Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47D069E0298711F0857C92D2DAE4EC9C.roa
File: 47D069E0298711F0857C92D2DAE4EC9C.roa (raw, json)
Hash identifier: IfCBaF3zTrE+eRK/xt7CYtHxzxOumMvAEPdWJPBzFd0=
Subject key identifier: 1E:56:C7:8C:DF:C2:C8:DC:82:60:BE:4D:E6:1A:89:DE:E5:FF:39:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47D069E0298711F0857C92D2DAE4EC9C.roa
Signing time: Mon 05 May 2025 08:02:26 +0000
ROA not before: Mon 05 May 2025 08:02:20 +0000
ROA not after: Wed 11 Jun 2025 08:02:20 +0000
asID: 42689
IP address blocks: 156.241.48.0/21 maxlen: 24
156.241.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86523 (0x151fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 5 08:02:20 2025 GMT
Not After : Jun 11 08:02:20 2025 GMT
Subject: CN=68187091-4c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:a2:c2:52:32:77:cf:be:39:4a:3f:b5:ed:
95:4a:de:ad:7e:d2:ed:11:a4:10:02:c2:64:d6:ee:
d8:42:2b:32:ea:aa:25:d4:43:cb:d0:23:1e:05:db:
10:37:aa:5b:fc:4d:12:30:94:db:aa:5d:fb:39:d4:
e1:c7:97:c9:67:a1:e6:66:2b:c2:55:c5:2b:95:1d:
8b:b1:0e:3d:9c:05:e2:be:30:9b:a8:90:2b:39:e5:
be:aa:74:3d:db:49:5a:6a:ef:4a:97:44:e5:33:60:
7e:c9:7f:db:4f:5e:f0:5f:1f:60:ae:59:cc:32:5a:
ce:9d:04:8c:55:f1:75:2c:89:1a:3a:d5:4b:d9:9b:
07:7c:a1:2d:30:44:c6:ec:0f:13:89:33:8c:21:07:
f1:22:c1:87:42:c4:ef:12:94:36:ba:73:f6:1f:e6:
00:44:22:14:89:c6:f1:a6:12:6b:05:f5:5c:fb:f7:
0b:d4:6a:f2:e4:f6:30:4e:ae:f5:a0:03:92:57:0b:
8f:cf:4a:a4:83:22:72:f0:c0:68:70:a2:7b:ff:6c:
93:3d:c2:d7:3d:76:4a:ba:9b:ca:b8:a2:be:52:87:
34:f9:78:7a:0e:28:fd:75:e5:d1:a5:07:9c:da:6e:
cc:e0:14:d4:6d:8d:d7:d3:dc:83:d7:94:2a:01:15:
46:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:56:C7:8C:DF:C2:C8:DC:82:60:BE:4D:E6:1A:89:DE:E5:FF:39:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/47D069E0298711F0857C92D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.48.0-156.241.59.255
Signature Algorithm: sha256WithRSAEncryption
b0:dc:aa:44:d0:a3:61:26:ae:a0:32:73:d0:ca:fe:2d:a1:35:
45:cb:39:7b:9a:1b:6c:68:cd:66:d7:ea:e6:61:67:a4:44:db:
92:9b:ee:1b:54:b1:d8:3a:52:c9:72:90:a9:63:fe:46:84:d9:
40:fb:e8:1f:a5:6b:9b:3a:6a:16:65:fc:e4:50:ba:25:5a:fc:
fa:bf:92:20:24:cf:5e:38:bc:0c:49:51:f6:eb:12:39:36:70:
2b:52:3f:0e:45:bd:f7:96:b4:89:b5:12:a2:94:e9:a0:79:01:
2c:3f:4f:2e:9c:97:10:68:1e:5b:7b:33:30:8d:46:69:ee:08:
42:23:63:ce:ba:f3:65:ec:37:9f:b8:e6:1d:50:eb:24:a6:3f:
0c:e1:b8:bb:6c:f3:44:cd:65:58:ba:c0:b9:2d:6c:e6:7b:c6:
49:c3:cb:d5:04:c8:4f:99:5f:7d:1d:80:51:fc:41:bf:0e:22:
49:e9:06:37:58:de:08:c3:eb:10:69:f5:b1:65:28:15:15:8d:
d9:10:11:17:39:b5:ef:a8:77:de:9b:b5:e5:45:0f:f5:df:00:
f9:b6:5d:71:0f:9d:68:da:c0:42:8f:87:72:79:42:31:63:7a:
96:18:1d:b3:c4:b0:09:2e:ce:16:b9:d7:e3:a7:30:61:78:86:
ed:e1:3c:f9
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVH7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA1MDgwMjIwWhcNMjUwNjExMDgwMjIwWjAYMRYw
FAYDVQQDEw02ODE4NzA5MS00YzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApcOiwlIyd8++OUo/te2VSt6tftLtEaQQAsJk1u7YQisy6qol1EPL0CMe
BdsQN6pb/E0SMJTbql37OdThx5fJZ6HmZivCVcUrlR2LsQ49nAXivjCbqJArOeW+
qnQ920laau9Kl0TlM2B+yX/bT17wXx9grlnMMlrOnQSMVfF1LIkaOtVL2ZsHfKEt
METG7A8TiTOMIQfxIsGHQsTvEpQ2unP2H+YARCIUicbxphJrBfVc+/cL1Gry5PYw
Tq71oAOSVwuPz0qkgyJy8MBocKJ7/2yTPcLXPXZKupvKuKK+Uoc0+Xh6Dij9deXR
pQec2m7M4BTUbY3X09yD15QqARVGNwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFB5W
x4zfwsjcgmC+TeYaid7l/znxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80N0QwNjlFMDI5ODcxMUYwODU3QzkyRDJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc8TADBAKc8TgwDQYJKoZI
hvcNAQELBQADggEBALDcqkTQo2EmrqAyc9DK/i2hNUXLOXuaG2xozWbX6uZhZ6RE
25Kb7htUsdg6UslykKlj/kaE2UD76B+la5s6ahZl/ORQuiVa/Pq/kiAkz144vAxJ
UfbrEjk2cCtSPw5FvfeWtIm1EqKU6aB5ASw/Ty6clxBoHlt7MzCNRmnuCEIjY866
82XsN5+45h1Q6ySmPwzhuLts80TNZVi6wLktbOZ7xknDy9UEyE+ZX30dgFH8Qb8O
IknpBjdY3gjD6xBp9bFlKBUVjdkQERc5te+od96bteVFD/XfAPm2XXEPnWjawEKP
h3J5QjFjepYYHbPEsAkuzha51+OnMGF4hu3hPPk=
-----END CERTIFICATE-----
Generated at Sat May 10 10:35:06 2025 by rpki-client