Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E89C7D0201C11F098C99BCADAE4EC9C.roa
File: 1E89C7D0201C11F098C99BCADAE4EC9C.roa (raw, json)
Hash identifier: dwMhEcsBHEHABm0FK7uV28KC/ER6yi/qkJTNmmIUZwI=
Subject key identifier: CD:A5:C3:DF:8A:4F:57:6E:4E:35:6B:7D:86:11:23:96:2E:58:83:03
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014E32
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E89C7D0201C11F098C99BCADAE4EC9C.roa
Signing time: Wed 23 Apr 2025 08:22:40 +0000
ROA not before: Wed 23 Apr 2025 08:22:35 +0000
ROA not after: Thu 29 May 2025 08:22:35 +0000
asID: 398704
IP address blocks: 156.245.192.0/24 maxlen: 24
156.245.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85554 (0x14e32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 23 08:22:35 2025 GMT
Not After : May 29 08:22:35 2025 GMT
Subject: CN=6808a34f-1893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5c:e3:6c:7f:fc:91:de:89:a7:a5:d3:ed:8b:
8b:86:ed:a6:6b:fd:7d:95:ac:2c:a4:1f:19:17:4f:
b3:37:af:4f:26:64:62:34:49:32:7d:e2:e8:62:9f:
e2:20:86:ea:10:bf:5c:20:3f:7e:26:40:f5:29:e9:
29:db:99:24:95:21:9d:30:f9:9c:60:cc:d8:af:af:
78:a7:95:16:2c:0b:41:30:1f:7b:4a:01:31:b5:a4:
c6:f6:95:09:2c:a5:f4:4f:2b:51:52:28:81:ed:19:
25:04:71:4e:be:a7:20:5b:c1:b8:9f:c7:50:00:d4:
45:a2:08:98:92:70:f1:4e:46:71:08:39:40:e9:38:
5f:b8:33:37:d8:0c:b4:5e:cf:53:ff:a6:58:4b:4d:
a9:cc:87:d1:5e:c6:c8:b2:0b:55:b5:3a:ae:75:44:
b6:00:39:49:8f:c1:3e:2e:e3:f5:cd:5f:26:35:f9:
55:23:09:93:a5:0b:dc:eb:f0:4b:e3:e2:f1:d2:8e:
94:6d:f6:8f:17:7a:e2:7f:9e:f8:8a:7e:a7:30:c8:
56:92:eb:bb:6c:85:93:12:90:c6:2d:02:23:5b:01:
88:8e:fb:86:55:b6:6e:4d:2a:00:68:c2:a4:95:3e:
03:92:3a:ba:d1:3d:19:72:4e:ad:d7:e7:a9:78:2b:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A5:C3:DF:8A:4F:57:6E:4E:35:6B:7D:86:11:23:96:2E:58:83:03
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E89C7D0201C11F098C99BCADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.192.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:43:cb:c6:3f:0d:74:36:11:e9:9b:0a:5c:c0:c0:45:12:b8:
dc:0b:17:ce:dd:5e:17:65:e9:5b:4f:74:bb:09:a6:b9:4a:1f:
ab:c5:a4:dd:71:db:4b:16:d9:d2:88:1e:22:ff:37:bc:f2:d8:
31:9a:2e:98:c4:ed:64:b1:cc:f6:5d:25:36:a6:39:3f:8d:1e:
55:23:78:45:a2:07:34:68:ef:1d:23:9d:da:18:60:ce:a1:ca:
17:05:30:a2:37:6a:e8:17:cb:e0:d4:99:93:21:23:c6:33:a2:
dd:07:47:0f:ca:d9:64:0c:87:28:88:a8:75:3f:06:63:be:42:
ad:26:42:3a:89:07:de:0e:a5:2e:4f:7c:10:f9:3c:9a:d3:13:
86:e4:29:19:85:fa:6e:63:d4:75:08:5e:39:e0:3d:bb:7e:01:
c7:12:1d:3c:02:3f:31:30:82:b4:ef:e9:a8:6b:e6:68:9a:2f:
2e:7c:b7:93:2f:d5:ea:9a:ed:f2:f9:84:f7:c9:c0:aa:15:a0:
88:81:f4:1e:5e:c9:e6:51:d0:64:0c:5a:34:eb:22:9a:bd:f2:
ee:0e:75:0a:6a:e9:5b:1f:d2:a4:a1:40:f3:9d:b8:fb:4e:85:
7e:4c:d6:cf:4f:bd:5c:26:60:76:26:3e:6f:2b:4b:af:40:50:
9a:db:b3:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU4yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIzMDgyMjM1WhcNMjUwNTI5MDgyMjM1WjAYMRYw
FAYDVQQDEw02ODA4YTM0Zi0xODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2lzjbH/8kd6Jp6XT7YuLhu2ma/19lawspB8ZF0+zN69PJmRiNEkyfeLo
Yp/iIIbqEL9cID9+JkD1Kekp25kklSGdMPmcYMzYr694p5UWLAtBMB97SgExtaTG
9pUJLKX0TytRUiiB7RklBHFOvqcgW8G4n8dQANRFogiYknDxTkZxCDlA6ThfuDM3
2Ay0Xs9T/6ZYS02pzIfRXsbIsgtVtTqudUS2ADlJj8E+LuP1zV8mNflVIwmTpQvc
6/BL4+Lx0o6UbfaPF3rif574in6nMMhWkuu7bIWTEpDGLQIjWwGIjvuGVbZuTSoA
aMKklT4Dkjq60T0Zck6t1+epeCt+1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM2l
w9+KT1duTjVrfYYRI5YuWIMDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRTg5QzdEMDIwMUMxMUYwOThDOTlCQ0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQAbQ8vGPw10NhHpmwpcwMBFErjcCxfO3V4XZelbT3S7Caa5Sh+rxaTdcdtL
FtnSiB4i/ze88tgxmi6YxO1kscz2XSU2pjk/jR5VI3hFogc0aO8dI53aGGDOocoX
BTCiN2roF8vg1JmTISPGM6LdB0cPytlkDIcoiKh1PwZjvkKtJkI6iQfeDqUuT3wQ
+Tya0xOG5CkZhfpuY9R1CF454D27fgHHEh08Aj8xMIK07+moa+Zomi8ufLeTL9Xq
mu3y+YT3ycCqFaCIgfQeXsnmUdBkDFo06yKavfLuDnUKaulbH9KkoUDznbj7ToV+
TNbPT71cJmB2Jj5vK0uvQFCa27Ma
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:14:49 2025 by rpki-client