Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7537CB6C484011F0922B3DB4DAE4EC9C.roa
File: 7537CB6C484011F0922B3DB4DAE4EC9C.roa (raw, json)
Hash identifier: fZogrsW+sXctL0UhJoV0H+zhbkmt5hH1tNj3IxkroHU=
Subject key identifier: 83:FD:EE:F4:04:F8:84:D0:70:3D:AA:57:B0:79:BF:FF:F1:AB:27:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015BB2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7537CB6C484011F0922B3DB4DAE4EC9C.roa
Signing time: Fri 13 Jun 2025 10:23:33 +0000
ROA not before: Fri 13 Jun 2025 10:23:27 +0000
ROA not after: Sat 19 Jul 2025 10:23:27 +0000
asID: 53835
IP address blocks: 156.231.104.0/24 maxlen: 24
156.245.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89010 (0x15bb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 13 10:23:27 2025 GMT
Not After : Jul 19 10:23:27 2025 GMT
Subject: CN=684bfc25-4c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:63:57:ce:fd:16:46:29:89:8f:a2:ea:8f:0b:
88:2d:86:5f:60:cb:60:71:a0:11:84:dd:39:20:ec:
0d:9d:c1:01:89:3e:54:ae:af:4c:90:6d:07:61:d0:
39:2b:7d:1f:c2:78:7b:e6:2e:0c:86:48:49:4e:cc:
20:ab:66:81:83:b5:d2:80:09:4e:28:e6:e9:be:7d:
ac:c6:36:a2:f7:d4:17:63:cb:2c:3a:a7:78:a2:87:
bb:cf:60:ba:f1:51:c1:52:53:0f:da:df:69:46:0e:
21:c2:4b:c2:d3:da:be:20:cc:79:27:15:b0:5c:f9:
2c:89:38:df:bc:09:88:e5:36:de:f6:01:56:08:f7:
c1:33:28:ec:53:15:5a:f6:f0:18:81:61:0a:85:64:
16:c1:3d:be:fa:40:e2:81:67:20:9c:8b:95:9f:c3:
31:1d:b7:fa:7e:6b:71:42:ce:d9:95:63:36:83:89:
f6:e9:a6:6f:6b:43:d8:1b:54:c1:e2:d8:48:24:67:
ce:d3:c6:69:06:cb:25:cf:5d:8e:12:99:5d:5d:f0:
0d:70:af:fa:78:bb:1c:91:5f:5f:5f:c3:41:b0:ee:
07:da:38:dc:47:71:d8:f1:dc:07:3e:68:42:a5:2e:
3a:13:1d:6f:35:e1:6a:6b:03:a0:49:df:fd:2a:20:
21:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FD:EE:F4:04:F8:84:D0:70:3D:AA:57:B0:79:BF:FF:F1:AB:27:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7537CB6C484011F0922B3DB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.104.0/24
156.245.190.0/24
Signature Algorithm: sha256WithRSAEncryption
22:8b:d0:16:1a:ff:cc:89:dc:fe:f4:ed:29:01:b8:e8:17:2c:
bc:35:3d:d0:e9:88:1c:af:47:fa:f2:9c:14:8c:f0:29:f4:66:
1b:bc:0a:a8:11:7b:6f:cb:c1:19:80:77:0b:84:eb:64:8e:d3:
66:be:8e:dc:8a:fa:41:03:b5:36:19:7a:58:0e:6a:65:db:1c:
2a:d7:67:56:d5:aa:80:ca:e0:57:c8:bb:b5:28:f0:96:15:68:
9c:ca:22:86:5f:07:82:f5:0f:01:c3:0f:44:35:23:fb:f9:63:
d9:d3:1e:d1:09:df:0e:58:d3:e2:0d:6e:a5:96:db:7d:c2:a3:
7a:02:96:8f:9c:e6:4e:d1:19:72:3b:e0:eb:3e:17:7a:ad:7f:
ce:a6:15:ac:2c:f5:94:fb:29:14:c8:a5:78:e0:19:da:0c:b0:
6b:20:d5:a1:2c:6d:96:c2:97:8b:2a:38:21:15:81:41:c1:5d:
43:00:9e:41:6b:e2:7b:2a:e5:99:e7:0a:8e:30:57:1e:d1:a7:
28:48:45:8b:92:f5:39:e2:b1:c3:e0:56:d1:e4:1e:57:0d:c9:
9e:d2:31:73:9f:0b:86:4e:52:71:57:da:73:74:20:c1:f1:9e:
49:16:8d:25:22:ce:21:50:49:3b:41:29:e1:b5:b5:b5:4a:0d:
b7:dd:b6:04
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVuyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEzMTAyMzI3WhcNMjUwNzE5MTAyMzI3WjAYMRYw
FAYDVQQDEw02ODRiZmMyNS00YzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAumNXzv0WRimJj6LqjwuILYZfYMtgcaARhN05IOwNncEBiT5Urq9MkG0H
YdA5K30fwnh75i4MhkhJTswgq2aBg7XSgAlOKObpvn2sxjai99QXY8ssOqd4ooe7
z2C68VHBUlMP2t9pRg4hwkvC09q+IMx5JxWwXPksiTjfvAmI5Tbe9gFWCPfBMyjs
UxVa9vAYgWEKhWQWwT2++kDigWcgnIuVn8MxHbf6fmtxQs7ZlWM2g4n26aZva0PY
G1TB4thIJGfO08ZpBsslz12OEpldXfANcK/6eLsckV9fX8NBsO4H2jjcR3HY8dwH
PmhCpS46Ex1vNeFqawOgSd/9KiAh8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIP9
7vQE+ITQcD2qV7B5v//xqycNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NTM3Q0I2QzQ4NDAxMUYwOTIyQjNEQjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOdoAwQAnPW+MA0GCSqGSIb3
DQEBCwUAA4IBAQAii9AWGv/Midz+9O0pAbjoFyy8NT3Q6Ygcr0f68pwUjPAp9GYb
vAqoEXtvy8EZgHcLhOtkjtNmvo7civpBA7U2GXpYDmpl2xwq12dW1aqAyuBXyLu1
KPCWFWicyiKGXweC9Q8Bww9ENSP7+WPZ0x7RCd8OWNPiDW6lltt9wqN6ApaPnOZO
0RlyO+DrPhd6rX/OphWsLPWU+ykUyKV44BnaDLBrINWhLG2WwpeLKjghFYFBwV1D
AJ5Ba+J7KuWZ5wqOMFce0acoSEWLkvU54rHD4FbR5B5XDcme0jFznwuGTlJxV9pz
dCDB8Z5JFo0lIs4hUEk7QSnhtbW1Sg233bYE
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:54:09 2025 by rpki-client