Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7240483627F611F0A58613D9DAE4EC9C.roa
File: 7240483627F611F0A58613D9DAE4EC9C.roa (raw, json)
Hash identifier: m+G6AvTCvwIg252Xzl1fpGDbQxSmsW3LJzishHkU23A=
Subject key identifier: 88:48:6C:11:E9:73:A3:74:3E:1D:E7:DE:05:9D:C8:3B:A6:F3:08:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151A0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7240483627F611F0A58613D9DAE4EC9C.roa
Signing time: Sat 03 May 2025 08:13:08 +0000
ROA not before: Sat 03 May 2025 08:13:04 +0000
ROA not after: Wed 11 Jun 2025 08:13:04 +0000
asID: 29802
IP address blocks: 156.238.117.0/24 maxlen: 24
156.239.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86432 (0x151a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 3 08:13:04 2025 GMT
Not After : Jun 11 08:13:04 2025 GMT
Subject: CN=6815d014-e6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:c9:67:4e:27:99:29:be:96:c7:41:b3:5b:
1d:c9:bb:65:d5:61:84:c1:94:fa:05:b5:f4:19:8a:
da:7d:c9:89:a4:82:a2:5b:f4:1c:34:9d:57:dd:cd:
cf:2c:a2:5a:e3:14:47:39:1a:06:07:75:5f:2a:d3:
c1:cb:7f:6a:82:6a:23:f9:73:83:8b:2b:0b:75:d0:
a4:c5:4b:17:41:49:b3:d8:6e:6a:72:59:0c:63:78:
51:db:f3:79:3e:87:c4:00:8a:ad:d0:21:73:03:36:
3e:78:d5:d4:79:87:7f:da:78:eb:0f:09:0c:a8:f3:
87:2b:43:b8:cc:97:6c:40:1c:02:09:cd:e9:24:00:
4c:e7:c7:45:11:87:4c:46:33:54:66:6c:09:86:ea:
bb:19:47:a3:82:ae:f0:6c:39:a2:85:f6:75:88:6e:
70:77:c9:e2:0e:b2:6e:74:c6:ee:b6:58:e9:62:8b:
f2:c9:a3:41:3e:7e:10:d8:9e:f4:c7:48:59:56:2a:
d3:3b:4b:52:4d:14:9e:36:8f:d9:2a:9f:83:97:88:
d9:ab:7e:a4:f2:65:d9:50:aa:f5:94:00:3f:ed:31:
53:17:8d:8e:ef:d2:94:7e:bb:05:79:39:17:51:76:
e2:ad:bf:7a:b6:cf:68:77:78:4c:66:74:0c:a3:97:
ab:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:48:6C:11:E9:73:A3:74:3E:1D:E7:DE:05:9D:C8:3B:A6:F3:08:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7240483627F611F0A58613D9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.117.0/24
156.239.54.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e6:0e:57:e5:3c:1e:f5:ad:17:cc:23:62:a0:85:be:a7:53:
28:3d:32:60:6d:fd:f8:2b:45:90:8e:41:a7:24:8d:d1:f4:01:
3b:45:a8:03:8a:15:33:47:ea:dc:75:3e:7a:35:37:df:62:20:
31:f3:12:ed:ab:44:41:a3:8d:07:d1:09:00:f1:f3:66:65:0b:
4b:43:0a:d0:28:11:ad:fb:e7:09:23:e7:3b:4b:0d:74:f2:95:
52:52:8b:c9:4d:42:c8:46:11:50:b7:1c:a8:07:b1:1c:f8:79:
22:81:62:f2:b3:59:25:c6:f5:c6:d1:7c:97:33:4a:b2:e8:52:
c8:e6:89:3a:4f:29:ef:3b:04:53:5c:50:72:ef:a0:76:f2:56:
0f:d7:85:5c:e8:ab:f5:67:de:38:90:0e:93:4d:20:12:c0:8d:
02:17:85:4b:2a:99:e3:b5:da:30:b8:2f:44:11:1b:a4:89:20:
71:25:a0:92:14:e2:f7:bb:e5:06:0d:a3:7d:c1:bd:05:37:9d:
22:63:25:b6:9f:ec:8d:ff:d0:45:44:7c:0f:aa:1a:54:cc:d5:
71:ba:e5:8f:70:1d:52:40:9c:69:9d:51:6c:e5:e3:ca:a0:db:
0e:af:9c:7f:c8:42:19:9b:b7:c7:3a:b8:f1:48:a9:b1:51:81:
08:2b:e9:c1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVGgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAzMDgxMzA0WhcNMjUwNjExMDgxMzA0WjAYMRYw
FAYDVQQDEw02ODE1ZDAxNC1lNmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvDHJZ04nmSm+lsdBs1sdybtl1WGEwZT6BbX0GYrafcmJpIKiW/QcNJ1X
3c3PLKJa4xRHORoGB3VfKtPBy39qgmoj+XODiysLddCkxUsXQUmz2G5qclkMY3hR
2/N5PofEAIqt0CFzAzY+eNXUeYd/2njrDwkMqPOHK0O4zJdsQBwCCc3pJABM58dF
EYdMRjNUZmwJhuq7GUejgq7wbDmihfZ1iG5wd8niDrJudMbutljpYovyyaNBPn4Q
2J70x0hZVirTO0tSTRSeNo/ZKp+Dl4jZq36k8mXZUKr1lAA/7TFTF42O79KUfrsF
eTkXUXbirb96ts9od3hMZnQMo5erOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIhI
bBHpc6N0Ph3n3gWdyDum8wgMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MjQwNDgzNjI3RjYxMUYwQTU4NjEzRDlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnO51AwQAnO82MA0GCSqGSIb3
DQEBCwUAA4IBAQBM5g5X5Twe9a0XzCNioIW+p1MoPTJgbf34K0WQjkGnJI3R9AE7
RagDihUzR+rcdT56NTffYiAx8xLtq0RBo40H0QkA8fNmZQtLQwrQKBGt++cJI+c7
Sw108pVSUovJTULIRhFQtxyoB7Ec+HkigWLys1klxvXG0XyXM0qy6FLI5ok6Tynv
OwRTXFBy76B28lYP14Vc6Kv1Z944kA6TTSASwI0CF4VLKpnjtdowuC9EERukiSBx
JaCSFOL3u+UGDaN9wb0FN50iYyW2n+yN/9BFRHwPqhpUzNVxuuWPcB1SQJxpnVFs
5ePKoNsOr5x/yEIZm7fHOrjxSKmxUYEIK+nB
-----END CERTIFICATE-----
Generated at Mon May 12 19:44:11 2025 by rpki-client