Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8827E16E242111F0860931ABDAE4EC9C.roa
File: 8827E16E242111F0860931ABDAE4EC9C.roa (raw, json)
Hash identifier: k3R/UAf2S4lTdAwPwdznQOm3gxEjdsWmjZNXjkGjnHY=
Subject key identifier: 4A:28:C1:52:C5:75:19:11:CD:22:A6:46:AC:82:D2:9B:CD:E8:2A:C6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014EF6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8827E16E242111F0860931ABDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 11:11:29 +0000
ROA not before: Mon 28 Apr 2025 11:11:24 +0000
ROA not after: Fri 13 Mar 2026 11:11:24 +0000
asID: 984
IP address blocks: 156.231.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85750 (0x14ef6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 11:11:24 2025 GMT
Not After : Mar 13 11:11:24 2026 GMT
Subject: CN=680f6261-23bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:68:6a:0d:d1:e0:cd:b4:64:52:61:d0:ed:3e:
6f:db:56:ba:35:98:75:f8:4f:ca:97:cd:54:50:fb:
be:00:13:54:68:c9:ec:72:c5:5f:d9:06:90:e2:47:
95:e2:fb:31:0e:4d:1a:c1:4d:df:04:af:e9:a0:d8:
6d:a2:c4:e5:a0:67:91:66:a6:7c:f5:90:fe:c5:9a:
16:5a:a9:f2:eb:69:7f:6a:80:c6:a1:30:cd:60:70:
e0:12:fb:ab:d7:0b:1b:00:cd:a6:5a:a2:1a:75:e7:
80:32:23:d4:53:dc:b7:99:ec:cd:c8:9a:cf:5d:64:
76:f7:7d:c8:bb:62:c1:f3:e9:05:fa:f0:33:de:d6:
d1:7d:f2:7c:22:33:dd:b6:40:8d:ec:ba:dc:fa:26:
cc:0f:0c:56:45:63:0c:dc:72:c9:55:b6:6b:2d:e8:
44:53:9e:14:53:fb:fc:44:2c:27:16:18:63:69:21:
55:a3:c6:c8:0b:71:dc:47:5e:9a:42:c2:2f:4d:31:
5b:05:ab:09:f0:d4:66:54:14:ac:a7:9b:33:d4:70:
07:09:0f:48:89:2a:13:3a:dc:48:35:df:5e:a7:15:
d8:6d:39:16:5e:01:8a:c1:81:35:c8:61:c6:7d:1c:
f9:32:1b:16:ee:c9:cc:78:fb:4c:ee:f4:75:59:e7:
01:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:28:C1:52:C5:75:19:11:CD:22:A6:46:AC:82:D2:9B:CD:E8:2A:C6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8827E16E242111F0860931ABDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.181.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:0b:bc:9d:ae:35:76:b5:19:6a:28:d4:de:c6:7f:94:f7:28:
f1:9a:a4:ea:ab:e8:c9:b9:54:8e:24:ef:7e:f1:a7:76:73:ca:
0f:f8:a0:fc:fb:38:a3:e0:72:f2:b5:08:64:03:e3:be:81:95:
d3:a3:02:d3:48:a5:3f:64:05:9c:8b:ea:0e:17:44:7c:dd:78:
d7:0c:12:3d:f1:38:cf:f4:21:02:76:a4:b7:e5:17:b5:d8:f7:
e4:76:1b:23:d6:76:0c:a7:3c:17:3b:5b:46:51:09:d0:02:f8:
a4:06:b3:80:e1:7b:25:c3:37:78:e0:e4:a7:63:c9:89:c2:76:
06:b1:80:11:9b:13:5f:fa:55:31:67:fb:c2:1c:e4:b0:80:6a:
7f:2a:a5:8c:86:07:3f:91:98:8b:8b:da:19:8d:8e:ff:21:04:
ca:ea:26:d7:f2:e8:33:79:4f:47:c9:ee:53:e6:bd:f2:68:8f:
fd:3a:04:fc:7f:01:5b:3e:44:82:84:b1:04:02:2c:5d:c1:a0:
e3:f7:97:4a:4e:3a:af:3c:fd:d3:4f:1f:15:b6:89:34:fa:48:
35:d4:e2:7b:70:81:00:7a:ce:51:b3:59:d4:83:97:9f:95:48:
8c:2f:3e:04:56:24:a6:06:6d:aa:87:8f:c0:92:5a:4d:93:af:
90:9b:ad:af
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU72MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI4MTExMTI0WhcNMjYwMzEzMTExMTI0WjAYMRYw
FAYDVQQDEw02ODBmNjI2MS0yM2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA12hqDdHgzbRkUmHQ7T5v21a6NZh1+E/Kl81UUPu+ABNUaMnscsVf2QaQ
4keV4vsxDk0awU3fBK/poNhtosTloGeRZqZ89ZD+xZoWWqny62l/aoDGoTDNYHDg
Evur1wsbAM2mWqIadeeAMiPUU9y3mezNyJrPXWR2933Iu2LB8+kF+vAz3tbRffJ8
IjPdtkCN7Lrc+ibMDwxWRWMM3HLJVbZrLehEU54UU/v8RCwnFhhjaSFVo8bIC3Hc
R16aQsIvTTFbBasJ8NRmVBSsp5sz1HAHCQ9IiSoTOtxINd9epxXYbTkWXgGKwYE1
yGHGfRz5MhsW7snMePtM7vR1WecBpQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEoo
wVLFdRkRzSKmRqyC0pvN6CrGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84ODI3RTE2RTI0MjExMUYwODYwOTMxQUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOe1MA0GCSqGSIb3DQEBCwUA
A4IBAQBcC7ydrjV2tRlqKNTexn+U9yjxmqTqq+jJuVSOJO9+8ad2c8oP+KD8+zij
4HLytQhkA+O+gZXTowLTSKU/ZAWci+oOF0R83XjXDBI98TjP9CECdqS35Re12Pfk
dhsj1nYMpzwXO1tGUQnQAvikBrOA4Xslwzd44OSnY8mJwnYGsYARmxNf+lUxZ/vC
HOSwgGp/KqWMhgc/kZiLi9oZjY7/IQTK6ibX8ugzeU9Hye5T5r3yaI/9OgT8fwFb
PkSChLEEAixdwaDj95dKTjqvPP3TTx8Vtok0+kg11OJ7cIEAes5Rs1nUg5eflUiM
Lz4EViSmBm2qh4/AklpNk6+Qm62v
-----END CERTIFICATE-----
Generated at Mon May 12 07:16:07 2025 by rpki-client