Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDFF1200261611F0976412C2DAE4EC9C.roa
File: DDFF1200261611F0976412C2DAE4EC9C.roa (raw, json)
Hash identifier: ZU725x1giHt9+qsvmj8+gC9K0rULrU/Il2WMlKZgNyU=
Subject key identifier: E1:F1:71:41:36:D8:2A:07:E9:7C:70:D3:8E:19:92:7D:CC:03:3B:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015107
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDFF1200261611F0976412C2DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 23:00:11 +0000
ROA not before: Wed 30 Apr 2025 23:00:06 +0000
ROA not after: Fri 28 Apr 2028 23:00:06 +0000
asID: 17561
IP address blocks: 156.232.252.0/24 maxlen: 24
156.232.253.0/24 maxlen: 24
156.232.254.0/24 maxlen: 24
156.232.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 07 May 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86279 (0x15107)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 23:00:06 2025 GMT
Not After : Apr 28 23:00:06 2028 GMT
Subject: CN=6812ab7b-1b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f3:65:99:10:52:e2:68:45:73:ba:fd:b2:29:
1a:00:2d:dc:3e:db:15:37:3c:1e:49:eb:95:ef:5b:
e1:c8:bc:ed:d1:08:e7:25:10:8b:64:2f:97:fe:a6:
2c:ba:ea:1b:f4:9e:92:5a:74:8c:f3:d3:fe:a0:2c:
5e:81:5d:3f:4a:cd:78:45:c2:9e:ed:c1:2b:91:15:
45:f6:01:59:07:52:20:e8:36:f9:c6:2c:e1:7b:42:
c5:73:28:8d:87:e2:db:79:d3:4f:7b:0c:4a:2d:cb:
2e:50:53:9a:80:6b:a2:ad:5a:76:bb:a8:e5:0b:dd:
dc:50:9a:24:0c:56:86:36:b7:47:27:d6:d5:29:88:
b6:8c:b0:6e:68:36:c7:6d:37:15:7a:75:cd:d8:b3:
36:cf:6d:c5:14:50:33:3d:5a:6f:a9:31:e8:4e:01:
d5:09:56:e1:2f:66:91:55:0d:1c:88:42:97:35:98:
f7:93:54:79:5e:b0:3a:65:f7:ed:de:72:48:4a:ad:
51:f2:52:65:f9:b2:a3:87:23:8a:f6:b9:7f:8f:65:
ee:f6:b5:cd:4e:3a:19:51:b8:ad:7b:fc:58:89:df:
54:dd:7d:f5:77:69:15:08:ff:34:df:77:c9:19:92:
3b:b5:14:44:a4:41:94:d3:b0:ea:eb:b5:20:d1:3e:
9c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F1:71:41:36:D8:2A:07:E9:7C:70:D3:8E:19:92:7D:CC:03:3B:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DDFF1200261611F0976412C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.252.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:c2:e1:7a:4d:db:a8:72:e8:24:e1:9e:fc:0e:1f:42:18:aa:
f1:eb:3a:e4:98:e6:a3:29:a5:a1:a3:09:23:55:07:21:5b:77:
e4:a9:96:02:2f:6b:1b:ba:7c:f0:38:6b:58:07:7d:c5:de:63:
7c:47:54:c6:7d:03:99:2f:7e:e2:04:d7:8f:3c:b9:81:25:bd:
b5:70:f3:f1:53:80:ae:26:18:f1:d0:cc:e0:79:9d:07:30:bc:
9e:13:30:9c:34:54:34:34:0c:3c:ea:c2:23:67:94:2d:62:69:
42:a8:4f:b2:e3:d4:61:04:db:37:16:37:27:f9:3d:62:b7:3d:
47:5b:39:89:b9:13:c7:fc:b9:84:fb:50:c3:b9:3b:e0:bb:b7:
de:f3:1e:73:85:a0:9e:e4:81:72:c2:34:79:7f:ce:c7:00:63:
ca:d3:30:31:89:d0:4d:81:a1:03:c6:2b:39:13:65:b4:04:98:
c0:d0:96:c0:aa:52:db:12:c9:8f:37:79:9e:f8:e1:e1:96:51:
d5:e3:53:e4:ae:b6:97:41:c3:83:58:f9:25:11:43:7d:a9:ba:
f9:6c:96:8f:23:ae:b1:97:8a:8b:11:79:a6:71:63:61:d3:6b:
44:10:dd:6e:1f:04:f3:c7:93:db:90:d6:88:a1:04:d4:e1:1f:
09:b9:2c:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVEHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMjMwMDA2WhcNMjgwNDI4MjMwMDA2WjAYMRYw
FAYDVQQDEw02ODEyYWI3Yi0xYjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1/NlmRBS4mhFc7r9sikaAC3cPtsVNzweSeuV71vhyLzt0QjnJRCLZC+X
/qYsuuob9J6SWnSM89P+oCxegV0/Ss14RcKe7cErkRVF9gFZB1Ig6Db5xizhe0LF
cyiNh+LbedNPewxKLcsuUFOagGuirVp2u6jlC93cUJokDFaGNrdHJ9bVKYi2jLBu
aDbHbTcVenXN2LM2z23FFFAzPVpvqTHoTgHVCVbhL2aRVQ0ciEKXNZj3k1R5XrA6
Zfft3nJISq1R8lJl+bKjhyOK9rl/j2Xu9rXNTjoZUbite/xYid9U3X31d2kVCP80
33fJGZI7tRREpEGU07Dq67Ug0T6cLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOHx
cUE22CoH6Xxw044Zkn3MAzu1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EREZGMTIwMDI2MTYxMUYwOTc2NDEyQzJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOj8MA0GCSqGSIb3DQEBCwUA
A4IBAQCuwuF6Tduocugk4Z78Dh9CGKrx6zrkmOajKaWhowkjVQchW3fkqZYCL2sb
unzwOGtYB33F3mN8R1TGfQOZL37iBNePPLmBJb21cPPxU4CuJhjx0MzgeZ0HMLye
EzCcNFQ0NAw86sIjZ5QtYmlCqE+y49RhBNs3Fjcn+T1itz1HWzmJuRPH/LmE+1DD
uTvgu7fe8x5zhaCe5IFywjR5f87HAGPK0zAxidBNgaEDxis5E2W0BJjA0JbAqlLb
EsmPN3me+OHhllHV41PkrraXQcODWPklEUN9qbr5bJaPI66xl4qLEXmmcWNh02tE
EN1uHwTzx5PbkNaIoQTU4R8JuSzA
-----END CERTIFICATE-----
Generated at Mon May 5 07:53:53 2025 by rpki-client