Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1958CEB8525E11F094CD3595DAE4EC9C.roa
File: 1958CEB8525E11F094CD3595DAE4EC9C.roa (raw, json)
Hash identifier: JzYz7siGWKNSH1YWZkTXuo5eRJ7CrmfXf9F8kdbN/kM=
Subject key identifier: 1C:4A:64:62:1D:20:09:9B:86:98:8E:EB:52:8D:11:34:24:17:DF:DA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015EDF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1958CEB8525E11F094CD3595DAE4EC9C.roa
Signing time: Thu 26 Jun 2025 07:20:56 +0000
ROA not before: Thu 26 Jun 2025 07:20:51 +0000
ROA not after: Thu 25 Sep 2025 07:20:51 +0000
asID: 142286
IP address blocks: 156.253.64.0/18 maxlen: 24
156.254.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Jul 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89823 (0x15edf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 26 07:20:51 2025 GMT
Not After : Sep 25 07:20:51 2025 GMT
Subject: CN=685cf4d8-110d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:bf:04:61:54:df:79:56:5c:1c:eb:22:94:9a:
84:20:77:1e:a9:8d:bb:92:2b:04:45:85:24:e7:aa:
19:a1:85:a0:0c:ee:0e:7b:c4:4d:2e:b3:55:40:ba:
3b:bf:97:60:8c:df:25:0e:33:3f:fc:fa:2d:91:e8:
5b:8f:54:66:c9:16:b5:06:21:98:e9:3f:c5:2d:7a:
d2:db:27:a4:fc:59:08:85:c7:71:07:9e:f1:34:06:
26:64:ed:eb:36:36:71:d1:20:69:d5:28:ae:35:4b:
40:fb:85:70:27:fa:38:97:b3:4a:6f:5e:ff:a1:a0:
80:36:6e:25:3b:7a:84:70:b4:78:36:c1:6a:54:ee:
c7:ad:f0:41:58:c3:2b:38:43:a5:35:0e:3f:f0:78:
3c:5f:49:94:58:9d:67:49:aa:35:99:56:75:b5:23:
02:58:0e:bf:1d:72:c3:b9:4b:5b:50:d6:da:aa:20:
31:0b:02:65:e0:c0:ed:8e:c5:f5:62:40:27:6e:78:
d8:e2:26:d7:dd:22:a0:3e:f2:57:be:40:da:45:c3:
cc:46:94:30:84:c4:84:9a:22:09:ee:85:ee:62:de:
a4:63:d5:63:38:77:ab:d8:9b:2e:11:a2:5d:19:11:
39:ea:5b:f5:52:1f:2a:d9:55:1e:a3:ae:dd:56:7a:
da:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4A:64:62:1D:20:09:9B:86:98:8E:EB:52:8D:11:34:24:17:DF:DA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1958CEB8525E11F094CD3595DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.64.0/18
156.254.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9d:fd:2b:0b:4a:f2:b0:3b:7a:a2:8a:78:92:73:c3:f7:d2:a9:
2c:82:49:df:03:ac:e0:f7:12:1b:30:a7:f1:c6:00:d4:bb:59:
47:b4:ad:4b:ad:95:d8:1c:78:a3:80:ac:aa:3f:f3:be:14:34:
2c:25:67:35:d5:3b:ac:13:ce:92:17:2f:ce:ad:5e:f4:43:ad:
40:52:db:36:0d:ab:7c:16:99:bd:7d:3c:c6:ad:13:ec:98:3e:
66:c3:c3:84:07:ad:fd:77:3e:10:fe:9d:f8:60:5a:12:d8:b8:
21:98:85:ed:e7:2f:14:cc:b1:5e:74:7f:0a:09:d6:59:89:46:
b6:4b:1d:dc:ac:21:15:4d:71:1a:2d:58:69:a8:ae:f2:a9:f6:
38:cc:00:4c:11:2f:a3:c3:bb:bd:16:8d:25:5d:f5:45:ac:d6:
fa:6d:86:37:61:e3:dd:bc:c5:1f:67:a7:85:9b:bc:8c:26:46:
fd:3e:41:c0:93:15:b7:bd:1a:86:b6:b9:7b:d6:c0:9a:d3:86:
8e:c7:c0:71:90:c5:54:60:28:1a:32:24:fd:c6:10:33:08:bb:
84:02:22:59:1c:e7:28:3b:d2:0a:24:78:6b:00:9e:d3:30:2c:
56:fa:eb:dd:b8:a7:bd:2e:7e:68:1a:73:c3:75:57:29:a3:44:
ff:a4:e9:32
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAV7fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjI2MDcyMDUxWhcNMjUwOTI1MDcyMDUxWjAYMRYw
FAYDVQQDEw02ODVjZjRkOC0xMTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA278EYVTfeVZcHOsilJqEIHceqY27kisERYUk56oZoYWgDO4Oe8RNLrNV
QLo7v5dgjN8lDjM//Potkehbj1RmyRa1BiGY6T/FLXrS2yek/FkIhcdxB57xNAYm
ZO3rNjZx0SBp1SiuNUtA+4VwJ/o4l7NKb17/oaCANm4lO3qEcLR4NsFqVO7HrfBB
WMMrOEOlNQ4/8Hg8X0mUWJ1nSao1mVZ1tSMCWA6/HXLDuUtbUNbaqiAxCwJl4MDt
jsX1YkAnbnjY4ibX3SKgPvJXvkDaRcPMRpQwhMSEmiIJ7oXuYt6kY9VjOHer2Jsu
EaJdGRE56lv1Uh8q2VUeo67dVnraQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBxK
ZGIdIAmbhpiO61KNETQkF9/aMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOTU4Q0VCODUyNUUxMUYwOTRDRDM1OTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGnP1AAwQHnP6AMA0GCSqGSIb3
DQEBCwUAA4IBAQCd/SsLSvKwO3qiiniSc8P30qksgknfA6zg9xIbMKfxxgDUu1lH
tK1LrZXYHHijgKyqP/O+FDQsJWc11TusE86SFy/OrV70Q61AUts2Dat8Fpm9fTzG
rRPsmD5mw8OEB639dz4Q/p34YFoS2LghmIXt5y8UzLFedH8KCdZZiUa2Sx3crCEV
TXEaLVhpqK7yqfY4zABMES+jw7u9Fo0lXfVFrNb6bYY3YePdvMUfZ6eFm7yMJkb9
PkHAkxW3vRqGtrl71sCa04aOx8BxkMVUYCgaMiT9xhAzCLuEAiJZHOcoO9IKJHhr
AJ7TMCxW+uvduKe9Ln5oGnPDdVcpo0T/pOky
-----END CERTIFICATE-----
Generated at Sat Jul 5 21:05:05 2025 by rpki-client