Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8AF057C257611F0B5A81E9CDAE4EC9C.roa
File: C8AF057C257611F0B5A81E9CDAE4EC9C.roa (raw, json)
Hash identifier: fg6DlrWxByIm2a7KafyEe/WNMMcgtmXBQsaWiSVX4io=
Subject key identifier: 6D:FC:18:3C:2A:1E:75:F1:A3:BB:67:EE:F1:FF:01:BF:88:E5:BA:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01505B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8AF057C257611F0B5A81E9CDAE4EC9C.roa
Signing time: Wed 30 Apr 2025 03:54:16 +0000
ROA not before: Wed 30 Apr 2025 03:54:10 +0000
ROA not after: Tue 20 May 2025 03:54:10 +0000
asID: 265721
IP address blocks: 156.248.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 07 May 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86107 (0x1505b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 03:54:10 2025 GMT
Not After : May 20 03:54:10 2025 GMT
Subject: CN=68119ee7-4b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:40:ce:d0:27:24:0d:d0:5d:1c:03:ad:28:0f:
9a:e9:7e:e1:47:43:a7:b5:c0:ca:0f:3c:dc:58:67:
be:2e:7a:f5:0b:2d:31:5e:60:a9:a1:fe:53:8c:a1:
dc:2f:5f:ba:b2:2d:55:9f:a5:03:0a:24:32:66:b8:
c3:86:fd:98:0f:9b:a0:fe:aa:32:e6:91:f4:fe:3b:
c1:d0:b8:d5:5a:4a:7d:07:51:a3:91:05:dd:b1:d6:
fd:8b:88:7d:f3:5f:e3:0b:bd:82:45:cd:e9:37:96:
bf:90:df:59:cc:a6:82:8b:e0:f3:14:86:5b:5d:55:
ef:5a:83:79:d6:ad:fb:88:6f:1c:5c:d5:af:a8:05:
c9:c7:55:f8:74:63:4a:f0:75:7d:cc:86:11:8e:86:
1f:36:17:be:3d:35:fa:2b:15:4b:d0:d4:67:91:11:
b1:30:54:ab:85:31:1c:cc:36:f5:83:a3:b3:5a:66:
be:16:5c:f8:39:08:81:9a:64:c8:0e:a0:0b:f1:7a:
eb:21:f2:3b:ac:8f:b7:92:5d:0d:dc:7b:db:59:cf:
01:74:d9:9c:30:b2:d6:cb:5f:db:f1:c4:4d:c6:f5:
00:fc:7b:80:a1:44:33:f8:de:9d:be:9f:e4:67:d2:
5f:ce:5f:d5:c1:03:8d:b2:54:4c:0c:80:e0:0e:8f:
0a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FC:18:3C:2A:1E:75:F1:A3:BB:67:EE:F1:FF:01:BF:88:E5:BA:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8AF057C257611F0B5A81E9CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.144.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:bd:5a:3b:d1:11:d4:78:1e:14:8e:b0:ca:44:9f:97:ce:41:
91:77:10:9a:92:dd:7f:74:1c:f6:f7:2b:f5:ce:34:4a:eb:a5:
4f:49:85:a4:c6:63:6a:14:cc:44:74:df:59:f0:d7:c7:0f:c7:
56:c6:45:13:b2:df:c4:07:b3:3d:f6:bb:be:ec:78:18:81:c5:
d5:41:bd:ae:b2:ed:ed:73:b4:5e:f2:b9:86:1b:43:07:cf:f7:
f9:c4:2e:39:5a:1c:bf:18:5e:ff:f4:e9:ae:c6:8c:6c:d3:33:
5d:28:a5:33:67:cd:b7:02:bc:c6:7e:28:3c:5a:63:fe:c1:87:
ee:6f:11:41:0a:54:36:67:59:9c:f9:9a:76:c2:24:22:df:aa:
11:0a:8a:04:62:f3:d2:af:72:23:08:20:74:ca:f8:81:b5:83:
3a:b6:37:e7:9e:e0:44:ed:a8:01:2c:c5:a9:5f:3f:da:15:50:
12:c1:3d:eb:99:7c:80:6e:8e:02:aa:82:e6:a4:82:b6:ef:ac:
f7:b9:23:b6:85:b1:71:1a:3b:82:22:48:7d:28:bc:9a:71:5b:
d6:e4:24:f7:b8:41:24:a6:f2:9c:22:b7:46:aa:e6:c6:3d:33:
58:26:b6:ec:8c:88:d7:22:0d:d2:96:28:f4:81:8c:4a:bd:6c:
52:49:f5:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVBbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMDM1NDEwWhcNMjUwNTIwMDM1NDEwWjAYMRYw
FAYDVQQDEw02ODExOWVlNy00YjUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzEDO0CckDdBdHAOtKA+a6X7hR0OntcDKDzzcWGe+Lnr1Cy0xXmCpof5T
jKHcL1+6si1Vn6UDCiQyZrjDhv2YD5ug/qoy5pH0/jvB0LjVWkp9B1GjkQXdsdb9
i4h981/jC72CRc3pN5a/kN9ZzKaCi+DzFIZbXVXvWoN51q37iG8cXNWvqAXJx1X4
dGNK8HV9zIYRjoYfNhe+PTX6KxVL0NRnkRGxMFSrhTEczDb1g6OzWma+Flz4OQiB
mmTIDqAL8XrrIfI7rI+3kl0N3HvbWc8BdNmcMLLWy1/b8cRNxvUA/HuAoUQz+N6d
vp/kZ9Jfzl/VwQONslRMDIDgDo8KEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG38
GDwqHnXxo7tn7vH/Ab+I5bqMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOEFGMDU3QzI1NzYxMUYwQjVBODFFOUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnPiQMA0GCSqGSIb3DQEBCwUA
A4IBAQBavVo70RHUeB4UjrDKRJ+XzkGRdxCakt1/dBz29yv1zjRK66VPSYWkxmNq
FMxEdN9Z8NfHD8dWxkUTst/EB7M99ru+7HgYgcXVQb2usu3tc7Re8rmGG0MHz/f5
xC45Why/GF7/9Omuxoxs0zNdKKUzZ823ArzGfig8WmP+wYfubxFBClQ2Z1mc+Zp2
wiQi36oRCooEYvPSr3IjCCB0yviBtYM6tjfnnuBE7agBLMWpXz/aFVASwT3rmXyA
bo4CqoLmpIK276z3uSO2hbFxGjuCIkh9KLyacVvW5CT3uEEkpvKcIrdGqubGPTNY
JrbsjIjXIg3Slij0gYxKvWxSSfUG
-----END CERTIFICATE-----
Generated at Mon May 5 12:49:32 2025 by rpki-client