Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/204F44AC438D11F08BA85E93DAE4EC9C.roa
File: 204F44AC438D11F08BA85E93DAE4EC9C.roa (raw, json)
Hash identifier: HU9kh0t6Pa50INqgK68MRB9ke32UOPVUisxjs/t7nek=
Subject key identifier: 54:72:53:69:4C:4B:BB:A4:D0:21:55:77:7B:85:12:A8:59:F9:0E:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A43
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/204F44AC438D11F08BA85E93DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 10:49:46 +0000
ROA not before: Sat 07 Jun 2025 10:49:41 +0000
ROA not after: Sun 31 Aug 2025 10:49:41 +0000
asID: 399077
IP address blocks: 156.240.202.0/24 maxlen: 24
156.240.203.0/24 maxlen: 24
156.240.204.0/24 maxlen: 24
156.240.205.0/24 maxlen: 24
156.240.206.0/24 maxlen: 24
156.240.207.0/24 maxlen: 24
156.240.208.0/24 maxlen: 24
156.240.209.0/24 maxlen: 24
156.240.210.0/24 maxlen: 24
156.240.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88643 (0x15a43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 7 10:49:41 2025 GMT
Not After : Aug 31 10:49:41 2025 GMT
Subject: CN=6844194a-7761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:13:d4:bb:9c:d2:58:f3:74:92:43:5d:d4:8f:
5c:19:37:a3:fe:68:53:46:8d:d2:2d:20:35:75:20:
89:8b:d5:7c:9e:9b:9d:50:1e:ba:f1:5e:87:72:49:
92:84:e7:0d:62:27:5f:8b:80:b7:08:e7:a8:f9:25:
8a:f4:2d:32:5a:6c:1f:47:92:a1:8c:8a:1f:2e:76:
fb:66:28:cd:6b:af:ff:68:cf:5d:2a:f3:cf:d9:33:
7e:1b:da:69:4e:20:4c:7e:b7:ba:40:3e:2c:43:56:
5b:94:7b:c5:03:d3:8d:c5:a2:1e:24:10:4e:16:50:
87:35:bf:41:e5:4a:a2:c1:fe:12:dd:a2:39:97:c5:
c9:1c:cd:3b:e0:b8:77:3b:39:c4:9d:51:16:01:93:
d3:36:c8:af:a4:7f:0c:bb:82:32:48:7d:96:59:3a:
bf:94:e6:7d:f2:d0:52:37:9d:98:af:aa:12:be:d7:
1a:2f:b7:5c:d4:58:e3:ce:c8:18:a5:0a:17:17:65:
97:43:9e:9c:b5:1f:e1:ee:6a:44:7b:73:e1:d0:35:
7b:3c:5c:6f:f5:94:d2:91:c5:c2:04:a5:d9:59:d9:
9f:be:2c:0c:83:ab:eb:69:d5:28:52:27:b5:6d:c5:
6c:3b:06:2e:68:c8:f0:b2:19:b0:b1:37:98:ed:b7:
de:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:72:53:69:4C:4B:BB:A4:D0:21:55:77:7B:85:12:A8:59:F9:0E:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/204F44AC438D11F08BA85E93DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.202.0-156.240.211.255
Signature Algorithm: sha256WithRSAEncryption
a1:87:8f:fe:e5:25:d5:33:50:d0:11:56:89:c1:31:0d:82:ee:
97:ee:f7:89:05:d8:cc:cf:af:84:b8:68:e9:ce:2c:5e:d3:fd:
24:a9:1c:61:82:25:16:64:7f:8a:b2:9c:99:2e:96:a3:b7:cd:
c3:3e:9a:02:3b:b9:ce:81:f7:b6:81:f5:da:5b:25:35:74:95:
0b:6a:70:c3:30:96:e2:88:2e:08:2c:77:fa:4a:3f:50:f6:07:
05:b2:bf:b9:01:e5:28:d3:e9:13:c8:09:43:69:94:04:51:0f:
ef:7a:86:9a:43:40:b4:b2:2c:bd:21:e4:d6:e2:be:b9:db:75:
c0:81:2a:d0:1e:54:8e:b1:43:40:6f:7e:92:4a:34:6d:87:b0:
84:70:e2:4f:5d:4d:6d:fe:06:f1:12:60:19:80:89:2f:ff:d6:
b8:6e:f7:20:a1:67:4e:19:10:c5:19:7c:bc:e2:a5:16:4a:c7:
8a:a3:48:21:c8:41:87:a0:88:c4:e0:e1:ae:71:fd:92:d3:bd:
46:a0:5f:d8:fb:4c:52:e0:97:89:25:29:6d:1a:1f:ec:6b:f4:
0a:d7:6e:d6:d5:9b:a2:f2:f2:65:38:a0:a2:9d:b7:03:da:8f:
93:d3:21:cf:64:36:56:4d:f4:39:8d:da:d4:25:a9:ba:3a:23:
75:87:6c:88
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVpDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA3MTA0OTQxWhcNMjUwODMxMTA0OTQxWjAYMRYw
FAYDVQQDEw02ODQ0MTk0YS03NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyhPUu5zSWPN0kkNd1I9cGTej/mhTRo3SLSA1dSCJi9V8npudUB668V6H
ckmShOcNYidfi4C3COeo+SWK9C0yWmwfR5KhjIofLnb7ZijNa6//aM9dKvPP2TN+
G9ppTiBMfre6QD4sQ1ZblHvFA9ONxaIeJBBOFlCHNb9B5Uqiwf4S3aI5l8XJHM07
4Lh3OznEnVEWAZPTNsivpH8Mu4IySH2WWTq/lOZ98tBSN52Yr6oSvtcaL7dc1Fjj
zsgYpQoXF2WXQ56ctR/h7mpEe3Ph0DV7PFxv9ZTSkcXCBKXZWdmfviwMg6vradUo
Uie1bcVsOwYuaMjwshmwsTeY7bfePQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFRy
U2lMS7uk0CFVd3uFEqhZ+Q6wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMDRGNDRBQzQzOEQxMUYwOEJBODVFOTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGc8MoDBAKc8NAwDQYJKoZI
hvcNAQELBQADggEBAKGHj/7lJdUzUNARVonBMQ2C7pfu94kF2MzPr4S4aOnOLF7T
/SSpHGGCJRZkf4qynJkulqO3zcM+mgI7uc6B97aB9dpbJTV0lQtqcMMwluKILggs
d/pKP1D2BwWyv7kB5SjT6RPICUNplARRD+96hppDQLSyLL0h5NbivrnbdcCBKtAe
VI6xQ0BvfpJKNG2HsIRw4k9dTW3+BvESYBmAiS//1rhu9yChZ04ZEMUZfLzipRZK
x4qjSCHIQYegiMTg4a5x/ZLTvUagX9j7TFLgl4klKW0aH+xr9ArXbtbVm6Ly8mU4
oKKdtwPaj5PTIc9kNlZN9DmN2tQlqbo6I3WHbIg=
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:11:34 2025 by rpki-client