Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/353B5706243511F0AC8E1AAFDAE4EC9C.roa
File: 353B5706243511F0AC8E1AAFDAE4EC9C.roa (raw, json)
Hash identifier: 66PwVDZmHyCwSPV09HE8I4scYj/SplXZ+/D6FvFgfYo=
Subject key identifier: 82:C1:2B:EE:5D:55:42:A4:92:70:53:22:BE:D8:E0:5E:EE:94:FC:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014F36
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/353B5706243511F0AC8E1AAFDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:32:20 +0000
ROA not before: Mon 28 Apr 2025 13:32:15 +0000
ROA not after: Sun 01 Jun 2025 13:32:15 +0000
asID: 5650
IP address blocks: 156.225.56.0/21 maxlen: 24
156.225.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85814 (0x14f36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 13:32:15 2025 GMT
Not After : Jun 1 13:32:15 2025 GMT
Subject: CN=680f8364-9334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d8:71:36:0b:a1:c9:61:f7:cb:39:5c:a2:a4:
e5:b6:c9:d7:dd:72:3f:8e:ed:35:5d:db:9e:e8:cf:
e7:ed:10:2e:cf:bc:af:80:7b:e6:ae:4a:a4:80:59:
fc:ac:bb:ca:7a:18:f1:3d:00:f7:e2:0d:c7:a1:72:
17:95:5d:fa:7e:1f:3e:ba:4b:a7:6c:ee:10:80:5f:
31:67:e9:6b:34:ed:dd:8b:8b:6c:64:4a:92:91:05:
05:6d:30:63:1b:93:a6:fe:d6:33:ed:69:d9:97:c9:
21:f3:75:f6:0f:e5:18:28:27:f6:94:d9:6b:3f:13:
da:bf:1b:86:b3:a9:98:b8:01:eb:da:92:85:fa:f8:
05:0f:71:a5:ce:22:18:6b:49:29:03:d0:dd:c0:d2:
f3:bb:e3:b8:44:6f:00:f4:e4:e6:a4:d5:40:37:d2:
67:65:1c:c7:93:58:e7:a4:ee:d5:f1:81:5f:ea:2c:
9e:f6:97:d5:53:f2:08:5f:0a:ea:bd:34:ae:17:5e:
5a:c8:ad:6c:97:8d:8d:1a:6d:9c:93:ac:e9:c3:1f:
f9:dc:73:6d:3f:7b:31:53:3a:2f:54:c2:ab:cc:c8:
a4:2e:6b:cc:a3:82:be:c1:0c:63:38:97:69:14:2f:
e2:5b:11:5c:45:75:c6:4d:6f:44:18:fa:dc:a4:a7:
97:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C1:2B:EE:5D:55:42:A4:92:70:53:22:BE:D8:E0:5E:EE:94:FC:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/353B5706243511F0AC8E1AAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.56.0/21
156.225.184.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:bd:67:83:02:27:93:96:43:c0:79:47:cb:04:84:03:b4:83:
3e:53:63:89:56:db:07:81:57:59:53:5c:52:9e:f1:28:02:f5:
d0:d5:07:b5:b4:6f:2a:af:25:c0:d5:15:af:8c:12:85:cf:64:
e5:b1:4d:4b:27:7a:04:fb:c8:7a:38:68:b4:dc:a7:fa:3d:af:
f8:e3:22:9b:e8:e5:62:a9:d2:44:7a:11:a7:6c:8e:f9:e3:bf:
2b:8e:f2:eb:fb:e6:8a:31:33:35:b8:64:04:2c:b6:54:0d:ed:
27:3f:bd:e4:c7:19:1a:45:03:85:4a:49:fa:ee:d0:61:db:c0:
3e:e9:fd:e3:4c:9d:e3:56:4d:5a:49:b3:d5:42:2a:1e:37:11:
d6:2a:66:cb:52:3c:bf:2c:25:7d:e9:4d:02:92:aa:f8:93:04:
e0:7d:ec:3b:4e:b9:b1:f0:99:c2:08:11:d0:a1:ed:aa:6e:5f:
d8:98:0b:9d:f1:99:16:42:60:14:fd:17:d1:33:ba:58:4d:72:
21:1b:45:5c:ea:3f:34:eb:42:c6:94:53:00:4d:fb:a5:19:bf:
dc:34:d7:51:b0:f0:d0:50:e9:c6:f9:47:44:63:eb:5a:f9:89:
7b:eb:94:b3:e3:32:c5:dc:85:c0:36:7c:67:89:22:ab:c4:23:
e9:99:0a:4c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAU82MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI4MTMzMjE1WhcNMjUwNjAxMTMzMjE1WjAYMRYw
FAYDVQQDEw02ODBmODM2NC05MzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAythxNguhyWH3yzlcoqTltsnX3XI/ju01Xdue6M/n7RAuz7yvgHvmrkqk
gFn8rLvKehjxPQD34g3HoXIXlV36fh8+ukunbO4QgF8xZ+lrNO3di4tsZEqSkQUF
bTBjG5Om/tYz7WnZl8kh83X2D+UYKCf2lNlrPxPavxuGs6mYuAHr2pKF+vgFD3Gl
ziIYa0kpA9DdwNLzu+O4RG8A9OTmpNVAN9JnZRzHk1jnpO7V8YFf6iye9pfVU/II
XwrqvTSuF15ayK1sl42NGm2ck6zpwx/53HNtP3sxUzovVMKrzMikLmvMo4K+wQxj
OJdpFC/iWxFcRXXGTW9EGPrcpKeXVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFILB
K+5dVUKkknBTIr7Y4F7ulPxsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNTNCNTcwNjI0MzUxMUYwQUM4RTFBQUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnOE4AwQDnOG4MA0GCSqGSIb3
DQEBCwUAA4IBAQAvvWeDAieTlkPAeUfLBIQDtIM+U2OJVtsHgVdZU1xSnvEoAvXQ
1Qe1tG8qryXA1RWvjBKFz2TlsU1LJ3oE+8h6OGi03Kf6Pa/44yKb6OViqdJEehGn
bI75478rjvLr++aKMTM1uGQELLZUDe0nP73kxxkaRQOFSkn67tBh28A+6f3jTJ3j
Vk1aSbPVQioeNxHWKmbLUjy/LCV96U0Ckqr4kwTgfew7Trmx8JnCCBHQoe2qbl/Y
mAud8ZkWQmAU/RfRM7pYTXIhG0Vc6j8060LGlFMATfulGb/cNNdRsPDQUOnG+UdE
Y+ta+Yl765Sz4zLF3IXANnxniSKrxCPpmQpM
-----END CERTIFICATE-----
Generated at Mon May 12 21:40:36 2025 by rpki-client