Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/291BFF2E503C11F0B1EDEAA9DAE4EC9C.roa
File: 291BFF2E503C11F0B1EDEAA9DAE4EC9C.roa (raw, json)
Hash identifier: VSWS+2qrAxf96EnSuUqCu84V+jwjx9SXBW0gE5is8SI=
Subject key identifier: C1:33:3F:63:2C:6A:BC:57:DA:0E:A1:97:BB:D9:09:EE:6F:4D:28:24
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015DFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/291BFF2E503C11F0B1EDEAA9DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 14:12:57 +0000
ROA not before: Mon 23 Jun 2025 14:12:52 +0000
ROA not after: Wed 30 Jul 2025 14:12:52 +0000
asID: 152092
IP address blocks: 156.245.128.0/21 maxlen: 24
156.245.198.0/23 maxlen: 24
156.245.200.0/22 maxlen: 24
156.245.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89595 (0x15dfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 23 14:12:52 2025 GMT
Not After : Jul 30 14:12:52 2025 GMT
Subject: CN=685960e8-5c34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:d5:da:4a:26:ad:03:5a:bc:06:3a:ee:11:
dc:cd:29:ad:d1:82:82:59:8e:db:d7:01:71:6e:4b:
f6:09:80:84:4d:48:76:46:4f:56:5e:77:44:37:b7:
18:6d:f9:5f:c6:4a:28:3b:71:f2:8f:b7:76:87:b4:
f9:69:f1:81:8b:df:32:a1:6a:a9:20:5f:f7:6b:0c:
94:21:9c:24:16:8a:ed:a3:fd:cc:21:f6:de:51:91:
d4:5a:b7:da:63:b4:98:0c:f4:1f:8b:2e:b6:f8:28:
39:39:fa:b2:d2:9f:76:e0:30:5a:0b:95:14:1d:4f:
1f:74:54:8b:5e:4d:31:e8:36:10:0e:2c:ec:3c:8e:
c3:06:28:a2:85:7b:b9:89:20:50:14:41:71:e2:67:
59:ff:72:fe:58:2d:b0:0f:76:90:9a:f6:e0:6e:fe:
de:a9:52:32:f7:c1:35:0e:a7:89:33:c7:ab:7c:4f:
28:d8:09:b6:04:ef:13:16:2e:49:5c:82:c2:79:95:
70:91:ad:e8:e1:f4:48:78:20:b3:ba:75:68:8c:47:
7d:de:7b:ae:68:de:06:e2:a0:3d:25:cd:cf:2d:b9:
32:fe:50:fa:63:3a:d7:c5:9b:01:8c:fb:5f:13:b5:
8c:ce:a0:01:de:74:f7:21:e5:8a:6a:c6:83:06:a9:
8f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:33:3F:63:2C:6A:BC:57:DA:0E:A1:97:BB:D9:09:EE:6F:4D:28:24
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/291BFF2E503C11F0B1EDEAA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.128.0/21
156.245.198.0-156.245.203.255
156.245.209.0/24
Signature Algorithm: sha256WithRSAEncryption
45:d9:6b:6d:cb:af:a4:c7:5a:5a:a0:cd:c3:70:9b:33:8a:2c:
da:53:df:ab:98:6e:9d:35:d7:2a:3c:9a:87:63:0e:e1:42:27:
17:f8:10:46:b1:6a:f3:bc:31:2c:3f:75:23:27:86:b3:3f:01:
d6:a2:8c:b3:0d:be:ff:19:42:a1:9d:a3:12:b5:95:19:15:99:
ed:02:95:84:fc:5d:5e:3d:16:56:53:8e:e4:82:6e:f5:29:d7:
ae:5d:5e:9d:37:30:42:ea:14:5b:bf:bb:a5:76:72:20:0d:fb:
dd:20:ae:bb:c0:e5:00:fc:16:34:9a:bc:74:57:5e:97:90:33:
ac:b9:6c:60:ea:16:63:46:7c:c7:6b:ee:11:4c:c7:0e:48:aa:
6a:18:73:76:d0:b6:e5:92:d4:24:bf:5b:6d:60:fd:08:c3:47:
52:b8:3b:7b:d2:26:fb:49:ea:8b:2b:f7:95:88:3a:10:49:3c:
3d:74:a5:63:70:cd:35:6e:80:f3:59:11:a1:d3:a4:0a:1f:07:
8a:be:c3:ae:ef:e0:e3:bb:ee:e6:dc:07:94:8a:71:11:a4:e5:
aa:a9:4d:db:12:f8:59:48:f0:fa:8c:04:85:43:69:97:b2:64:
e0:39:d1:9f:b5:5d:5e:2a:d4:46:ed:95:e8:21:bc:d0:23:a2:
7c:ea:53:22
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAV37MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjIzMTQxMjUyWhcNMjUwNzMwMTQxMjUyWjAYMRYw
FAYDVQQDEw02ODU5NjBlOC01YzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwRfV2komrQNavAY67hHczSmt0YKCWY7b1wFxbkv2CYCETUh2Rk9WXndE
N7cYbflfxkooO3Hyj7d2h7T5afGBi98yoWqpIF/3awyUIZwkForto/3MIfbeUZHU
WrfaY7SYDPQfiy62+Cg5Ofqy0p924DBaC5UUHU8fdFSLXk0x6DYQDizsPI7DBiii
hXu5iSBQFEFx4mdZ/3L+WC2wD3aQmvbgbv7eqVIy98E1DqeJM8erfE8o2Am2BO8T
Fi5JXILCeZVwka3o4fRIeCCzunVojEd93nuuaN4G4qA9Jc3PLbky/lD6YzrXxZsB
jPtfE7WMzqAB3nT3IeWKasaDBqmPDwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFMEz
P2MsarxX2g6hl7vZCe5vTSgkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOTFCRkYyRTUwM0MxMUYwQjFFREVBQTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDnPWAMAwDBAGc9cYDBAKc9cgD
BACc9dEwDQYJKoZIhvcNAQELBQADggEBAEXZa23Lr6THWlqgzcNwmzOKLNpT36uY
bp011yo8modjDuFCJxf4EEaxavO8MSw/dSMnhrM/AdaijLMNvv8ZQqGdoxK1lRkV
me0ClYT8XV49FlZTjuSCbvUp165dXp03MELqFFu/u6V2ciAN+90grrvA5QD8FjSa
vHRXXpeQM6y5bGDqFmNGfMdr7hFMxw5IqmoYc3bQtuWS1CS/W21g/QjDR1K4O3vS
JvtJ6osr95WIOhBJPD10pWNwzTVugPNZEaHTpAofB4q+w67v4OO77ubcB5SKcRGk
5aqpTdsS+FlI8PqMBIVDaZeyZOA50Z+1XV4q1EbtleghvNAjonzqUyI=
-----END CERTIFICATE-----
Generated at Fri Jul 4 13:37:25 2025 by rpki-client