Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79D273F4469511F0940D3ECDDAE4EC9C.roa
File: 79D273F4469511F0940D3ECDDAE4EC9C.roa (raw, json)
Hash identifier: 9kmbHRgog+DG/xYQJtyAsr7cwmNHSenDNbDTjx19ytc=
Subject key identifier: 65:AA:63:34:AA:8B:41:69:4A:37:D2:3B:8B:E1:46:28:81:F7:DE:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B1E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79D273F4469511F0940D3ECDDAE4EC9C.roa
Signing time: Wed 11 Jun 2025 07:27:06 +0000
ROA not before: Wed 11 Jun 2025 07:27:01 +0000
ROA not after: Thu 17 Jul 2025 07:27:01 +0000
asID: 395793
IP address blocks: 156.230.159.0/24 maxlen: 24
156.230.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88862 (0x15b1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 11 07:27:01 2025 GMT
Not After : Jul 17 07:27:01 2025 GMT
Subject: CN=68492fca-9b84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1b:29:89:82:60:00:86:c1:f6:4a:85:32:ac:
9e:b7:04:93:00:d1:4c:54:f4:07:fe:99:f7:28:86:
cf:0b:06:91:7a:1f:5e:72:04:56:19:bd:1c:89:44:
46:95:9b:92:f4:e9:f2:e2:75:0c:67:54:0a:1a:e2:
a8:28:29:80:6a:e6:43:90:d8:54:f2:5f:ab:59:a5:
15:c7:20:e0:70:91:3f:83:c8:b8:b5:99:0b:fb:5e:
53:30:07:31:1f:84:69:6d:cc:49:40:7c:30:16:5a:
c7:a8:f6:38:6e:29:4e:91:75:60:3b:c0:75:9a:a3:
75:db:7a:d4:b6:13:c5:ce:ba:b7:ef:92:00:2a:51:
73:78:bd:92:f3:69:53:44:6a:59:bd:93:6f:da:ea:
77:91:a0:87:16:2f:09:9e:8f:5f:cf:e6:8c:1a:57:
96:ce:4e:e8:95:cf:c5:33:43:90:e3:d0:a3:6b:fe:
d5:03:85:38:db:83:74:ea:69:85:3a:bd:b6:12:8c:
07:1c:57:88:89:bc:30:67:26:56:93:71:10:65:43:
f2:39:29:e4:20:e1:e2:1f:b8:6d:c4:ca:f2:e8:00:
d5:61:e8:c7:dd:73:9d:54:10:c8:41:02:e0:c6:aa:
f3:ee:26:56:5c:a0:41:d0:06:7f:f0:e2:64:cd:52:
a5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AA:63:34:AA:8B:41:69:4A:37:D2:3B:8B:E1:46:28:81:F7:DE:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79D273F4469511F0940D3ECDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.159.0-156.230.160.255
Signature Algorithm: sha256WithRSAEncryption
45:b9:4c:3f:96:fd:ba:bf:0d:b8:d1:32:f1:3a:d7:73:0d:f2:
14:13:7c:4e:d8:34:c6:9c:81:ef:3c:82:b6:67:9f:fc:de:4b:
ce:45:da:2a:da:c6:2f:4c:e0:52:19:c4:d8:7c:89:21:a7:0d:
23:07:b1:d5:b4:b5:00:4f:d8:d9:70:65:a7:36:eb:0f:61:5a:
6d:0b:f4:c2:85:46:86:97:95:83:e4:ce:65:e4:d1:92:ad:c1:
78:57:6e:85:89:c0:22:00:ff:2c:2e:a8:0e:0a:70:0f:59:c1:
68:76:95:92:1e:26:a7:1a:e0:13:f5:38:b5:dd:3a:3f:4c:b0:
df:19:cd:d7:b5:85:45:22:de:3b:c7:32:92:54:cc:c4:cc:59:
89:82:33:c9:3d:9c:ad:37:64:48:f3:df:b8:20:a4:77:73:f3:
15:b9:19:6c:86:fb:e7:4c:bb:d9:69:7e:c2:c0:53:12:50:2b:
76:e6:07:9a:b9:2c:a0:75:11:b0:6c:39:8c:85:7b:31:57:96:
e1:c1:80:4d:58:bd:a1:ad:b1:88:e0:49:e1:ca:2f:28:8a:4c:
f5:7a:96:4f:a5:0f:04:a5:83:8c:ec:25:be:46:86:68:e9:e8:
cc:1f:3b:3a:f8:74:19:44:86:27:93:1a:a3:15:30:71:00:20:
b8:7f:84:d9
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVseMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjExMDcyNzAxWhcNMjUwNzE3MDcyNzAxWjAYMRYw
FAYDVQQDEw02ODQ5MmZjYS05Yjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7BspiYJgAIbB9kqFMqyetwSTANFMVPQH/pn3KIbPCwaReh9ecgRWGb0c
iURGlZuS9Ony4nUMZ1QKGuKoKCmAauZDkNhU8l+rWaUVxyDgcJE/g8i4tZkL+15T
MAcxH4RpbcxJQHwwFlrHqPY4bilOkXVgO8B1mqN123rUthPFzrq375IAKlFzeL2S
82lTRGpZvZNv2up3kaCHFi8Jno9fz+aMGleWzk7olc/FM0OQ49Cja/7VA4U424N0
6mmFOr22EowHHFeIibwwZyZWk3EQZUPyOSnkIOHiH7htxMry6ADVYejH3XOdVBDI
QQLgxqrz7iZWXKBB0AZ/8OJkzVKlJQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGWq
YzSqi0FpSjfSO4vhRiiB996tMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OUQyNzNGNDQ2OTUxMUYwOTQwRDNFQ0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc5p8DBACc5qAwDQYJKoZI
hvcNAQELBQADggEBAEW5TD+W/bq/DbjRMvE613MN8hQTfE7YNMacge88grZnn/ze
S85F2iraxi9M4FIZxNh8iSGnDSMHsdW0tQBP2NlwZac26w9hWm0L9MKFRoaXlYPk
zmXk0ZKtwXhXboWJwCIA/ywuqA4KcA9ZwWh2lZIeJqca4BP1OLXdOj9MsN8Zzde1
hUUi3jvHMpJUzMTMWYmCM8k9nK03ZEjz37ggpHdz8xW5GWyG++dMu9lpfsLAUxJQ
K3bmB5q5LKB1EbBsOYyFezFXluHBgE1YvaGtsYjgSeHKLyiKTPV6lk+lDwSlg4zs
Jb5Ghmjp6MwfOzr4dBlEhieTGqMVMHEAILh/hNk=
-----END CERTIFICATE-----
Generated at Tue Jun 17 12:01:45 2025 by rpki-client