Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/522368AC244111F0B25A5E7FDAE4EC9C.roa
File: 522368AC244111F0B25A5E7FDAE4EC9C.roa (raw, json)
Hash identifier: vLJDw6r0zXOrFXaF2VG503b8m6FJ4VZQT72nAhrM8gU=
Subject key identifier: C5:B3:35:F6:9F:39:F7:46:04:59:C2:B3:03:51:4C:9E:47:2E:8F:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014F87
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/522368AC244111F0B25A5E7FDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 14:59:02 +0000
ROA not before: Mon 28 Apr 2025 14:58:58 +0000
ROA not after: Mon 27 Mar 2028 14:58:58 +0000
asID: 17561
IP address blocks: 156.255.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85895 (0x14f87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 14:58:58 2025 GMT
Not After : Mar 27 14:58:58 2028 GMT
Subject: CN=680f97b6-bd04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:49:0c:59:15:78:d6:ad:5c:08:49:09:5a:11:
2e:d5:19:28:4e:44:77:da:eb:3a:da:30:77:a1:27:
f4:89:c1:c1:be:90:39:bd:ce:33:67:77:e8:4f:3b:
b5:a9:d1:8d:b2:0e:fe:b0:42:22:d8:02:69:4d:46:
f0:01:4c:49:17:f1:35:89:88:d1:ce:99:33:81:6a:
fe:50:0e:af:9d:18:37:b4:c3:f6:91:2a:01:2a:cb:
60:12:cf:cf:e0:0d:71:8b:c1:3b:cf:8a:37:5f:4e:
c8:22:19:c7:7f:de:ef:10:1b:65:ee:a4:ce:d9:33:
24:7c:0d:c4:a4:18:a6:7e:a7:c3:58:d3:f1:b5:dc:
06:f8:38:94:29:02:d1:4b:bf:29:6c:80:dc:c3:21:
0e:b0:52:1b:45:d4:5f:6f:56:c0:7c:4c:52:92:4e:
cb:4e:31:e6:6a:80:11:a5:45:99:2a:3d:21:62:df:
38:3b:e7:83:9a:15:8a:b5:48:5f:b1:67:cf:17:da:
83:00:b6:1c:a2:6e:b5:bc:fc:a1:cc:10:3f:39:6e:
40:42:a9:75:25:e9:b9:d6:b6:b8:94:13:29:11:ff:
81:f1:6e:a0:7e:39:81:1b:31:49:4c:59:40:be:88:
c9:57:63:4c:d3:31:f2:25:d9:7a:e7:49:8e:90:b7:
dc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B3:35:F6:9F:39:F7:46:04:59:C2:B3:03:51:4C:9E:47:2E:8F:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/522368AC244111F0B25A5E7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.67.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:31:f5:f0:c6:9d:80:15:94:0a:6e:b1:19:a4:47:28:0a:5e:
49:fb:e3:a7:c4:4c:4f:ce:4d:23:b6:97:66:b1:50:40:9d:42:
6d:02:bf:9a:8f:a0:bd:d3:9c:7a:d1:5c:58:39:10:1d:dc:69:
0c:44:2f:66:d5:e6:3d:70:73:b7:21:aa:9e:7a:07:c9:c5:37:
f8:d2:0d:18:80:30:53:3d:42:10:26:a0:59:96:49:a6:3c:06:
55:37:22:0f:f9:3d:8c:a5:12:f9:0d:9b:2e:26:65:99:f9:22:
6c:ae:90:e3:75:38:c9:f5:1c:e3:27:74:86:20:3f:35:64:21:
b5:6d:49:8e:43:ed:82:5b:2c:f2:d4:13:2a:14:6b:08:ee:1e:
69:8f:e7:7c:c6:ee:74:5e:d7:d3:8b:37:c0:43:48:fc:f6:97:
b6:e8:19:a2:03:47:c2:64:78:14:33:45:77:2c:c3:cc:3c:1e:
84:20:ae:10:8c:7c:a3:d9:e4:ba:20:b3:78:b5:dd:b7:c1:d3:
c9:10:24:44:22:11:3a:36:9e:09:70:bb:97:d6:75:d5:ab:34:
ef:7b:7d:f5:0a:15:00:e2:99:19:ab:ff:f5:07:89:16:c0:9a:
fd:4f:e4:10:fa:03:3d:a7:0f:e1:cf:4e:7a:6f:be:f4:02:59:
67:ed:b5:26
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU+HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI4MTQ1ODU4WhcNMjgwMzI3MTQ1ODU4WjAYMRYw
FAYDVQQDEw02ODBmOTdiNi1iZDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5kkMWRV41q1cCEkJWhEu1RkoTkR32us62jB3oSf0icHBvpA5vc4zZ3fo
Tzu1qdGNsg7+sEIi2AJpTUbwAUxJF/E1iYjRzpkzgWr+UA6vnRg3tMP2kSoBKstg
Es/P4A1xi8E7z4o3X07IIhnHf97vEBtl7qTO2TMkfA3EpBimfqfDWNPxtdwG+DiU
KQLRS78pbIDcwyEOsFIbRdRfb1bAfExSkk7LTjHmaoARpUWZKj0hYt84O+eDmhWK
tUhfsWfPF9qDALYcom61vPyhzBA/OW5AQql1Jem51ra4lBMpEf+B8W6gfjmBGzFJ
TFlAvojJV2NM0zHyJdl650mOkLfcIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMWz
NfafOfdGBFnCswNRTJ5HLo/WMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MjIzNjhBQzI0NDExMUYwQjI1QTVFN0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9DMA0GCSqGSIb3DQEBCwUA
A4IBAQCjMfXwxp2AFZQKbrEZpEcoCl5J++OnxExPzk0jtpdmsVBAnUJtAr+aj6C9
05x60VxYORAd3GkMRC9m1eY9cHO3IaqeegfJxTf40g0YgDBTPUIQJqBZlkmmPAZV
NyIP+T2MpRL5DZsuJmWZ+SJsrpDjdTjJ9RzjJ3SGID81ZCG1bUmOQ+2CWyzy1BMq
FGsI7h5pj+d8xu50XtfTizfAQ0j89pe26BmiA0fCZHgUM0V3LMPMPB6EIK4QjHyj
2eS6ILN4td23wdPJECREIhE6Np4JcLuX1nXVqzTve331ChUA4pkZq//1B4kWwJr9
T+QQ+gM9pw/hz056b770Alln7bUm
-----END CERTIFICATE-----
Generated at Sat May 10 22:30:21 2025 by rpki-client