Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10A0768A297911F0BFB9DFF3DAE4EC9C.roa
File: 10A0768A297911F0BFB9DFF3DAE4EC9C.roa (raw, json)
Hash identifier: kVxZmBeRi4LVJADpbygaXk/J4ba0MtaCyEkxuYC9fAw=
Subject key identifier: 7A:48:C4:43:9C:82:6C:6E:C6:C1:92:B0:BA:D6:F4:3E:53:F8:B7:FC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10A0768A297911F0BFB9DFF3DAE4EC9C.roa
Signing time: Mon 05 May 2025 06:20:40 +0000
ROA not before: Mon 05 May 2025 06:20:35 +0000
ROA not after: Wed 11 Jun 2025 06:20:35 +0000
asID: 214143
IP address blocks: 156.231.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86503 (0x151e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 5 06:20:35 2025 GMT
Not After : Jun 11 06:20:35 2025 GMT
Subject: CN=681858b8-2b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:50:76:0b:5c:86:fc:49:b5:86:2e:82:31:d3:
cf:cd:48:de:6a:88:ce:2d:de:49:58:14:c4:a2:6b:
c1:5c:f0:ea:ff:15:7b:2c:0a:67:46:5c:b8:b5:eb:
ef:0f:c9:bf:07:41:fe:30:2a:44:b0:10:77:42:04:
9c:79:9f:7f:3e:9b:1c:fe:64:55:00:2c:1e:45:55:
8e:e8:2b:85:74:06:44:77:d6:be:ed:69:1f:c1:33:
32:53:bc:e4:41:bc:0c:4a:2e:e5:2f:a4:7c:9c:3d:
75:db:ed:75:25:aa:97:05:e4:9a:7d:86:65:fd:5c:
d0:19:62:a8:8d:3f:f4:ce:c9:5c:80:04:a9:7a:aa:
d2:0a:54:53:1a:75:e1:10:b8:37:da:9d:5f:6e:91:
7c:9a:0b:fc:78:f5:94:76:04:20:65:37:13:01:42:
59:f0:bd:ad:be:ba:b7:67:49:50:f5:5b:ea:17:d4:
66:61:e0:23:04:cf:82:34:27:df:c0:bb:8a:52:91:
2b:93:f4:5c:e1:bc:8c:3d:97:82:5c:56:c0:b3:d1:
e1:c9:20:54:6b:88:2d:b8:02:e2:a6:57:fb:1f:99:
ac:7c:9c:9e:b6:03:e0:14:78:0e:90:a6:b4:4d:59:
ab:ac:c9:b1:b5:29:cc:38:e0:1c:90:8d:92:a1:82:
27:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:48:C4:43:9C:82:6C:6E:C6:C1:92:B0:BA:D6:F4:3E:53:F8:B7:FC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/10A0768A297911F0BFB9DFF3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.108.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:66:09:04:22:d3:a4:74:1e:09:de:29:86:72:6b:48:f7:5f:
9c:3c:42:65:90:95:03:62:75:2c:d9:b4:c9:ee:81:6f:53:cf:
73:ca:ea:50:20:9a:f9:fa:8a:a5:84:79:a7:92:0d:64:b5:c4:
a8:b1:1a:b2:9a:f4:94:52:14:db:c5:19:1e:e4:41:99:e8:dd:
63:41:50:ea:2d:bd:53:9c:54:19:24:8e:14:c5:0b:74:da:de:
fb:51:d8:3e:9c:9b:45:ee:6a:4c:29:30:cb:fd:56:cb:42:03:
94:33:34:64:dc:60:4a:99:39:43:c6:4d:d2:8e:ed:53:a0:65:
ca:13:3d:75:3b:be:0b:56:cd:60:9a:e2:47:87:52:b2:c8:80:
e7:74:ef:06:e8:fe:d8:19:7b:67:da:24:96:da:5e:3d:c5:1e:
3e:de:60:c9:29:11:73:32:dc:e2:cb:57:40:26:0d:18:47:34:
6c:69:46:a4:de:76:7d:e3:7c:4d:ec:15:31:6d:17:22:2d:aa:
e7:76:19:06:de:de:13:34:0c:ae:22:19:47:78:f5:ab:86:79:
98:a4:5f:d1:6c:51:fa:ae:23:3d:56:cb:e0:02:b6:d5:14:5b:
c1:e0:02:ea:b1:2a:4f:30:f8:dc:ec:a4:c8:e3:5d:b2:28:4a:
8f:92:b3:8f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVHnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA1MDYyMDM1WhcNMjUwNjExMDYyMDM1WjAYMRYw
FAYDVQQDEw02ODE4NThiOC0yYjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+FB2C1yG/Em1hi6CMdPPzUjeaojOLd5JWBTEomvBXPDq/xV7LApnRly4
tevvD8m/B0H+MCpEsBB3QgSceZ9/Ppsc/mRVACweRVWO6CuFdAZEd9a+7WkfwTMy
U7zkQbwMSi7lL6R8nD112+11JaqXBeSafYZl/VzQGWKojT/0zslcgASpeqrSClRT
GnXhELg32p1fbpF8mgv8ePWUdgQgZTcTAUJZ8L2tvrq3Z0lQ9VvqF9RmYeAjBM+C
NCffwLuKUpErk/Rc4byMPZeCXFbAs9HhySBUa4gtuALiplf7H5msfJyetgPgFHgO
kKa0TVmrrMmxtSnMOOAckI2SoYInqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHpI
xEOcgmxuxsGSsLrW9D5T+Lf8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMEEwNzY4QTI5NzkxMUYwQkZCOURGRjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOdsMA0GCSqGSIb3DQEBCwUA
A4IBAQCfZgkEItOkdB4J3imGcmtI91+cPEJlkJUDYnUs2bTJ7oFvU89zyupQIJr5
+oqlhHmnkg1ktcSosRqymvSUUhTbxRke5EGZ6N1jQVDqLb1TnFQZJI4UxQt02t77
Udg+nJtF7mpMKTDL/VbLQgOUMzRk3GBKmTlDxk3Sju1ToGXKEz11O74LVs1gmuJH
h1KyyIDndO8G6P7YGXtn2iSW2l49xR4+3mDJKRFzMtziy1dAJg0YRzRsaUak3nZ9
43xN7BUxbRciLarndhkG3t4TNAyuIhlHePWrhnmYpF/RbFH6riM9VsvgArbVFFvB
4ALqsSpPMPjc7KTI412yKEqPkrOP
-----END CERTIFICATE-----
Generated at Mon May 12 12:14:51 2025 by rpki-client