Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0453AA142CBC11F0AD6F40C4DAE4EC9C.roa
File: 0453AA142CBC11F0AD6F40C4DAE4EC9C.roa (raw, json)
Hash identifier: 8uLfwHBbJbCIcdXCx94YiLF5+XAX7PDkHJ31bIQbYxY=
Subject key identifier: 28:31:F0:8E:BE:33:9E:A1:A5:DE:5E:A0:66:4F:64:D4:DA:93:99:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01530D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0453AA142CBC11F0AD6F40C4DAE4EC9C.roa
Signing time: Fri 09 May 2025 09:57:29 +0000
ROA not before: Fri 09 May 2025 09:57:24 +0000
ROA not after: Sun 08 Jun 2025 09:57:24 +0000
asID: 38193
IP address blocks: 156.238.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86797 (0x1530d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 09:57:24 2025 GMT
Not After : Jun 8 09:57:24 2025 GMT
Subject: CN=681dd189-337c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:95:b1:2c:4e:23:4b:b5:df:27:c4:ac:c6:d7:
ab:89:f5:f2:0f:86:60:7e:45:ec:75:43:da:56:1c:
0d:3f:cc:34:15:21:37:52:c6:d8:c1:20:76:fd:38:
32:28:d0:bd:81:b2:fe:39:63:5b:b7:7b:1d:42:8b:
ff:83:cc:37:e9:6c:40:07:b3:36:9b:49:c0:65:4d:
77:0f:4e:95:3c:2a:c9:a8:eb:74:b4:b0:9a:b6:7d:
15:16:38:05:db:48:f6:a6:3a:e1:0e:ad:31:af:06:
b6:65:df:58:bb:48:78:b2:c9:78:b4:a5:e1:3b:0f:
77:ba:ce:c4:88:f2:4f:07:88:8b:c8:b0:63:71:42:
3e:92:82:9c:1d:af:7a:3a:d5:5c:1d:40:71:c5:1e:
21:31:ab:d6:a4:cf:54:88:a3:7b:4b:87:01:ed:90:
d0:2e:8e:ff:92:db:21:f1:51:e9:0d:c0:06:cc:da:
8e:bd:86:6d:21:02:e3:4f:f0:67:db:af:7d:31:12:
ef:cd:49:32:b6:06:e4:13:89:3a:53:41:f5:ad:35:
53:d0:aa:ad:00:dd:6f:14:06:b4:9b:c0:e4:30:cb:
e4:49:a3:24:f4:94:8f:18:84:97:c6:2a:52:10:24:
c8:15:aa:f7:4e:b3:06:d3:2c:b9:88:e4:5e:c1:35:
bc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:31:F0:8E:BE:33:9E:A1:A5:DE:5E:A0:66:4F:64:D4:DA:93:99:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0453AA142CBC11F0AD6F40C4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.80.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d2:aa:70:2f:ea:ce:62:53:07:40:19:c7:ce:54:32:c2:e9:
b1:2c:5f:1f:d5:6d:f6:26:ca:27:80:da:67:f7:c0:c7:81:b1:
d1:23:a2:c5:80:46:78:a5:ab:fa:9d:6f:fc:cd:95:52:1e:eb:
d0:c0:01:2a:d7:6c:58:c8:38:dd:01:4a:c1:04:26:e4:5f:42:
07:d7:29:30:2b:b3:e5:bd:43:1b:e4:ee:2f:67:ee:13:76:c9:
75:4a:44:f3:36:16:db:19:8f:69:92:15:bd:09:3a:d6:d6:e8:
85:46:68:4d:c3:c7:8f:35:f7:f4:bf:22:2b:93:8a:f2:c4:3a:
c5:7e:29:6a:5a:0d:48:82:be:9f:ef:51:9c:e3:9b:09:ce:3c:
f0:47:d9:df:a5:3d:d5:14:bc:a8:ab:d4:7d:da:61:f0:a3:e0:
96:25:4f:c7:ef:b1:07:d3:cd:de:d5:ec:32:91:c7:78:40:7a:
e6:68:58:51:7d:99:84:58:99:4f:30:20:7d:47:4b:3e:d7:6c:
b7:0e:9b:f6:32:2a:eb:28:f2:08:d4:4d:46:c7:ec:fa:86:bb:
4e:b7:d5:24:90:ad:86:ec:16:61:2b:9c:18:03:e3:11:e3:fe:
40:84:53:53:02:19:fb:dc:45:73:1b:5d:4b:bc:e5:5b:3c:32:
a6:6f:b6:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVMNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA5MDk1NzI0WhcNMjUwNjA4MDk1NzI0WjAYMRYw
FAYDVQQDEw02ODFkZDE4OS0zMzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0JWxLE4jS7XfJ8SsxterifXyD4ZgfkXsdUPaVhwNP8w0FSE3UsbYwSB2
/TgyKNC9gbL+OWNbt3sdQov/g8w36WxAB7M2m0nAZU13D06VPCrJqOt0tLCatn0V
FjgF20j2pjrhDq0xrwa2Zd9Yu0h4ssl4tKXhOw93us7EiPJPB4iLyLBjcUI+koKc
Ha96OtVcHUBxxR4hMavWpM9UiKN7S4cB7ZDQLo7/ktsh8VHpDcAGzNqOvYZtIQLj
T/Bn2699MRLvzUkytgbkE4k6U0H1rTVT0KqtAN1vFAa0m8DkMMvkSaMk9JSPGISX
xipSECTIFar3TrMG0yy5iORewTW8FwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCgx
8I6+M56hpd5eoGZPZNTak5nZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDUzQUExNDJDQkMxMUYwQUQ2RjQwQzREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5QMA0GCSqGSIb3DQEBCwUA
A4IBAQAr0qpwL+rOYlMHQBnHzlQywumxLF8f1W32JsongNpn98DHgbHRI6LFgEZ4
pav6nW/8zZVSHuvQwAEq12xYyDjdAUrBBCbkX0IH1ykwK7PlvUMb5O4vZ+4Tdsl1
SkTzNhbbGY9pkhW9CTrW1uiFRmhNw8ePNff0vyIrk4ryxDrFfilqWg1Igr6f71Gc
45sJzjzwR9nfpT3VFLyoq9R92mHwo+CWJU/H77EH083e1ewykcd4QHrmaFhRfZmE
WJlPMCB9R0s+12y3Dpv2MirrKPII1E1Gx+z6hrtOt9UkkK2G7BZhK5wYA+MR4/5A
hFNTAhn73EVzG11LvOVbPDKmb7Yx
-----END CERTIFICATE-----
Generated at Mon May 12 14:47:13 2025 by rpki-client