Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F0E20F8490E11F09FEE63EDDAE4EC9C.roa
File: 3F0E20F8490E11F09FEE63EDDAE4EC9C.roa (raw, json)
Hash identifier: lggAZMT4rPnSwKn/zJfEkyH7wBhYsOIb8Gz5Z4dtZMU=
Subject key identifier: BB:FD:4A:19:E6:DD:3C:13:44:9A:1B:D0:F5:39:54:DD:07:EA:55:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F0E20F8490E11F09FEE63EDDAE4EC9C.roa
Signing time: Sat 14 Jun 2025 10:56:39 +0000
ROA not before: Sat 14 Jun 2025 10:56:34 +0000
ROA not after: Wed 06 Aug 2025 10:56:34 +0000
asID: 44901
IP address blocks: 156.229.125.0/24 maxlen: 24
156.229.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Jun 2025 06:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89115 (0x15c1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 14 10:56:34 2025 GMT
Not After : Aug 6 10:56:34 2025 GMT
Subject: CN=684d5567-6604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5e:38:fb:ed:a5:bb:5a:77:2b:c4:29:d9:c5:
d0:f4:60:a7:63:07:a0:d5:6c:89:ac:60:21:c4:54:
49:ca:43:62:c3:18:ba:1f:e5:52:76:72:32:8c:5e:
06:4c:c4:41:1e:49:28:89:e4:8c:fd:17:82:6c:a8:
dc:3f:ea:b2:15:8d:e4:ca:aa:27:f6:02:59:8f:c8:
e7:77:16:f9:13:3d:da:06:a2:01:c0:2e:fa:d0:96:
26:ec:0f:33:3c:10:31:02:1c:88:b2:ea:36:27:d7:
a6:31:11:06:3c:f9:17:bb:62:dd:7e:f2:d3:7d:b6:
e0:4b:03:9f:b9:73:67:47:5b:c9:7b:df:ae:a4:46:
51:4c:91:9c:4b:32:75:36:65:dc:3d:cf:8c:9b:14:
ea:06:34:99:42:32:57:d0:66:86:00:60:0c:90:90:
90:c4:f9:20:80:3d:e0:df:cf:88:0e:9e:ee:1a:34:
b9:f4:bf:1e:84:d4:60:90:6f:4c:50:3f:29:b6:74:
df:35:95:18:a3:3c:da:17:57:28:53:81:bb:90:ee:
44:ba:2e:83:52:00:bb:63:2d:ce:21:10:9c:f2:fd:
67:78:d0:63:a3:3b:01:36:66:aa:90:30:e1:6d:66:
ac:bc:03:13:ff:52:cd:eb:f2:6a:7f:83:c0:b4:17:
f3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FD:4A:19:E6:DD:3C:13:44:9A:1B:D0:F5:39:54:DD:07:EA:55:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F0E20F8490E11F09FEE63EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.125.0/24
156.229.239.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0d:ed:fb:74:7c:be:a2:02:e3:29:e6:8b:a1:6d:62:df:76:
fe:79:5d:6e:db:11:40:16:51:67:30:d5:3a:20:ac:94:3a:95:
d1:b3:d8:52:51:5d:49:5f:d1:9c:02:44:f5:14:1d:2f:05:8d:
80:47:5f:2d:b4:da:0e:33:39:6c:c5:a7:d0:b7:75:a1:48:70:
28:5f:2d:00:bf:4d:b6:3a:eb:50:9c:ef:7a:3f:14:2c:c0:75:
15:35:11:0c:0f:a5:70:c7:ac:a9:bd:5e:6d:5f:2e:71:60:e0:
8d:2a:21:3a:4c:b9:58:c2:17:bc:42:37:35:b2:dd:e9:05:4f:
ee:6a:ac:59:35:8b:6d:4f:5d:a5:12:9b:c0:f4:5d:41:72:84:
e7:4b:20:e3:09:36:c6:0b:be:28:b2:2c:a1:bd:65:92:1d:a5:
95:67:f6:10:dd:f5:15:ba:70:22:aa:a8:1f:56:36:dd:eb:65:
8d:ce:d7:ad:a1:64:44:54:60:d3:27:d5:a5:df:57:08:85:01:
3a:33:0b:5c:71:9e:30:e5:3d:f8:f0:5e:16:dc:22:b5:01:3d:
2f:80:b3:0c:6e:aa:80:25:e1:92:3d:26:7e:c4:bd:f3:60:cd:
b3:a8:ae:a4:00:7f:2f:d6:c3:30:b5:1b:56:95:ac:77:d1:90:
7f:a7:65:61
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVwbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE0MTA1NjM0WhcNMjUwODA2MTA1NjM0WjAYMRYw
FAYDVQQDEw02ODRkNTU2Ny02NjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv144++2lu1p3K8Qp2cXQ9GCnYweg1WyJrGAhxFRJykNiwxi6H+VSdnIy
jF4GTMRBHkkoieSM/ReCbKjcP+qyFY3kyqon9gJZj8jndxb5Ez3aBqIBwC760JYm
7A8zPBAxAhyIsuo2J9emMREGPPkXu2LdfvLTfbbgSwOfuXNnR1vJe9+upEZRTJGc
SzJ1NmXcPc+MmxTqBjSZQjJX0GaGAGAMkJCQxPkggD3g38+IDp7uGjS59L8ehNRg
kG9MUD8ptnTfNZUYozzaF1coU4G7kO5Eui6DUgC7Yy3OIRCc8v1neNBjozsBNmaq
kDDhbWasvAMT/1LN6/Jqf4PAtBfznwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLv9
Shnm3TwTRJob0PU5VN0H6lVQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjBFMjBGODQ5MEUxMUYwOUZFRTYzRUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOV9AwQAnOXvMA0GCSqGSIb3
DQEBCwUAA4IBAQCPDe37dHy+ogLjKeaLoW1i33b+eV1u2xFAFlFnMNU6IKyUOpXR
s9hSUV1JX9GcAkT1FB0vBY2AR18ttNoOMzlsxafQt3WhSHAoXy0Av022OutQnO96
PxQswHUVNREMD6Vwx6ypvV5tXy5xYOCNKiE6TLlYwhe8Qjc1st3pBU/uaqxZNYtt
T12lEpvA9F1BcoTnSyDjCTbGC74osiyhvWWSHaWVZ/YQ3fUVunAiqqgfVjbd62WN
ztetoWREVGDTJ9Wl31cIhQE6MwtccZ4w5T348F4W3CK1AT0vgLMMbqqAJeGSPSZ+
xL3zYM2zqK6kAH8v1sMwtRtWlax30ZB/p2Vh
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:21:37 2025 by rpki-client