Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26FD296A24E111F0B132DCB5DAE4EC9C.roa
File: 26FD296A24E111F0B132DCB5DAE4EC9C.roa (raw, json)
Hash identifier: 6KPScGzWzen1cwcLh4HqBwSjQ9X/YGIMiUEzhbnav48=
Subject key identifier: 5C:76:0C:F2:AE:AC:3A:F7:26:3B:B6:8D:2A:C6:77:E1:00:1B:63:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015045
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26FD296A24E111F0B132DCB5DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 10:03:09 +0000
ROA not before: Tue 29 Apr 2025 10:03:05 +0000
ROA not after: Wed 25 Jun 2025 10:03:05 +0000
asID: 138915
IP address blocks: 156.225.117.0/24 maxlen: 24
156.227.193.0/24 maxlen: 24
156.229.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86085 (0x15045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 10:03:05 2025 GMT
Not After : Jun 25 10:03:05 2025 GMT
Subject: CN=6810a3dd-2068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ba:f1:b1:9f:53:81:d5:58:79:91:7f:35:77:
97:70:fe:26:a9:09:e8:f0:31:07:c2:e5:5f:f6:a7:
78:e4:89:ef:80:b3:d1:4a:83:49:1f:22:95:d5:6b:
19:9d:c9:a9:82:13:9f:f9:93:0e:04:a2:26:67:70:
9d:f8:a5:b7:ae:ae:6c:56:b3:36:ea:85:77:12:18:
9e:2a:5b:7d:80:9f:e5:fa:ef:17:a1:0e:0e:2d:95:
1c:86:fd:90:a2:1c:f6:ae:69:7c:1c:e0:95:2e:98:
f6:87:c5:49:53:c9:79:82:25:a6:93:ee:b0:c4:e0:
98:7c:b2:9e:c0:d8:4c:e1:70:7d:9e:a9:0b:0f:ae:
ad:99:04:5c:fb:92:3b:56:05:2e:1c:34:95:44:ba:
fa:ad:82:84:7a:f2:48:7b:39:fc:94:fe:f2:50:fa:
ef:10:6e:a3:97:7b:98:7c:15:33:46:d7:37:85:19:
c8:58:b0:b9:94:79:13:a5:21:b0:b0:8f:07:44:18:
3a:ba:74:60:5e:a5:87:63:5a:23:66:fe:7f:a2:4b:
84:00:ab:86:97:5d:de:12:f1:dc:bf:da:d0:7a:b5:
a8:6b:19:bf:e8:77:3b:35:7b:ec:3d:6f:ef:2c:79:
47:e8:9f:bc:19:65:d5:41:32:2d:9a:e2:79:c2:d2:
24:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:76:0C:F2:AE:AC:3A:F7:26:3B:B6:8D:2A:C6:77:E1:00:1B:63:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/26FD296A24E111F0B132DCB5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.117.0/24
156.227.193.0/24
156.229.51.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:27:0c:55:0a:ec:75:fc:14:21:dc:12:c2:91:1b:12:b6:1d:
82:dd:b2:bf:8b:9e:16:40:28:ae:1d:e4:5d:ab:f5:1b:a7:07:
5c:5a:fa:b7:5b:bf:9d:ec:5a:75:b1:3b:e7:2b:3d:c4:fb:da:
e2:8c:82:e8:54:4e:82:5d:f6:9e:d2:e4:b3:0c:64:c2:c2:9c:
95:8b:ef:13:38:97:da:2d:38:dd:5e:99:ef:1e:19:b9:19:b6:
51:67:92:c8:51:e4:13:37:ad:43:e2:17:a1:6f:28:e8:78:43:
00:c0:96:b6:7b:35:68:4b:8e:ea:1a:24:05:4c:67:c3:11:25:
fc:bd:6a:94:95:98:11:d5:ac:3d:79:58:07:86:09:a6:15:05:
81:e6:54:ac:cd:b0:a2:8b:50:f4:33:dc:00:86:fe:39:8f:11:
01:62:97:b5:ef:03:9a:6d:ce:2c:fc:e8:8a:02:fa:3d:7a:9e:
c0:84:76:65:ae:42:81:de:60:9d:25:15:7e:cd:9b:82:63:d9:
06:1d:32:c3:c5:d3:f1:ac:67:6b:50:1d:45:e1:c1:bc:2a:9f:
8c:85:6d:73:e5:20:ee:c0:df:70:cb:41:1d:36:64:70:2d:d3:
58:0d:42:55:71:0a:81:65:19:f7:2b:67:a5:7e:d9:bf:44:07:
10:f5:2a:79
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVBFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MTAwMzA1WhcNMjUwNjI1MTAwMzA1WjAYMRYw
FAYDVQQDEw02ODEwYTNkZC0yMDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5LrxsZ9TgdVYeZF/NXeXcP4mqQno8DEHwuVf9qd45InvgLPRSoNJHyKV
1WsZncmpghOf+ZMOBKImZ3Cd+KW3rq5sVrM26oV3EhieKlt9gJ/l+u8XoQ4OLZUc
hv2Qohz2rml8HOCVLpj2h8VJU8l5giWmk+6wxOCYfLKewNhM4XB9nqkLD66tmQRc
+5I7VgUuHDSVRLr6rYKEevJIezn8lP7yUPrvEG6jl3uYfBUzRtc3hRnIWLC5lHkT
pSGwsI8HRBg6unRgXqWHY1ojZv5/okuEAKuGl13eEvHcv9rQerWoaxm/6Hc7NXvs
PW/vLHlH6J+8GWXVQTItmuJ5wtIksQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFFx2
DPKurDr3Jju2jSrGd+EAG2NMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNkZEMjk2QTI0RTExMUYwQjEzMkRDQjVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnOF1AwQAnOPBAwQAnOUzMA0G
CSqGSIb3DQEBCwUAA4IBAQBtJwxVCux1/BQh3BLCkRsSth2C3bK/i54WQCiuHeRd
q/UbpwdcWvq3W7+d7Fp1sTvnKz3E+9rijILoVE6CXfae0uSzDGTCwpyVi+8TOJfa
LTjdXpnvHhm5GbZRZ5LIUeQTN61D4hehbyjoeEMAwJa2ezVoS47qGiQFTGfDESX8
vWqUlZgR1aw9eVgHhgmmFQWB5lSszbCii1D0M9wAhv45jxEBYpe17wOabc4s/OiK
Avo9ep7AhHZlrkKB3mCdJRV+zZuCY9kGHTLDxdPxrGdrUB1F4cG8Kp+MhW1z5SDu
wN9wy0EdNmRwLdNYDUJVcQqBZRn3K2elftm/RAcQ9Sp5
-----END CERTIFICATE-----
Generated at Sun May 11 09:08:40 2025 by rpki-client