Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86D4661A28B411F0ABA475D0DAE4EC9C.roa
File: 86D4661A28B411F0ABA475D0DAE4EC9C.roa (raw, json)
Hash identifier: /zI16RdM97e1qIaagWMYC+2+iHaRQcdxPMSvn6JMRrY=
Subject key identifier: 72:9B:47:D5:7B:EB:FC:75:19:69:5C:28:89:99:12:3A:44:64:6D:AE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151B6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86D4661A28B411F0ABA475D0DAE4EC9C.roa
Signing time: Sun 04 May 2025 06:53:47 +0000
ROA not before: Sun 04 May 2025 06:53:43 +0000
ROA not after: Sun 08 Jun 2025 06:53:43 +0000
asID: 213636
IP address blocks: 156.229.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86454 (0x151b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 4 06:53:43 2025 GMT
Not After : Jun 8 06:53:43 2025 GMT
Subject: CN=68170efb-7ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ef:96:b4:b6:d3:8c:85:39:f8:ec:0c:bb:97:
30:96:17:d6:a9:7a:7f:40:c6:64:a5:29:58:3f:28:
20:9b:c4:5f:57:c5:1a:1d:37:1d:28:02:50:b3:a1:
85:de:6f:c5:a2:c3:64:6a:26:69:56:57:da:97:83:
11:31:40:01:a9:10:54:b4:d6:80:27:eb:e6:16:10:
5e:b1:31:bc:99:01:9b:e6:c1:1d:99:e5:58:38:3b:
84:16:35:ab:86:39:e2:e5:28:8e:a2:3c:eb:17:a0:
d2:d7:b7:75:bf:37:ad:6f:2b:68:cb:d6:69:b5:67:
b8:6b:9a:77:27:66:5b:92:fa:1c:eb:ec:15:b1:46:
ca:f2:3c:db:b2:e2:ba:52:79:0f:5f:81:45:98:51:
45:ad:4e:8a:51:27:9c:d1:4a:d2:de:f8:d7:dc:58:
c5:88:89:10:f6:b2:76:b6:d4:77:bf:22:70:5e:a8:
d2:7a:85:d9:ff:a5:c7:d8:a5:e3:d1:5c:c4:67:22:
8f:85:c6:f3:b8:b0:a6:d7:32:aa:ad:70:15:07:a3:
10:15:df:01:36:2d:c9:82:b1:52:2f:d2:a9:98:9d:
7c:5f:ef:51:60:44:f4:e0:22:28:47:56:ab:71:fa:
b2:09:3d:52:fc:3e:63:f0:42:62:fb:04:ad:6a:4c:
db:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:9B:47:D5:7B:EB:FC:75:19:69:5C:28:89:99:12:3A:44:64:6D:AE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/86D4661A28B411F0ABA475D0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:4e:4f:f0:7a:c9:6e:ed:52:1d:ef:a9:73:67:50:4f:da:0e:
6d:f5:41:d5:7f:eb:39:ba:f5:78:5f:8e:74:01:72:c0:d3:e4:
d0:50:ed:b2:d4:79:60:d9:c3:7c:db:af:ba:da:bd:2e:0f:d6:
a6:ad:18:4c:6b:27:43:56:4d:49:ee:fd:c6:e1:4c:ba:b9:5d:
03:ba:91:5c:0e:30:a9:22:59:ec:2d:35:0f:8b:99:ca:7c:ed:
5d:fd:c1:83:2e:d6:1f:9b:5c:72:e6:a2:f7:24:11:0b:58:9f:
ce:8e:94:a1:87:ca:9d:47:59:1e:b1:2b:fc:10:66:a2:a2:10:
9f:7d:0f:ee:98:8f:20:90:a0:9f:c3:47:25:6e:7f:5e:6e:cd:
47:17:32:6a:07:2e:52:8e:d8:00:f2:7e:6f:60:7b:11:28:2c:
fc:1e:4a:d9:b3:5e:21:62:4c:90:6e:ac:e7:dc:9d:cf:98:89:
f8:60:d0:bc:eb:c1:4a:a1:19:c1:82:b3:fe:6f:33:84:a9:37:
94:8b:e9:ad:e3:6e:2f:bc:81:88:d7:aa:44:3e:27:6f:80:9c:
4e:eb:71:93:e6:c2:8a:46:ad:60:0b:a1:f3:53:e7:00:bf:33:
e7:e0:f5:9e:b6:75:ce:97:8f:44:de:02:a8:41:26:14:76:8c:
72:93:08:cb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVG2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA0MDY1MzQzWhcNMjUwNjA4MDY1MzQzWjAYMRYw
FAYDVQQDEw02ODE3MGVmYi03ZmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoe+WtLbTjIU5+OwMu5cwlhfWqXp/QMZkpSlYPyggm8RfV8UaHTcdKAJQ
s6GF3m/FosNkaiZpVlfal4MRMUABqRBUtNaAJ+vmFhBesTG8mQGb5sEdmeVYODuE
FjWrhjni5SiOojzrF6DS17d1vzetbytoy9ZptWe4a5p3J2Zbkvoc6+wVsUbK8jzb
suK6UnkPX4FFmFFFrU6KUSec0UrS3vjX3FjFiIkQ9rJ2ttR3vyJwXqjSeoXZ/6XH
2KXj0VzEZyKPhcbzuLCm1zKqrXAVB6MQFd8BNi3JgrFSL9KpmJ18X+9RYET04CIo
R1arcfqyCT1S/D5j8EJi+wStakzbFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHKb
R9V76/x1GWlcKImZEjpEZG2uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NkQ0NjYxQTI4QjQxMUYwQUJBNDc1RDBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXsMA0GCSqGSIb3DQEBCwUA
A4IBAQCNTk/weslu7VId76lzZ1BP2g5t9UHVf+s5uvV4X450AXLA0+TQUO2y1Hlg
2cN826+62r0uD9amrRhMaydDVk1J7v3G4Uy6uV0DupFcDjCpIlnsLTUPi5nKfO1d
/cGDLtYfm1xy5qL3JBELWJ/OjpShh8qdR1kesSv8EGaiohCffQ/umI8gkKCfw0cl
bn9ebs1HFzJqBy5SjtgA8n5vYHsRKCz8HkrZs14hYkyQbqzn3J3PmIn4YNC868FK
oRnBgrP+bzOEqTeUi+mt424vvIGI16pEPidvgJxO63GT5sKKRq1gC6HzU+cAvzPn
4PWetnXOl49E3gKoQSYUdoxykwjL
-----END CERTIFICATE-----
Generated at Sun May 11 15:30:16 2025 by rpki-client