Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDE56050478F11F09D0630A3DAE4EC9C.roa
File: CDE56050478F11F09D0630A3DAE4EC9C.roa (raw, json)
Hash identifier: yXtz5GRuorkRkMrGmVAJbTCsU1aN2zLPiN1PM7XnCCw=
Subject key identifier: B0:3C:29:78:0C:DE:9D:BF:F2:03:AB:4D:0F:1C:DD:96:DD:3E:8B:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B89
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDE56050478F11F09D0630A3DAE4EC9C.roa
Signing time: Thu 12 Jun 2025 13:19:01 +0000
ROA not before: Thu 12 Jun 2025 13:18:56 +0000
ROA not after: Tue 22 Jul 2025 13:18:56 +0000
asID: 401701
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Jun 2025 06:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88969 (0x15b89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 13:18:56 2025 GMT
Not After : Jul 22 13:18:56 2025 GMT
Subject: CN=684ad3c5-f9e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:02:9e:aa:42:fe:5c:9c:59:93:4b:57:8a:f8:
bb:dc:01:1d:68:b3:e1:e9:cf:cb:bd:c5:d5:71:3c:
17:59:28:47:22:40:62:35:fa:71:fa:b9:5a:e6:01:
95:21:c6:20:61:5d:a3:a8:a4:6d:10:af:29:a9:03:
b5:79:89:0f:46:39:80:f9:f3:48:a1:c0:92:be:f9:
e9:6a:2f:53:0f:af:57:40:dc:16:ef:6b:81:f5:96:
8b:18:98:5b:f4:5b:b5:94:a6:40:bf:71:84:aa:30:
d4:ee:09:5b:f8:e4:62:b1:71:55:76:a9:3c:c1:ef:
42:41:3f:6f:6c:c2:e3:2d:4d:cc:1a:7f:fe:a2:71:
95:9c:57:4b:82:bc:e9:67:cc:76:bc:80:52:ad:d6:
05:92:73:5f:aa:81:ed:af:5f:8d:1b:e9:4e:53:34:
0b:67:8e:56:2d:7a:b6:93:7e:e6:fa:5e:57:bd:15:
9d:65:18:3f:40:9f:7e:52:35:5d:52:14:0a:80:7c:
8e:d0:5c:77:bd:c2:94:48:a3:80:32:cd:ae:41:f3:
c7:a3:41:31:cb:94:3d:c4:d7:c7:2d:a2:ee:82:d2:
eb:8b:f8:c6:8c:9c:22:1b:38:8a:b1:cd:d9:ab:01:
f9:2d:0c:57:5b:32:d5:0a:17:64:3a:9c:aa:da:c3:
4c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:3C:29:78:0C:DE:9D:BF:F2:03:AB:4D:0F:1C:DD:96:DD:3E:8B:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDE56050478F11F09D0630A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
19:5b:14:c2:a5:ef:28:f3:b4:d5:37:ee:06:bb:b3:bb:c1:bf:
8c:e3:bc:45:a1:e5:c4:99:fb:a8:e9:fd:45:3a:aa:bb:7f:83:
50:90:5a:cb:84:11:ca:9c:b8:9f:24:49:17:cf:5d:81:af:bf:
38:14:ab:19:38:34:75:79:7f:5f:14:66:e7:f6:a0:dc:fc:c0:
3d:05:b9:3a:92:96:99:dc:24:79:ac:49:3f:7b:a3:61:ad:8e:
9a:bd:de:09:dd:e2:14:32:1a:4f:ec:51:94:0b:7a:a8:d9:ec:
9b:f3:c1:23:60:9f:a2:1a:53:87:ad:86:c4:66:84:e7:d0:c8:
40:67:8e:ff:9c:84:f5:1b:ca:b6:04:a9:1b:81:00:43:f4:4a:
ab:aa:d2:17:99:86:9b:93:1a:5d:73:0d:30:e5:97:cb:38:63:
a2:0e:d5:1c:fe:bf:32:0c:b6:8f:a6:64:d2:69:f3:89:75:1a:
c8:cd:b3:0f:e0:0e:8f:d1:4a:b1:78:d7:a7:59:be:d9:8f:1e:
5e:07:d0:01:aa:a9:2b:56:15:f4:39:23:3c:fe:31:9d:f4:73:
b0:8e:e1:e1:25:49:8f:67:83:41:ce:25:3a:97:5a:65:e0:9f:
17:f0:0c:f2:c6:ee:42:7f:36:e7:0a:e0:91:e0:e3:fb:e2:d8:
2a:b8:f3:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVuJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEyMTMxODU2WhcNMjUwNzIyMTMxODU2WjAYMRYw
FAYDVQQDEw02ODRhZDNjNS1mOWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2wKeqkL+XJxZk0tXivi73AEdaLPh6c/LvcXVcTwXWShHIkBiNfpx+rla
5gGVIcYgYV2jqKRtEK8pqQO1eYkPRjmA+fNIocCSvvnpai9TD69XQNwW72uB9ZaL
GJhb9Fu1lKZAv3GEqjDU7glb+ORisXFVdqk8we9CQT9vbMLjLU3MGn/+onGVnFdL
grzpZ8x2vIBSrdYFknNfqoHtr1+NG+lOUzQLZ45WLXq2k37m+l5XvRWdZRg/QJ9+
UjVdUhQKgHyO0Fx3vcKUSKOAMs2uQfPHo0Exy5Q9xNfHLaLugtLri/jGjJwiGziK
sc3ZqwH5LQxXWzLVChdkOpyq2sNMXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLA8
KXgM3p2/8gOrTQ8c3ZbdPotHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DREU1NjA1MDQ3OEYxMUYwOUQwNjMwQTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQAZWxTCpe8o87TVN+4Gu7O7wb+M47xFoeXEmfuo6f1FOqq7f4NQkFrLhBHK
nLifJEkXz12Br784FKsZODR1eX9fFGbn9qDc/MA9Bbk6kpaZ3CR5rEk/e6NhrY6a
vd4J3eIUMhpP7FGUC3qo2eyb88EjYJ+iGlOHrYbEZoTn0MhAZ47/nIT1G8q2BKkb
gQBD9EqrqtIXmYabkxpdcw0w5ZfLOGOiDtUc/r8yDLaPpmTSafOJdRrIzbMP4A6P
0UqxeNenWb7Zjx5eB9ABqqkrVhX0OSM8/jGd9HOwjuHhJUmPZ4NBziU6l1pl4J8X
8Azyxu5CfzbnCuCR4OP74tgquPNT
-----END CERTIFICATE-----
Generated at Wed Jun 18 10:08:06 2025 by rpki-client