Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E65F9AC2F4D11F0867EE5E9DAE4EC9C.roa
File: 4E65F9AC2F4D11F0867EE5E9DAE4EC9C.roa (raw, json)
Hash identifier: 4t5/YdmCPEXue1sblzrdMIdhtatAB9SClPL5ljgbR+k=
Subject key identifier: BD:05:0A:46:2F:B8:98:DB:7B:43:95:28:BD:EE:EB:3F:9C:83:D2:19
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153BB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E65F9AC2F4D11F0867EE5E9DAE4EC9C.roa
Signing time: Mon 12 May 2025 16:22:33 +0000
ROA not before: Mon 12 May 2025 16:22:11 +0000
ROA not after: Fri 08 Aug 2025 16:22:11 +0000
asID: 149440
IP address blocks: 156.225.64.0/24 maxlen: 24
156.227.0.0/24 maxlen: 24
156.235.89.0/24 maxlen: 24
156.236.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 11:44:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86971 (0x153bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 16:22:11 2025 GMT
Not After : Aug 8 16:22:11 2025 GMT
Subject: CN=68222048-d7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:77:3b:0e:97:01:3a:12:35:d3:1c:7d:a1:
9d:63:b8:aa:d8:68:dd:96:04:29:31:7b:44:04:8a:
ff:e7:7b:b0:d1:a3:d0:61:99:26:63:61:fe:ff:b0:
6b:58:a9:8a:98:13:62:f9:1c:5a:0a:34:31:44:36:
58:b5:f8:34:1c:4e:9b:08:58:b3:a0:8f:65:75:e8:
8a:cb:bb:8b:11:45:01:57:ea:d4:78:bb:ac:a6:c0:
dd:fc:51:bc:0a:fa:36:e6:a5:1b:b2:ee:40:09:33:
ba:c8:2f:86:df:e8:ce:8d:40:40:b3:88:30:ee:15:
79:6a:88:d5:78:65:d2:7a:03:1c:39:72:5b:23:99:
67:76:e8:4d:bc:29:f2:9d:99:65:89:9b:41:ed:8c:
a6:54:4d:20:d5:f1:92:e3:15:a4:a2:00:30:93:b1:
bd:49:90:a6:a2:99:c4:88:02:be:44:e1:b0:95:31:
1c:e1:c7:aa:aa:82:ae:41:5d:fe:b7:be:4f:d7:7d:
12:ef:de:1b:a4:b9:b7:0f:7c:50:b2:e6:a6:94:71:
4a:cc:d7:2e:87:11:53:43:fe:9b:d2:3c:d9:b9:10:
94:92:34:5e:86:77:18:18:0a:99:7c:fe:6d:b1:3b:
5b:19:c8:f8:3e:af:af:e8:bb:44:f9:b6:5f:71:18:
c0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:05:0A:46:2F:B8:98:DB:7B:43:95:28:BD:EE:EB:3F:9C:83:D2:19
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E65F9AC2F4D11F0867EE5E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.64.0/24
156.227.0.0/24
156.235.89.0/24
156.236.76.0/24
Signature Algorithm: sha256WithRSAEncryption
90:63:55:eb:33:98:5e:9d:9e:70:5c:f7:59:f6:5e:29:15:fd:
a5:6e:10:49:f7:89:d1:27:44:bd:e9:46:d0:43:67:64:99:5f:
dc:78:1f:18:35:5e:c1:82:58:d6:ae:54:b0:1d:4b:0a:5d:5e:
67:45:8e:d7:75:53:fc:01:50:e7:5b:b8:7d:a8:d5:04:78:1e:
d7:80:86:4b:04:ed:8f:cf:2c:69:f3:60:f0:14:57:60:39:04:
4d:8c:40:0c:8e:23:b5:d6:d0:0d:44:57:df:80:10:55:ff:9d:
f1:7f:fc:69:e3:b7:40:9c:ef:3f:cf:5b:aa:51:1b:e0:9f:25:
57:47:a9:3b:ef:33:14:4b:70:2e:a1:ad:c9:fb:e4:42:b0:1c:
ae:b5:6b:70:7f:d7:d2:6b:e4:a6:08:ce:70:c9:3c:64:a8:b6:
d9:a2:ff:56:be:18:d9:74:8c:c7:df:6c:6e:8b:81:ac:9b:ce:
43:3d:67:a7:be:6f:39:f8:0d:22:fd:0a:c6:24:1f:1b:06:1c:
8f:6d:c7:5e:5b:7e:a8:04:b4:14:4b:6b:60:85:d8:5b:f4:0b:
30:9d:d5:0d:aa:42:ac:46:a0:6c:ce:82:52:fc:2f:04:51:44:
1a:1a:00:7c:3b:c2:e9:34:7c:5f:59:bb:8c:c9:95:4e:0e:e6:
f1:f2:7d:57
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAVO7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTYyMjExWhcNMjUwODA4MTYyMjExWjAYMRYw
FAYDVQQDEw02ODIyMjA0OC1kN2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtfF3Ow6XAToSNdMcfaGdY7iq2GjdlgQpMXtEBIr/53uw0aPQYZkmY2H+
/7BrWKmKmBNi+RxaCjQxRDZYtfg0HE6bCFizoI9ldeiKy7uLEUUBV+rUeLuspsDd
/FG8Cvo25qUbsu5ACTO6yC+G3+jOjUBAs4gw7hV5aojVeGXSegMcOXJbI5lnduhN
vCnynZlliZtB7YymVE0g1fGS4xWkogAwk7G9SZCmopnEiAK+ROGwlTEc4ceqqoKu
QV3+t75P130S794bpLm3D3xQsuamlHFKzNcuhxFTQ/6b0jzZuRCUkjRehncYGAqZ
fP5tsTtbGcj4Pq+v6LtE+bZfcRjADQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFL0F
CkYvuJjbe0OVKL3u6z+cg9IZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTY1RjlBQzJGNEQxMUYwODY3RUU1RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnOFAAwQAnOMAAwQAnOtZAwQA
nOxMMA0GCSqGSIb3DQEBCwUAA4IBAQCQY1XrM5henZ5wXPdZ9l4pFf2lbhBJ94nR
J0S96UbQQ2dkmV/ceB8YNV7BgljWrlSwHUsKXV5nRY7XdVP8AVDnW7h9qNUEeB7X
gIZLBO2Pzyxp82DwFFdgOQRNjEAMjiO11tANRFffgBBV/53xf/xp47dAnO8/z1uq
URvgnyVXR6k77zMUS3Auoa3J++RCsByutWtwf9fSa+SmCM5wyTxkqLbZov9WvhjZ
dIzH32xui4Gsm85DPWenvm85+A0i/QrGJB8bBhyPbcdeW36oBLQUS2tghdhb9Asw
ndUNqkKsRqBszoJS/C8EUUQaGgB8O8LpNHxfWbuMyZVODubx8n1X
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:08:26 2025 by rpki-client