Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D70F9DA81A0311F094F1C7266EB8BCC6.roa
File: D70F9DA81A0311F094F1C7266EB8BCC6.roa (raw, json)
Hash identifier: YMY+bPieBjLrF/uM2X8MJx/hacnA4u0j8CU1vE0P7NQ=
Subject key identifier: 35:CF:25:19:03:19:F7:D0:40:64:C5:C8:C9:20:DA:7C:3B:EC:CB:A7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014C6C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D70F9DA81A0311F094F1C7266EB8BCC6.roa
Signing time: Tue 15 Apr 2025 14:13:45 +0000
ROA not before: Tue 15 Apr 2025 14:13:39 +0000
ROA not after: Thu 22 May 2025 14:13:39 +0000
asID: 50053
IP address blocks: 156.253.220.0/24 maxlen: 24
156.253.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85100 (0x14c6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 15 14:13:39 2025 GMT
Not After : May 22 14:13:39 2025 GMT
Subject: CN=67fe6999-8a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9c:4e:a1:fe:30:94:5a:f7:7a:a8:51:08:be:
58:d1:9d:7a:9f:98:a9:9f:88:c9:a2:ea:15:df:f5:
03:6d:0b:62:d1:fe:cf:8b:42:da:4a:7b:e3:d5:a3:
65:53:05:90:e5:d8:ac:c0:df:1d:e1:e6:3f:96:3e:
f4:3a:2e:76:dc:a3:0a:4d:59:a7:f4:84:d6:d2:9e:
20:e0:59:96:09:63:0b:c2:bc:39:0c:92:ec:a1:28:
a2:25:3f:bb:79:1c:a8:4b:55:7f:44:82:22:9a:c5:
7c:af:fb:e1:22:93:50:42:bb:ec:f0:45:2c:76:fa:
e8:46:4c:c6:2c:cf:d6:60:70:04:2e:ec:f7:9b:d4:
06:2f:82:ad:f0:05:ad:99:b4:4f:50:68:fe:48:4a:
e9:27:92:34:df:fd:30:23:b3:05:ff:04:fe:98:8f:
69:5b:dd:ad:20:94:10:8c:74:74:1c:73:aa:bc:ee:
fc:ed:d6:7d:cd:98:96:74:02:83:8b:9c:69:5d:77:
12:fb:a9:a9:73:66:f7:2f:8f:fc:f2:c5:ba:14:de:
d9:7a:7c:5b:13:b0:e7:a3:22:4d:f1:5e:9a:51:ef:
de:32:ea:cf:2d:3d:6b:d7:32:a3:5c:d4:63:c2:21:
0d:ff:8a:3a:ed:15:be:6f:62:ee:f6:c7:2f:0b:bb:
5c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CF:25:19:03:19:F7:D0:40:64:C5:C8:C9:20:DA:7C:3B:EC:CB:A7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D70F9DA81A0311F094F1C7266EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.220.0/24
156.253.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:77:e5:1c:6a:a3:6a:9c:74:0f:89:2d:e8:47:d7:0b:69:30:
01:df:89:e8:99:c7:d3:2c:26:50:d9:8d:bc:f8:c1:d5:00:70:
02:ff:dc:7b:6b:71:7a:97:c7:b1:93:f1:9b:dc:79:16:c3:94:
11:cd:ac:1d:ed:a9:ca:21:2b:de:bf:4c:47:8c:85:f2:5a:b3:
87:8f:7a:5d:73:03:5f:c0:e4:58:f4:f9:48:49:1e:3b:22:cc:
9a:75:d5:30:57:af:c4:66:66:ab:43:00:81:0e:ab:f4:71:2b:
59:d0:71:56:e2:d0:06:0a:d4:df:a5:49:13:44:d8:ec:11:6a:
8f:4f:a5:cc:52:80:59:e4:ba:0f:87:f3:87:a8:47:7f:1a:c9:
21:01:ae:b7:bb:dc:ea:0c:94:08:fc:d6:38:13:20:01:c3:bd:
44:7d:aa:2c:87:ca:1e:d3:81:b8:a7:53:95:d6:fe:84:9b:02:
14:ba:92:6b:4c:4f:04:8e:6d:fa:c0:f8:c6:26:b9:86:6b:77:
c9:c9:7e:89:81:02:6d:35:71:97:a6:56:5d:fb:df:5f:f9:aa:
40:8e:72:8c:bf:36:a2:55:3f:f9:0c:50:bc:e7:74:fd:1b:cb:
e0:4b:8e:97:a1:1a:8c:51:d9:3f:f5:3d:bc:48:17:58:6a:9d:
71:73:01:5c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUxsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE1MTQxMzM5WhcNMjUwNTIyMTQxMzM5WjAYMRYw
FAYDVQQDEw02N2ZlNjk5OS04YTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuZxOof4wlFr3eqhRCL5Y0Z16n5ipn4jJouoV3/UDbQti0f7Pi0LaSnvj
1aNlUwWQ5diswN8d4eY/lj70Oi523KMKTVmn9ITW0p4g4FmWCWMLwrw5DJLsoSii
JT+7eRyoS1V/RIIimsV8r/vhIpNQQrvs8EUsdvroRkzGLM/WYHAELuz3m9QGL4Kt
8AWtmbRPUGj+SErpJ5I03/0wI7MF/wT+mI9pW92tIJQQjHR0HHOqvO787dZ9zZiW
dAKDi5xpXXcS+6mpc2b3L4/88sW6FN7ZenxbE7DnoyJN8V6aUe/eMurPLT1r1zKj
XNRjwiEN/4o67RW+b2Lu9scvC7tcxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDXP
JRkDGffQQGTFyMkg2nw77MunMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENzBGOURBODFBMDMxMUYwOTRGMUM3MjY2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnP3cAwQAnP3fMA0GCSqGSIb3
DQEBCwUAA4IBAQA8d+UcaqNqnHQPiS3oR9cLaTAB34nomcfTLCZQ2Y28+MHVAHAC
/9x7a3F6l8exk/Gb3HkWw5QRzawd7anKISvev0xHjIXyWrOHj3pdcwNfwORY9PlI
SR47IsyaddUwV6/EZmarQwCBDqv0cStZ0HFW4tAGCtTfpUkTRNjsEWqPT6XMUoBZ
5LoPh/OHqEd/GskhAa63u9zqDJQI/NY4EyABw71Efaosh8oe04G4p1OV1v6EmwIU
upJrTE8Ejm36wPjGJrmGa3fJyX6JgQJtNXGXplZd+99f+apAjnKMvzaiVT/5DFC8
53T9G8vgS46XoRqMUdk/9T28SBdYap1xcwFc
-----END CERTIFICATE-----
Generated at Tue May 13 14:14:54 2025 by rpki-client