Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC19C82E242211F0872917B5DAE4EC9C.roa
File: BC19C82E242211F0872917B5DAE4EC9C.roa (raw, json)
Hash identifier: 9nWdCmnci8mDtuSpvs1MmakFIOiaPmqNvjgXBSl3N6w=
Subject key identifier: 3E:A5:91:DC:7F:92:28:8F:53:F3:8B:77:CD:30:00:76:FE:C0:EE:17
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014EFE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC19C82E242211F0872917B5DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 11:20:05 +0000
ROA not before: Mon 28 Apr 2025 11:20:01 +0000
ROA not after: Wed 21 May 2025 11:20:01 +0000
asID: 153656
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85758 (0x14efe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 11:20:01 2025 GMT
Not After : May 21 11:20:01 2025 GMT
Subject: CN=680f6465-db34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3c:b6:49:0b:8f:71:94:bf:ae:2b:43:06:1d:
dd:d6:97:f1:95:27:04:c9:09:7e:90:d9:64:58:2f:
a5:22:5b:b5:81:9a:d0:56:f8:be:74:1a:62:83:9a:
de:a6:b2:41:7d:71:6f:86:39:53:74:26:d5:52:13:
5e:59:bb:dd:b4:8b:13:2a:a3:49:cf:9f:34:2d:c7:
ed:9a:bb:e3:3e:1e:1d:ab:30:81:c9:14:3b:2d:b6:
89:3c:f2:3c:c0:bd:91:11:71:91:44:46:9a:02:4a:
e2:75:69:02:55:7e:7f:c8:79:4f:db:13:34:41:6f:
71:50:c9:62:fc:7d:0e:e8:1c:11:59:14:1c:48:b2:
45:a5:dc:9d:af:ba:a1:92:a5:41:f2:81:e7:a6:15:
41:bb:7b:24:74:cd:b2:f4:51:28:ec:a4:80:0f:05:
02:8a:73:88:90:7f:02:15:03:a3:27:fc:6e:d3:84:
22:c4:ec:d8:05:26:a9:0b:73:4c:3a:cc:9a:62:a5:
86:99:cd:8b:58:c0:29:b4:55:d1:17:81:19:d7:e4:
94:3c:79:dd:56:ce:90:de:33:c6:f5:1b:b6:66:ce:
e5:e2:81:02:0a:bc:67:c2:05:90:5e:ac:15:c3:fd:
e4:c0:47:df:98:6c:c5:a1:3b:ce:b7:6a:94:5b:6e:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A5:91:DC:7F:92:28:8F:53:F3:8B:77:CD:30:00:76:FE:C0:EE:17
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC19C82E242211F0872917B5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
12:d9:34:60:ea:98:03:7c:5f:6e:24:27:af:1e:22:22:26:c4:
1e:4d:a6:37:f4:aa:f7:83:b0:f7:0a:84:9f:5c:60:d1:fa:d4:
ff:8c:72:85:59:ee:95:6f:1c:d9:0b:c5:b6:33:a2:2b:7a:32:
35:92:5b:19:2e:91:f1:ac:8b:c1:34:97:e9:7b:87:23:3c:ae:
77:40:e0:36:3c:7c:ef:2a:5d:23:b6:08:0f:3c:bf:e2:6e:2b:
7c:5a:e5:26:9e:bd:33:7a:22:34:b6:ee:0d:28:a7:dd:c9:2b:
46:bd:22:af:0f:4a:e4:9c:dd:8a:14:11:95:32:28:06:17:50:
4e:60:2e:87:e5:bf:cd:3e:0b:59:6a:74:0d:f0:1f:a8:7a:bf:
01:9b:7d:a5:ff:55:ad:38:93:c8:4c:ff:a1:5c:79:74:5c:c7:
27:fd:7a:58:80:04:08:39:50:03:0b:45:67:50:33:9d:a6:55:
13:a1:c9:ae:dd:e6:5b:8f:23:82:54:5d:27:4c:1d:b3:90:36:
d0:5d:6e:03:8c:0a:f0:a1:13:df:a5:ef:53:11:bb:42:89:03:
dc:99:88:7f:85:96:8a:c1:74:77:62:da:4d:78:12:f6:74:84:
c4:dc:46:cf:03:ad:20:0d:f0:15:f8:14:b9:ea:2d:66:a5:a1:
cf:20:89:b4
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAU7+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI4MTEyMDAxWhcNMjUwNTIxMTEyMDAxWjAYMRYw
FAYDVQQDEw02ODBmNjQ2NS1kYjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzzy2SQuPcZS/ritDBh3d1pfxlScEyQl+kNlkWC+lIlu1gZrQVvi+dBpi
g5reprJBfXFvhjlTdCbVUhNeWbvdtIsTKqNJz580LcftmrvjPh4dqzCByRQ7LbaJ
PPI8wL2REXGRREaaAkridWkCVX5/yHlP2xM0QW9xUMli/H0O6BwRWRQcSLJFpdyd
r7qhkqVB8oHnphVBu3skdM2y9FEo7KSADwUCinOIkH8CFQOjJ/xu04QixOzYBSap
C3NMOsyaYqWGmc2LWMAptFXRF4EZ1+SUPHndVs6Q3jPG9Ru2Zs7l4oECCrxnwgWQ
XqwVw/3kwEffmGzFoTvOt2qUW26lkwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFD6l
kdx/kiiPU/OLd80wAHb+wO4XMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQzE5QzgyRTI0MjIxMUYwODcyOTE3QjVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBABLZNGDqmAN8X24kJ68eIiImxB5Npjf0qveDsPcKhJ9cYNH6
1P+McoVZ7pVvHNkLxbYzoit6MjWSWxkukfGsi8E0l+l7hyM8rndA4DY8fO8qXSO2
CA88v+JuK3xa5SaevTN6IjS27g0op93JK0a9Iq8PSuSc3YoUEZUyKAYXUE5gLofl
v80+C1lqdA3wH6h6vwGbfaX/Va04k8hM/6FceXRcxyf9eliABAg5UAMLRWdQM52m
VROhya7d5luPI4JUXSdMHbOQNtBdbgOMCvChE9+l71MRu0KJA9yZiH+FlorBdHdi
2k14EvZ0hMTcRs8DrSAN8BX4FLnqLWaloc8gibQ=
-----END CERTIFICATE-----
Generated at Sun May 11 14:53:33 2025 by rpki-client