Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C87FD58382911F0A5F316F3DAE4EC9C.roa
File: 9C87FD58382911F0A5F316F3DAE4EC9C.roa (raw, json)
Hash identifier: e5bj3jJUd2J9RfzA4LNgR4Z3eC6srxftS/YAIuA0bPs=
Subject key identifier: AE:EA:67:E2:3C:BA:D2:99:FB:08:7E:4F:C1:7C:E7:D2:96:40:A0:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01573D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C87FD58382911F0A5F316F3DAE4EC9C.roa
Signing time: Fri 23 May 2025 22:59:42 +0000
ROA not before: Fri 23 May 2025 22:59:37 +0000
ROA not after: Wed 17 Jun 2026 22:59:37 +0000
asID: 21859
IP address blocks: 156.241.129.0/24 maxlen: 24
156.241.133.0/24 maxlen: 24
156.241.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 21 Jun 2025 08:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87869 (0x1573d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 23 22:59:37 2025 GMT
Not After : Jun 17 22:59:37 2026 GMT
Subject: CN=6830fdde-4032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b1:12:d8:34:84:b9:42:2f:74:21:8d:55:7f:
96:29:51:02:4e:22:0f:9b:9a:64:e1:6e:68:bf:c3:
6c:88:19:af:cc:33:4c:b7:31:d9:dd:47:d9:d2:a2:
e9:79:c5:15:40:ba:7f:81:9b:05:45:5b:d2:03:34:
6d:1f:42:e1:5e:73:0f:21:ef:54:a5:76:1e:2e:c2:
9e:0f:a1:8a:bf:fb:04:d8:31:47:a1:c7:e8:25:ba:
f7:84:46:db:0f:61:af:03:ee:ed:44:e7:ae:84:4b:
5e:f2:e7:59:65:65:02:8f:e4:b8:e9:19:08:b2:0a:
1e:0e:e2:af:8f:29:83:7b:76:9c:ab:d0:f6:ca:64:
93:70:15:70:be:a2:a8:b9:d9:44:d4:72:18:44:c8:
0d:55:0a:ec:88:42:08:15:c2:a7:f5:5c:10:e1:cc:
cf:41:43:54:33:94:30:7a:b0:ad:bb:07:26:5f:8c:
a0:b6:71:3b:b1:4e:db:2f:c1:f5:0d:2d:28:90:90:
79:0f:5b:ca:b6:25:ff:b4:89:2b:1b:d3:12:44:00:
7f:5a:f0:ae:cb:9a:03:c3:99:e5:ce:97:25:bb:3f:
a4:d7:35:61:72:f7:70:5a:b7:2d:2e:47:25:92:5f:
44:25:70:73:4e:55:79:37:60:0d:1c:9c:8e:32:e8:
22:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EA:67:E2:3C:BA:D2:99:FB:08:7E:4F:C1:7C:E7:D2:96:40:A0:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C87FD58382911F0A5F316F3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.129.0/24
156.241.133.0/24
156.241.135.0/24
Signature Algorithm: sha256WithRSAEncryption
15:29:31:9a:c9:8c:60:b5:f1:c2:4f:07:66:ca:31:97:6b:4b:
5e:32:7d:ff:51:31:e9:24:1f:96:7f:bd:c0:65:bb:de:c2:e6:
6e:e6:54:a7:da:02:ba:8b:44:30:a6:cb:15:4f:9e:1b:87:44:
39:c8:9e:97:c0:fa:5c:54:fd:05:8a:51:cc:0a:73:94:3e:0d:
ed:3e:f5:c0:d5:1d:cf:e6:1d:3b:79:12:e5:1b:6e:4f:36:5a:
43:48:2e:30:e7:fa:6f:b5:5c:8a:ab:0c:52:71:4f:3f:08:74:
94:95:59:7d:57:5b:bd:5a:88:da:a9:67:2c:1d:90:d8:65:f0:
23:4a:24:28:97:27:f1:41:af:34:4c:26:af:1e:b6:41:73:2d:
a1:4b:9f:90:9a:b1:42:ce:74:92:06:05:5a:de:03:b1:f0:96:
aa:87:37:96:8f:18:4a:b3:5f:bb:b1:af:11:ad:7e:d2:5a:50:
c6:f3:f6:ed:6d:26:df:81:a8:9b:79:1f:cd:94:22:27:58:4a:
de:43:7d:2e:f8:4c:53:fa:50:89:c6:cf:27:bc:f5:72:4f:35:
e9:f2:29:5d:71:40:6b:90:5d:8f:9d:22:30:7f:49:94:ae:38:
e7:ff:95:bb:5c:3b:87:f0:f9:bc:c1:19:9d:21:4e:f9:31:77:
91:7a:01:1f
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVc9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTIzMjI1OTM3WhcNMjYwNjE3MjI1OTM3WjAYMRYw
FAYDVQQDEw02ODMwZmRkZS00MDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtrES2DSEuUIvdCGNVX+WKVECTiIPm5pk4W5ov8NsiBmvzDNMtzHZ3UfZ
0qLpecUVQLp/gZsFRVvSAzRtH0LhXnMPIe9UpXYeLsKeD6GKv/sE2DFHocfoJbr3
hEbbD2GvA+7tROeuhEte8udZZWUCj+S46RkIsgoeDuKvjymDe3acq9D2ymSTcBVw
vqKoudlE1HIYRMgNVQrsiEIIFcKn9VwQ4czPQUNUM5QwerCtuwcmX4ygtnE7sU7b
L8H1DS0okJB5D1vKtiX/tIkrG9MSRAB/WvCuy5oDw5nlzpcluz+k1zVhcvdwWrct
Lkclkl9EJXBzTlV5N2ANHJyOMugiLwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFK7q
Z+I8utKZ+wh+T8F859KWQKDiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85Qzg3RkQ1ODM4MjkxMUYwQTVGMzE2RjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnPGBAwQAnPGFAwQAnPGHMA0G
CSqGSIb3DQEBCwUAA4IBAQAVKTGayYxgtfHCTwdmyjGXa0teMn3/UTHpJB+Wf73A
ZbvewuZu5lSn2gK6i0QwpssVT54bh0Q5yJ6XwPpcVP0FilHMCnOUPg3tPvXA1R3P
5h07eRLlG25PNlpDSC4w5/pvtVyKqwxScU8/CHSUlVl9V1u9WojaqWcsHZDYZfAj
SiQolyfxQa80TCavHrZBcy2hS5+QmrFCznSSBgVa3gOx8JaqhzeWjxhKs1+7sa8R
rX7SWlDG8/btbSbfgaibeR/NlCInWEreQ30u+ExT+lCJxs8nvPVyTzXp8ildcUBr
kF2PnSIwf0mUrjjn/5W7XDuH8Pm8wRmdIU75MXeRegEf
-----END CERTIFICATE-----
Generated at Thu Jun 19 15:22:46 2025 by rpki-client