e:9e:3f:b9:f8:ff:4d:4e:
db:d3:c2:af:b4:96:75:be:aa:21:02:d3:9a:72:0e:90:3b:ce:
28:49:53:7f:4c:4a:5e:b9:52:4e:3c:76:d8:bb:e5:c2:e2:23:
9d:76:ed:96:70:50:4d:15:3f:ba:57:15:99:22:ae:64:5e:a9:
28:89:d9:11:53:2f:5f:35:af:cf:d9:d8:7c:e8:f7:fb:ae:d4:
cd:70:07:23:c6:dd:c5:1c:41:89:0a:bf:b8:75:59:79:e7:4a:
e3:b5:0e:ef:b8:cd:71:d3:08:fe:d1:fa:3a:67:8b:53:a2:53:
73:23:83:e7:a7:e0:c2:81:87:5e:e8:2f:1e:07:9e:f4:e2:b5:
9f:36:e7:7f:44:1a:2a:8f:ce:e4:d0:c8:16:e8:4a:b1:96:f3:
27:86:59:98:25:0b:76:c6:58:5e:cc:35:90:51:6e:87:c9:f5:
8e:42:f7:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVOtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTUwODI1WhcNMjUxMTEyMTUwODI1WjAYMRYw
FAYDVQQDEw02ODIyMGVlZS1lYjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5yxlcslOXkJboVIRn/ng1i5WywSsoPZeq+d5tIuWNDKUa6akV5Izx0c8
JQWHUes2o6g5WN5LuSsr4XOk7AWNW8qyMb31WfN1O8f0stVpB3kjnwxRpBegSG+H
yu6wXoxED2Cqf1y0zad3TKemTE+vPzy1ji3OSZERjDAt0BEeUsnv82osmdsKQL0x
Y+vxY38EaQzH+eSr7xfTlS8vCNpZacab7iH4XKa7OqRHovIRwnhcuIXH7kZ1Ek1R
qqSzwnmInJq91B4vRBgxBDsm11L72VoMA/Di4xyfuhFN4eCnkJbMEdCXZcJYla/K
l5nH+Rre1mEiFYpxsYSUL+QsJuaZVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIUA
rkd56jRVvrqnKGvubW3n8CIlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjcxNzgwQzJGNDIxMUYwOEY4QTczQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOc4MA0GCSqGSIb3DQEBCwUA
A4IBAQCCUr2Dog+nLTPS44LKewA0nBqAn2USKNtwbeDlKKYEvY439j3BVI6WpT66
raC4mzrEhNYzjxhZIM+nMRYf9xNkQr8LEWpLHpR+BwPdFOVznyOETp4/ufj/TU7b
08KvtJZ1vqohAtOacg6QO84oSVN/TEpeuVJOPHbYu+XC4iOddu2WcFBNFT+6VxWZ
Iq5kXqkoidkRUy9fNa/P2dh86Pf7rtTNcAcjxt3FHEGJCr+4dVl550rjtQ7vuM1x
0wj+0fo6Z4tTolNzI4Pnp+DCgYde6C8eB5704rWfNud/RBoqj87k0MgW6EqxlvMn
hlmYJQt2xlhezDWQUW6HyfWOQvca
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:49:38 2025 by rpki-client