Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8EA5746490511F080C071B8DAE4EC9C.roa
File: C8EA5746490511F080C071B8DAE4EC9C.roa (raw, json)
Hash identifier: Q1mvp65htXTrNK85UM1jRJMtFubinXqPHKQaQ72c7vY=
Subject key identifier: 5A:05:2A:01:85:9A:C6:05:62:3F:65:77:AA:0E:5D:27:46:FA:91:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015BF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8EA5746490511F080C071B8DAE4EC9C.roa
Signing time: Sat 14 Jun 2025 09:56:05 +0000
ROA not before: Sat 14 Jun 2025 09:56:00 +0000
ROA not after: Sun 20 Jul 2025 09:56:00 +0000
asID: 203020
IP address blocks: 156.251.96.0/20 maxlen: 24
156.251.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89075 (0x15bf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 14 09:56:00 2025 GMT
Not After : Jul 20 09:56:00 2025 GMT
Subject: CN=684d4735-f27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f5:0a:93:34:9e:95:e9:25:35:be:60:ba:d8:
94:61:70:bf:c7:95:5b:15:d8:00:dd:e9:25:38:7e:
a3:4b:85:e3:1a:b8:b9:65:e4:a6:9f:b5:25:68:1e:
5a:d0:57:e3:41:b3:52:85:12:f9:ad:7b:21:6c:0c:
76:b0:ba:a9:17:2d:e3:52:59:05:d3:4b:d1:b2:7a:
82:70:7c:28:d1:60:04:dd:4e:93:72:4d:9e:8c:22:
04:89:77:07:87:05:bc:f8:46:ae:31:5d:b9:3e:f6:
13:b5:59:b6:8c:74:3a:84:d6:5a:32:da:24:3e:26:
c6:be:a5:e8:51:b1:74:97:bf:8b:24:b5:53:b2:1f:
89:77:82:73:d8:5d:4b:1e:fe:cd:bd:37:b2:7c:d5:
55:8a:c5:d1:4e:7d:6b:02:c1:57:31:1c:87:fe:66:
53:d9:99:b7:2e:fb:25:cb:c1:ba:11:5d:e4:61:4b:
8f:7b:72:42:8d:bd:63:86:19:f6:6b:30:98:c1:ff:
32:ff:90:d8:ef:97:61:1a:4f:21:80:25:ec:e3:a8:
4c:4a:9e:bc:9e:9a:96:a9:35:2f:a6:c9:81:db:46:
27:c8:e7:55:3c:59:d4:40:b3:d6:96:d5:a7:b0:9b:
ee:d4:07:0d:9b:a2:19:be:fc:4b:25:26:ce:cd:a6:
3a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:05:2A:01:85:9A:C6:05:62:3F:65:77:AA:0E:5D:27:46:FA:91:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C8EA5746490511F080C071B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.251.96.0-156.251.119.255
Signature Algorithm: sha256WithRSAEncryption
01:0a:57:a0:4d:c3:ed:9a:de:6e:f5:6a:a2:99:38:3b:b5:58:
cb:ef:45:8a:bd:de:73:60:76:5d:23:0b:89:2d:39:f9:7a:80:
42:dc:1b:70:84:8a:c5:59:4b:29:16:de:98:e0:ff:bd:17:e4:
9d:79:2e:14:3d:88:f6:90:23:6f:a5:4f:ed:61:3d:09:80:58:
34:c6:1a:e2:3c:26:d1:20:9f:50:43:e1:ae:45:cd:d1:28:71:
57:96:92:93:78:9c:02:17:00:2f:57:67:22:61:bb:38:de:87:
f1:06:04:d7:bb:a3:9f:46:bc:f0:dc:5e:f4:d6:50:d8:1a:20:
af:bf:25:42:86:30:3c:ec:82:37:8a:21:c6:25:29:89:2b:1c:
b7:ad:ba:a7:22:86:ae:50:a4:c3:2b:0b:bf:bd:29:ac:6a:5e:
5f:03:26:79:b4:76:14:a6:83:82:55:37:b3:cf:17:48:c6:77:
f9:46:3d:d8:24:04:4b:b8:2f:48:75:04:1d:2f:e6:b8:bf:fe:
1e:2a:e9:a5:1a:9d:3f:70:6d:cc:70:ef:9a:e6:2a:2a:c9:64:
88:02:70:2a:62:f7:53:71:6b:17:f7:75:d8:52:6f:2a:96:f2:
e1:fa:38:6c:88:3f:43:cf:16:df:e5:1a:ba:96:a9:7d:bf:05:
85:d7:90:9e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVvzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE0MDk1NjAwWhcNMjUwNzIwMDk1NjAwWjAYMRYw
FAYDVQQDEw02ODRkNDczNS1mMjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz/UKkzSeleklNb5gutiUYXC/x5VbFdgA3eklOH6jS4XjGri5ZeSmn7Ul
aB5a0FfjQbNShRL5rXshbAx2sLqpFy3jUlkF00vRsnqCcHwo0WAE3U6Tck2ejCIE
iXcHhwW8+EauMV25PvYTtVm2jHQ6hNZaMtokPibGvqXoUbF0l7+LJLVTsh+Jd4Jz
2F1LHv7NvTeyfNVVisXRTn1rAsFXMRyH/mZT2Zm3Lvsly8G6EV3kYUuPe3JCjb1j
hhn2azCYwf8y/5DY75dhGk8hgCXs46hMSp68npqWqTUvpsmB20YnyOdVPFnUQLPW
ltWnsJvu1AcNm6IZvvxLJSbOzaY60wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFFoF
KgGFmsYFYj9ld6oOXSdG+pFpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOEVBNTc0NjQ5MDUxMUYwODBDMDcxQjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc+2ADBAOc+3AwDQYJKoZI
hvcNAQELBQADggEBAAEKV6BNw+2a3m71aqKZODu1WMvvRYq93nNgdl0jC4ktOfl6
gELcG3CEisVZSykW3pjg/70X5J15LhQ9iPaQI2+lT+1hPQmAWDTGGuI8JtEgn1BD
4a5FzdEocVeWkpN4nAIXAC9XZyJhuzjeh/EGBNe7o59GvPDcXvTWUNgaIK+/JUKG
MDzsgjeKIcYlKYkrHLetuqcihq5QpMMrC7+9KaxqXl8DJnm0dhSmg4JVN7PPF0jG
d/lGPdgkBEu4L0h1BB0v5ri//h4q6aUanT9wbcxw75rmKirJZIgCcCpi91Nxaxf3
ddhSbyqW8uH6OGyIP0PPFt/lGrqWqX2/BYXXkJ4=
-----END CERTIFICATE-----
Generated at Tue Jun 17 04:35:39 2025 by rpki-client