Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A0F81064C5111F09448BAB4DAE4EC9C.roa
File: 7A0F81064C5111F09448BAB4DAE4EC9C.roa (raw, json)
Hash identifier: bGzrl5DADj/zABcQPgjgb/MOS6H41nU22EXUXL5nspU=
Subject key identifier: AD:61:41:4B:50:68:C6:F9:01:48:21:D4:5A:84:FE:95:5C:06:88:53
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015CEE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A0F81064C5111F09448BAB4DAE4EC9C.roa
Signing time: Wed 18 Jun 2025 14:35:28 +0000
ROA not before: Wed 18 Jun 2025 14:35:22 +0000
ROA not after: Thu 24 Jul 2025 14:35:22 +0000
asID: 214413
IP address blocks: 156.229.56.0/22 maxlen: 24
156.233.216.0/22 maxlen: 24
156.239.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89326 (0x15cee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 18 14:35:22 2025 GMT
Not After : Jul 24 14:35:22 2025 GMT
Subject: CN=6852ceaf-8750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:11:7e:7b:03:fc:c1:bc:09:4b:6c:94:3c:91:
f9:c0:f2:f9:38:75:e1:86:f2:13:65:cc:33:5b:a0:
44:0c:e5:9e:5b:2d:e3:ad:3a:2a:0a:90:a8:03:e8:
2d:a9:ea:2d:50:03:08:84:d7:fd:b7:f0:90:29:56:
9f:71:f4:6e:9a:98:ad:61:a1:7a:8b:8f:af:85:c4:
f9:be:fc:c6:2f:71:e1:b1:89:a6:35:73:39:59:a7:
f4:3f:14:69:6f:12:f7:69:83:af:ed:a9:a0:b4:5a:
9b:70:ed:89:66:5f:91:0c:1e:dd:e1:9e:c4:a0:e1:
e7:2f:61:b8:f8:15:69:2f:76:d2:9b:66:b4:6b:82:
88:64:1a:cc:36:4f:dc:ce:40:19:11:b3:f3:ff:2a:
f5:9a:9a:4f:c3:95:ae:1f:03:c3:06:14:f2:df:0b:
54:66:80:ee:c5:26:25:f4:21:38:89:3b:50:a0:da:
9e:22:08:10:54:0a:96:90:9a:b4:d7:03:42:45:fc:
64:60:09:08:d3:fc:1d:6e:d3:67:12:cc:4b:58:92:
b1:82:5a:46:0c:31:64:6d:e4:7e:77:0b:97:1b:ad:
53:a0:f2:b4:39:c0:05:e8:d5:ca:7b:25:e2:66:b9:
7a:e9:51:92:7a:0f:1f:b9:22:27:86:dc:7d:4f:6b:
29:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:61:41:4B:50:68:C6:F9:01:48:21:D4:5A:84:FE:95:5C:06:88:53
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7A0F81064C5111F09448BAB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.56.0/22
156.233.216.0/22
156.239.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:f8:ef:a5:54:89:3e:61:b0:f7:77:22:21:3e:0f:85:b9:4e:
98:66:02:36:08:e0:1a:ab:15:28:b3:a9:94:85:dd:34:8e:4b:
c6:9a:67:a7:d9:5b:2c:de:b5:1e:46:81:8e:19:b6:fb:17:c9:
69:35:72:b7:12:cd:6b:29:2b:c9:37:a4:1c:ce:5b:7d:9f:30:
3a:2f:82:18:96:04:de:67:89:f5:ac:43:11:58:76:48:9c:98:
0c:f1:7e:29:d4:64:34:3c:c9:b2:06:48:87:7a:ed:98:70:00:
04:89:a3:42:4f:31:db:64:96:59:a9:61:75:a6:a0:be:0c:33:
af:34:92:4d:72:f9:ee:b4:17:f0:2c:b2:d6:d2:37:14:96:e6:
eb:17:d3:81:0d:66:10:50:a0:0e:e3:14:0d:c8:9f:42:9c:c3:
9d:a2:bc:48:a9:f7:95:fa:0f:5c:29:63:21:a4:2b:67:4d:24:
ea:c7:cd:f4:51:f3:bf:59:ae:01:56:00:4d:df:02:f3:25:9e:
9f:b6:ed:3b:6f:a8:42:c0:30:79:94:c3:ff:2c:5c:63:26:72:
c4:5b:b8:e5:0f:de:c7:cf:81:c4:ba:be:3a:5f:2c:04:32:01:
43:c2:f1:ae:cf:01:37:10:59:59:c5:54:0d:7f:66:fe:89:01:
59:67:55:c8
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVzuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE4MTQzNTIyWhcNMjUwNzI0MTQzNTIyWjAYMRYw
FAYDVQQDEw02ODUyY2VhZi04NzUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3xF+ewP8wbwJS2yUPJH5wPL5OHXhhvITZcwzW6BEDOWeWy3jrToqCpCo
A+gtqeotUAMIhNf9t/CQKVafcfRumpitYaF6i4+vhcT5vvzGL3HhsYmmNXM5Waf0
PxRpbxL3aYOv7amgtFqbcO2JZl+RDB7d4Z7EoOHnL2G4+BVpL3bSm2a0a4KIZBrM
Nk/czkAZEbPz/yr1mppPw5WuHwPDBhTy3wtUZoDuxSYl9CE4iTtQoNqeIggQVAqW
kJq01wNCRfxkYAkI0/wdbtNnEsxLWJKxglpGDDFkbeR+dwuXG61ToPK0OcAF6NXK
eyXiZrl66VGSeg8fuSInhtx9T2sp/wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFK1h
QUtQaMb5AUgh1FqE/pVcBohTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QTBGODEwNjRDNTExMUYwOTQ0OEJBQjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCnOU4AwQCnOnYAwQCnO+AMA0G
CSqGSIb3DQEBCwUAA4IBAQCk+O+lVIk+YbD3dyIhPg+FuU6YZgI2COAaqxUos6mU
hd00jkvGmmen2Vss3rUeRoGOGbb7F8lpNXK3Es1rKSvJN6Qczlt9nzA6L4IYlgTe
Z4n1rEMRWHZInJgM8X4p1GQ0PMmyBkiHeu2YcAAEiaNCTzHbZJZZqWF1pqC+DDOv
NJJNcvnutBfwLLLW0jcUlubrF9OBDWYQUKAO4xQNyJ9CnMOdorxIqfeV+g9cKWMh
pCtnTSTqx830UfO/Wa4BVgBN3wLzJZ6ftu07b6hCwDB5lMP/LFxjJnLEW7jlD97H
z4HEur46XywEMgFDwvGuzwE3EFlZxVQNf2b+iQFZZ1XI
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:38:56 2025 by rpki-client