Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EBC07BC2A7511F09C7FDB89DAE4EC9C.roa
File: 8EBC07BC2A7511F09C7FDB89DAE4EC9C.roa (raw, json)
Hash identifier: jn3AC76qwHtpD6NPrlkQGcMpKY/yMhzj0TScRigEr4o=
Subject key identifier: 0D:1E:FF:44:61:99:05:62:8D:CC:4C:DE:F1:99:FC:48:39:7E:C2:E4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015259
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EBC07BC2A7511F09C7FDB89DAE4EC9C.roa
Signing time: Tue 06 May 2025 12:28:05 +0000
ROA not before: Tue 06 May 2025 12:28:00 +0000
ROA not after: Fri 05 Jun 2026 12:28:00 +0000
asID: 984
IP address blocks: 156.228.155.0/24 maxlen: 24
156.231.12.0/24 maxlen: 24
156.233.108.0/24 maxlen: 24
156.245.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86617 (0x15259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 6 12:28:00 2025 GMT
Not After : Jun 5 12:28:00 2026 GMT
Subject: CN=681a0054-b88c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:19:b3:d8:b4:62:14:8c:6f:37:59:af:61:d6:
fb:a3:db:93:f6:71:0f:ee:8c:dc:8b:6e:27:0d:5e:
1a:b8:b5:59:6e:fe:5d:e0:96:21:e0:7a:27:c5:bd:
3f:45:9a:f1:7e:2a:53:54:59:7d:2b:07:57:41:fa:
2c:4e:df:a8:27:22:87:30:ad:bb:e1:1b:72:cd:9d:
22:2f:27:46:9c:d3:68:7b:bf:86:07:63:5e:b3:bf:
cd:e0:cf:e7:12:84:12:f3:4f:c6:47:25:32:19:f1:
1c:b1:e6:9a:2a:86:8b:36:dc:31:0f:43:a0:10:fe:
eb:6e:d9:c9:34:48:0b:b9:94:20:e5:5e:66:4c:6b:
f5:99:c6:42:b0:5e:79:55:84:6a:73:2c:9d:a0:cd:
0a:5f:93:1c:e6:ea:80:5a:b9:7a:69:f6:75:63:e7:
bc:6e:f4:c1:b1:d4:f3:f8:a2:34:b4:f0:44:11:b6:
7e:b8:a0:b0:94:e4:b1:8c:ed:13:1b:e2:99:a1:dd:
2e:16:30:f1:8c:19:bb:10:a8:86:e1:55:30:26:36:
8c:2e:4f:6b:0b:dd:bb:30:bc:d7:b6:aa:29:55:d2:
4d:88:09:ee:55:19:88:72:a3:21:66:01:10:79:cc:
72:24:dd:c7:c8:e9:1c:2e:05:e5:ab:0c:46:8c:06:
53:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:1E:FF:44:61:99:05:62:8D:CC:4C:DE:F1:99:FC:48:39:7E:C2:E4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8EBC07BC2A7511F09C7FDB89DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.155.0/24
156.231.12.0/24
156.233.108.0/24
156.245.224.0/24
Signature Algorithm: sha256WithRSAEncryption
77:2e:48:f1:96:dd:e9:ed:9d:59:90:5d:ab:55:f0:ba:52:58:
d2:f8:b4:98:74:31:0f:18:87:e5:79:8e:1e:0b:df:27:ab:e7:
2f:57:27:be:6a:c5:dd:b1:b7:e4:b6:e8:fa:6b:29:e6:f6:23:
5b:d2:e3:50:dd:07:07:69:a3:d8:55:06:18:fc:59:82:be:94:
29:d2:81:78:06:5b:fc:f5:cd:83:1d:6e:a3:2d:c5:c4:70:23:
6a:d0:cd:0c:6f:9b:6d:40:2d:25:f1:5a:7f:77:c3:99:dd:1e:
d8:bf:b0:35:36:c9:ba:48:37:18:e7:66:85:d0:55:ca:ab:5e:
18:71:4c:7f:bd:f1:fc:04:dc:0d:01:a5:11:e6:89:2a:99:cc:
9a:d9:70:8f:56:29:e8:56:4a:a2:1c:83:d8:a1:54:95:47:b9:
57:19:ed:35:c1:1c:10:16:4f:75:b7:c8:56:f5:6b:7a:48:0b:
50:8d:34:96:5b:16:16:11:93:d5:f2:cb:b3:73:1b:77:dc:1b:
98:29:e1:65:cb:82:4e:95:78:3b:86:a3:ec:1c:1b:b8:a2:e1:
a1:54:a4:08:7e:4e:03:17:f3:04:2d:72:12:34:cb:5b:40:e0:
69:1f:80:ae:69:81:d5:b5:3f:17:15:0b:d5:4e:d9:e3:38:23:
bb:89:54:72
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAVJZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA2MTIyODAwWhcNMjYwNjA1MTIyODAwWjAYMRYw
FAYDVQQDEw02ODFhMDA1NC1iODhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvRmz2LRiFIxvN1mvYdb7o9uT9nEP7ozci24nDV4auLVZbv5d4JYh4Hon
xb0/RZrxfipTVFl9KwdXQfosTt+oJyKHMK274RtyzZ0iLydGnNNoe7+GB2Nes7/N
4M/nEoQS80/GRyUyGfEcseaaKoaLNtwxD0OgEP7rbtnJNEgLuZQg5V5mTGv1mcZC
sF55VYRqcyydoM0KX5Mc5uqAWrl6afZ1Y+e8bvTBsdTz+KI0tPBEEbZ+uKCwlOSx
jO0TG+KZod0uFjDxjBm7EKiG4VUwJjaMLk9rC927MLzXtqopVdJNiAnuVRmIcqMh
ZgEQecxyJN3HyOkcLgXlqwxGjAZTbwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFA0e
/0RhmQVijcxM3vGZ/Eg5fsLkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RUJDMDdCQzJBNzUxMUYwOUM3RkRCODlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnOSbAwQAnOcMAwQAnOlsAwQA
nPXgMA0GCSqGSIb3DQEBCwUAA4IBAQB3Lkjxlt3p7Z1ZkF2rVfC6UljS+LSYdDEP
GIfleY4eC98nq+cvVye+asXdsbfktuj6aynm9iNb0uNQ3QcHaaPYVQYY/FmCvpQp
0oF4Blv89c2DHW6jLcXEcCNq0M0Mb5ttQC0l8Vp/d8OZ3R7Yv7A1Nsm6SDcY52aF
0FXKq14YcUx/vfH8BNwNAaUR5okqmcya2XCPVinoVkqiHIPYoVSVR7lXGe01wRwQ
Fk91t8hW9Wt6SAtQjTSWWxYWEZPV8suzcxt33BuYKeFly4JOlXg7hqPsHBu4ouGh
VKQIfk4DF/MELXISNMtbQOBpH4CuaYHVtT8XFQvVTtnjOCO7iVRy
-----END CERTIFICATE-----
Generated at Sun May 11 19:57:29 2025 by rpki-client