Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/853166121A9211F0B1A7FBEA6DB8BCC6.roa
File: 853166121A9211F0B1A7FBEA6DB8BCC6.roa (raw, json)
Hash identifier: tI9qu7ucYCJygLrLjGiImGaRBPHqYOnEp+1g+hj1mHQ=
Subject key identifier: AE:6B:A7:1B:C7:5A:C1:44:5C:F9:DA:5A:7F:F9:C7:A4:B8:4D:42:2D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014C9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/853166121A9211F0B1A7FBEA6DB8BCC6.roa
Signing time: Wed 16 Apr 2025 07:15:05 +0000
ROA not before: Wed 16 Apr 2025 07:15:00 +0000
ROA not after: Tue 27 May 2025 07:15:00 +0000
asID: 20326
IP address blocks: 156.233.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85147 (0x14c9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 16 07:15:00 2025 GMT
Not After : May 27 07:15:00 2025 GMT
Subject: CN=67ff58f9-2e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:72:1b:0a:09:ad:8b:7c:e4:31:8e:74:e9:95:
97:60:66:70:81:c6:09:0e:78:99:6d:62:70:02:2c:
16:77:53:31:70:e2:b1:11:bb:99:19:a6:af:5c:73:
dc:12:4d:c8:6d:a1:a4:e4:a3:fd:44:33:6a:ca:a4:
8f:b4:77:fc:34:b7:b7:d1:6b:00:f5:ac:f0:a4:56:
bd:78:53:49:8f:e4:6a:4e:ff:6f:ce:11:50:df:67:
4f:1f:a3:f1:89:8f:c2:86:3a:35:41:d1:f1:5c:06:
b7:e0:f4:9f:2d:5d:93:92:34:30:26:69:a9:24:ad:
b9:eb:09:99:6b:fd:64:cb:61:2e:b0:a8:02:1d:c2:
2b:c0:2a:e5:ae:73:58:e0:dc:c5:98:6a:5b:e0:4d:
7a:58:e5:b4:bc:9c:f0:2f:02:a5:17:9f:86:cf:22:
59:95:2e:53:30:e2:cb:4c:1f:57:2b:52:dd:88:af:
bd:86:90:dd:eb:6c:b7:76:c8:15:86:f9:79:33:d0:
1c:10:ec:85:b2:d4:fc:05:78:32:b5:01:f8:e8:8f:
66:7b:93:f3:f2:cd:86:cb:c0:f8:55:4e:f1:34:e7:
cf:7e:b0:a8:be:7d:55:26:43:73:b7:9f:aa:91:94:
7f:7f:a9:55:23:d3:4e:b6:b2:ed:a3:4a:00:92:01:
f4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:6B:A7:1B:C7:5A:C1:44:5C:F9:DA:5A:7F:F9:C7:A4:B8:4D:42:2D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/853166121A9211F0B1A7FBEA6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.54.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e8:f8:d5:2c:d3:0c:13:d1:22:97:60:2b:af:7f:2f:0a:e6:
10:4c:d4:57:43:e1:5e:76:e9:91:4e:26:4b:ef:53:27:90:12:
a9:9d:f2:a9:c5:ca:6a:eb:db:e0:c9:3d:95:f1:3e:4a:3d:3f:
bd:a4:ae:a1:fb:98:a0:df:a7:ba:2d:cf:ba:e0:67:ce:1f:99:
10:e2:c6:5e:71:c3:18:e2:34:c1:3d:2d:69:7e:11:e7:11:2b:
ab:f7:c4:c4:4a:23:17:3a:26:fa:c9:45:3a:68:55:34:b1:ec:
ac:e2:92:f0:da:e8:9f:22:66:4e:8a:60:ec:48:ec:a1:d6:c3:
62:b6:0b:b6:56:a2:6c:f0:56:7a:61:96:cc:d8:b6:df:82:2e:
b0:eb:ce:99:93:81:c1:8a:83:96:81:ee:53:86:75:89:03:1a:
59:21:c9:fe:90:8e:1d:ef:5d:b1:10:fb:b6:a5:35:73:21:d7:
7a:13:8e:c5:9e:54:ae:be:02:7f:c6:b0:3f:54:4c:0e:82:1e:
74:40:72:56:ba:42:28:86:84:8a:f6:2a:14:3d:83:fe:2e:28:
fe:2d:56:72:04:d9:fc:6d:46:03:e5:20:93:8a:1e:88:bd:56:
a5:ca:93:cf:89:a2:8c:d4:d9:6c:58:e6:79:ad:68:e9:5d:a4:
5f:84:45:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUybMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE2MDcxNTAwWhcNMjUwNTI3MDcxNTAwWjAYMRYw
FAYDVQQDEw02N2ZmNThmOS0yZTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9nIbCgmti3zkMY506ZWXYGZwgcYJDniZbWJwAiwWd1MxcOKxEbuZGaav
XHPcEk3IbaGk5KP9RDNqyqSPtHf8NLe30WsA9azwpFa9eFNJj+RqTv9vzhFQ32dP
H6PxiY/Chjo1QdHxXAa34PSfLV2TkjQwJmmpJK256wmZa/1ky2EusKgCHcIrwCrl
rnNY4NzFmGpb4E16WOW0vJzwLwKlF5+GzyJZlS5TMOLLTB9XK1LdiK+9hpDd62y3
dsgVhvl5M9AcEOyFstT8BXgytQH46I9me5Pz8s2Gy8D4VU7xNOfPfrCovn1VJkNz
t5+qkZR/f6lVI9NOtrLto0oAkgH0WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK5r
pxvHWsFEXPnaWn/5x6S4TUItMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NTMxNjYxMjFBOTIxMUYwQjFBN0ZCRUE2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk2MA0GCSqGSIb3DQEBCwUA
A4IBAQCQ6PjVLNMME9Eil2Arr38vCuYQTNRXQ+FedumRTiZL71MnkBKpnfKpxcpq
69vgyT2V8T5KPT+9pK6h+5ig36e6Lc+64GfOH5kQ4sZeccMY4jTBPS1pfhHnESur
98TESiMXOib6yUU6aFU0seys4pLw2uifImZOimDsSOyh1sNitgu2VqJs8FZ6YZbM
2Lbfgi6w686Zk4HBioOWge5ThnWJAxpZIcn+kI4d712xEPu2pTVzIdd6E47FnlSu
vgJ/xrA/VEwOgh50QHJWukIohoSK9ioUPYP+Lij+LVZyBNn8bUYD5SCTih6IvVal
ypPPiaKM1NlsWOZ5rWjpXaRfhEXN
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:30:42 2025 by rpki-client