Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2859526A1CA911F09E23A6A9DAE4EC9C.roa
File: 2859526A1CA911F09E23A6A9DAE4EC9C.roa (raw, json)
Hash identifier: iXglpGvO8PxcVoVnLQXTmShSsMpWuPEcxML3Tep4rMU=
Subject key identifier: 69:BD:78:0A:1C:60:9A:91:D2:7F:D6:9B:D2:F2:FD:F7:AB:2F:84:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D69
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2859526A1CA911F09E23A6A9DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 23:02:10 +0000
ROA not before: Fri 18 Apr 2025 23:02:06 +0000
ROA not after: Wed 04 Jun 2025 23:02:06 +0000
asID: 394432
IP address blocks: 156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85353 (0x14d69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 23:02:06 2025 GMT
Not After : Jun 4 23:02:06 2025 GMT
Subject: CN=6802d9f2-8050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d9:91:fb:ee:eb:65:af:c7:9d:00:70:4c:72:
c8:d3:d3:e4:4d:1c:7f:e6:67:ad:56:75:0d:43:7b:
4a:05:5f:66:7b:89:9c:1f:a8:84:1a:2f:7b:68:e4:
c6:d7:19:e9:87:a5:dc:2f:7a:59:e5:49:18:9e:b0:
e5:6b:ce:8b:2c:a0:46:30:cf:b7:39:85:fc:dc:ee:
a5:1d:c0:5f:94:fe:6e:80:ae:aa:eb:ce:63:68:03:
8b:9c:af:ef:45:f9:c8:45:51:18:8e:8f:99:67:52:
30:88:a1:0f:89:a3:00:6c:46:3b:44:79:0f:7f:be:
c7:f0:65:48:b1:5a:da:92:ba:ec:73:d0:0f:04:c7:
1d:bb:92:5d:f3:e1:dd:a4:f1:8c:b3:d4:06:80:24:
27:91:df:b4:93:15:2d:b7:46:a9:bf:dd:ee:eb:23:
bc:a0:f5:a2:0b:77:8e:70:85:29:de:07:87:da:12:
4a:ca:d2:dd:f7:d9:48:59:07:b2:5d:be:80:de:30:
cf:ce:d0:cf:8d:5f:bb:ac:d9:fd:6b:b1:06:b9:03:
ce:e7:8d:ca:03:20:c5:69:af:74:9f:31:74:d3:90:
94:f2:9d:be:ed:50:f4:45:8a:ee:c7:81:af:35:d5:
f2:19:16:71:1e:65:3a:14:2b:c5:f8:b0:1a:1b:70:
22:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BD:78:0A:1C:60:9A:91:D2:7F:D6:9B:D2:F2:FD:F7:AB:2F:84:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2859526A1CA911F09E23A6A9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
bc:59:e3:17:8c:d7:12:dd:33:aa:a9:4c:82:ff:31:52:1e:d5:
a7:02:77:2b:22:9a:59:0b:25:12:3d:02:a2:3e:fa:01:62:89:
98:8b:84:5a:eb:aa:06:eb:40:7b:2d:72:95:62:c6:b8:d4:55:
f1:48:a1:33:4c:ec:0a:c0:5d:f6:f2:f7:c1:b6:79:13:97:d5:
cf:13:fc:0d:de:23:04:25:d1:fc:f3:40:e4:32:ef:cb:6e:23:
42:55:eb:b0:8b:ef:d7:5a:5f:77:a7:a7:12:86:7a:cd:34:22:
66:2c:98:9f:5e:09:a9:c0:b4:96:0d:32:8f:eb:8d:56:c3:9a:
6c:9d:a0:3c:92:75:d1:58:76:67:f7:53:d4:d0:37:40:17:ef:
1d:46:b8:f0:4f:e2:74:a8:96:44:b1:6d:1e:08:af:d9:26:c6:
0a:3f:84:d1:13:c0:98:82:93:01:5e:67:3f:b1:d3:77:f1:ee:
35:75:57:98:54:b6:53:e8:bf:07:1d:97:4f:78:23:85:50:e4:
1e:b9:35:15:4f:c2:48:09:e8:84:3d:ce:5f:67:f4:88:08:75:
37:5f:e0:23:20:50:53:7d:df:09:29:bf:e3:eb:e2:82:61:8c:
7e:31:eb:e6:ee:ff:dc:99:32:fe:9d:01:6f:cd:e9:84:71:60:
a3:d6:8f:71
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAU1pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE4MjMwMjA2WhcNMjUwNjA0MjMwMjA2WjAYMRYw
FAYDVQQDEw02ODAyZDlmMi04MDUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtdmR++7rZa/HnQBwTHLI09PkTRx/5metVnUNQ3tKBV9me4mcH6iEGi97
aOTG1xnph6XcL3pZ5UkYnrDla86LLKBGMM+3OYX83O6lHcBflP5ugK6q685jaAOL
nK/vRfnIRVEYjo+ZZ1IwiKEPiaMAbEY7RHkPf77H8GVIsVrakrrsc9APBMcdu5Jd
8+HdpPGMs9QGgCQnkd+0kxUtt0apv93u6yO8oPWiC3eOcIUp3geH2hJKytLd99lI
WQeyXb6A3jDPztDPjV+7rNn9a7EGuQPO543KAyDFaa90nzF005CU8p2+7VD0RYru
x4GvNdXyGRZxHmU6FCvF+LAaG3AizwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGm9
eAocYJqR0n/Wm9Ly/ferL4SqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODU5NTI2QTFDQTkxMUYwOUUyM0E2QTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc/JADBASc/KAwDQYJKoZI
hvcNAQELBQADggEBALxZ4xeM1xLdM6qpTIL/MVIe1acCdysimlkLJRI9AqI++gFi
iZiLhFrrqgbrQHstcpVixrjUVfFIoTNM7ArAXfby98G2eROX1c8T/A3eIwQl0fzz
QOQy78tuI0JV67CL79daX3enpxKGes00ImYsmJ9eCanAtJYNMo/rjVbDmmydoDyS
ddFYdmf3U9TQN0AX7x1GuPBP4nSolkSxbR4Ir9kmxgo/hNETwJiCkwFeZz+x03fx
7jV1V5hUtlPovwcdl094I4VQ5B65NRVPwkgJ6IQ9zl9n9IgIdTdf4CMgUFN93wkp
v+Pr4oJhjH4x6+bu/9yZMv6dAW/N6YRxYKPWj3E=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:08:26 2025 by rpki-client