Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1C90256490C11F0BB5263E6DAE4EC9C.roa
File: E1C90256490C11F0BB5263E6DAE4EC9C.roa (raw, json)
Hash identifier: 0Thq8OI48LDw23DB6PyaKpQBQwn3QYreQCErBbSQmAw=
Subject key identifier: 35:01:31:DF:5D:05:83:B4:4F:F2:EC:FA:2B:9D:7A:B0:E5:6F:4F:33
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1C90256490C11F0BB5263E6DAE4EC9C.roa
Signing time: Sat 14 Jun 2025 10:46:53 +0000
ROA not before: Sat 14 Jun 2025 10:46:48 +0000
ROA not after: Sun 22 Jun 2025 10:46:48 +0000
asID: 134687
IP address blocks: 156.230.2.0/24 maxlen: 24
156.230.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 20 Jun 2025 06:15:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89111 (0x15c17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 14 10:46:48 2025 GMT
Not After : Jun 22 10:46:48 2025 GMT
Subject: CN=684d531d-47a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2c:af:e5:f9:f1:cd:ba:e4:d2:dd:cb:cb:36:
73:0a:ff:90:fa:cf:6e:a7:13:3f:32:c7:74:e2:51:
3e:7c:ed:e1:b3:20:01:b2:1e:ad:a4:70:b0:33:2d:
31:58:4b:02:b1:e2:18:2b:9f:f5:83:1c:bf:be:d0:
63:88:70:06:0d:c7:b9:b7:d6:d6:78:3b:09:b9:ce:
d9:f7:62:f6:36:35:9b:f7:8a:24:b0:7c:39:86:57:
3e:ea:df:c0:97:dd:5a:ea:b4:65:ce:7e:6a:9a:3d:
5c:44:62:4d:d3:f9:1f:14:77:f6:7a:7e:e8:d5:f1:
4a:5b:c9:57:4c:c2:0d:31:fd:09:5d:1f:10:8a:ba:
fe:8a:42:6a:48:f5:95:9e:e9:b8:0d:bb:ca:09:24:
67:94:a7:bb:47:77:bb:8d:57:08:d7:d0:02:e9:5a:
6d:ca:1a:41:0d:da:3a:a2:87:1a:53:ae:b7:1e:97:
13:4d:88:57:22:b7:9d:c0:24:e7:d0:d4:68:43:3b:
48:81:68:35:1b:e4:d2:fe:b4:19:29:39:a6:38:cc:
68:0f:0f:5d:05:6b:1a:2d:d7:0c:51:f6:ca:ac:b0:
25:15:54:61:e9:37:8f:b7:0d:fc:07:5d:5a:42:db:
74:93:f9:03:4d:8a:a2:4d:0e:30:91:8d:f0:09:d7:
88:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:01:31:DF:5D:05:83:B4:4F:F2:EC:FA:2B:9D:7A:B0:E5:6F:4F:33
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1C90256490C11F0BB5263E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.2.0/24
156.230.10.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ef:a9:3c:34:0a:37:60:0f:93:35:1b:06:4b:51:47:f2:a9:
5f:bf:3e:98:84:f7:90:d8:e4:8e:b8:0c:30:83:a1:09:53:cb:
75:19:b8:76:1b:7c:3f:ef:33:a3:8d:9d:43:12:43:a6:f8:60:
9c:3e:a6:aa:cb:73:f2:7d:a2:31:07:06:47:90:25:89:d1:ea:
d6:2f:8c:5c:f3:b0:74:23:04:6f:87:75:74:44:f3:bf:6b:4c:
da:d7:0b:df:8c:9b:99:98:de:d3:41:d8:01:20:cb:a5:e1:5a:
da:d8:1d:de:88:10:61:c8:c6:7d:3a:66:7c:40:62:3a:7b:3c:
ad:cc:09:8a:28:43:d2:40:09:77:2b:c8:9c:cd:32:8c:aa:62:
99:13:db:63:73:4f:2a:00:2b:45:e6:77:60:85:f8:f7:6e:72:
25:6a:bc:d9:b9:b6:51:a6:f5:20:d7:82:31:af:cb:d3:c4:56:
45:b5:5b:43:57:57:d1:71:04:07:fa:f9:86:24:7d:69:31:0b:
90:ea:90:3b:04:89:e6:ef:bb:5e:bb:66:99:b2:23:1f:d5:91:
c9:ee:66:0c:a3:62:ae:5b:3d:89:8e:da:44:08:76:c1:75:56:
f9:25:2e:81:bf:ad:92:40:4d:87:aa:6e:c1:44:cc:d4:4c:fc:
2b:7a:cb:f0
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVwXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE0MTA0NjQ4WhcNMjUwNjIyMTA0NjQ4WjAYMRYw
FAYDVQQDEw02ODRkNTMxZC00N2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApyyv5fnxzbrk0t3LyzZzCv+Q+s9upxM/Msd04lE+fO3hsyABsh6tpHCw
My0xWEsCseIYK5/1gxy/vtBjiHAGDce5t9bWeDsJuc7Z92L2NjWb94oksHw5hlc+
6t/Al91a6rRlzn5qmj1cRGJN0/kfFHf2en7o1fFKW8lXTMINMf0JXR8Qirr+ikJq
SPWVnum4DbvKCSRnlKe7R3e7jVcI19AC6VptyhpBDdo6oocaU663HpcTTYhXIred
wCTn0NRoQztIgWg1G+TS/rQZKTmmOMxoDw9dBWsaLdcMUfbKrLAlFVRh6TePtw38
B11aQtt0k/kDTYqiTQ4wkY3wCdeINQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDUB
Md9dBYO0T/Ls+iuderDlb08zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMUM5MDI1NjQ5MEMxMUYwQkI1MjYzRTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOYCAwQAnOYKMA0GCSqGSIb3
DQEBCwUAA4IBAQCN76k8NAo3YA+TNRsGS1FH8qlfvz6YhPeQ2OSOuAwwg6EJU8t1
Gbh2G3w/7zOjjZ1DEkOm+GCcPqaqy3PyfaIxBwZHkCWJ0erWL4xc87B0IwRvh3V0
RPO/a0za1wvfjJuZmN7TQdgBIMul4Vra2B3eiBBhyMZ9OmZ8QGI6ezytzAmKKEPS
QAl3K8iczTKMqmKZE9tjc08qACtF5ndghfj3bnIlarzZubZRpvUg14Ixr8vTxFZF
tVtDV1fRcQQH+vmGJH1pMQuQ6pA7BInm77teu2aZsiMf1ZHJ7mYMo2KuWz2JjtpE
CHbBdVb5JS6Bv62SQE2Hqm7BRMzUTPwresvw
-----END CERTIFICATE-----
Generated at Wed Jun 18 14:55:25 2025 by rpki-client