Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80E3B8E6565411F09E6EC2D4DAE4EC9C.roa
File: 80E3B8E6565411F09E6EC2D4DAE4EC9C.roa (raw, json)
Hash identifier: Tlu2JkBLioJDFlVPwCCH/NFKtKaHHL8Hl0FkH7g/LDA=
Subject key identifier: 70:ED:3C:4F:FE:72:2A:BF:C5:A8:D0:40:B6:A0:52:96:A0:49:1A:67
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015FA9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80E3B8E6565411F09E6EC2D4DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 08:22:21 +0000
ROA not before: Tue 01 Jul 2025 08:22:10 +0000
ROA not after: Mon 07 Jul 2025 08:22:10 +0000
asID: 269984
IP address blocks: 156.255.128.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Jul 2025 08:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90025 (0x15fa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 1 08:22:10 2025 GMT
Not After : Jul 7 08:22:10 2025 GMT
Subject: CN=68639abd-08f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:a3:ee:18:b9:d3:e9:6f:70:13:4a:f8:94:
74:de:e4:95:50:7e:74:97:89:cc:f8:06:4d:15:bb:
20:e4:f9:93:17:dd:56:a7:17:d1:49:ba:bd:13:82:
7a:9f:54:68:ef:e4:83:f5:c3:da:cf:c4:d0:5d:5f:
dc:82:a6:fc:bb:7b:7d:7e:73:e3:84:c0:cf:c1:bb:
f6:75:26:a0:07:bb:54:10:06:1b:25:08:b1:6c:a7:
25:3d:06:d7:59:88:b1:1d:80:21:54:3f:6d:c5:ae:
d7:38:11:6a:0b:ea:a8:ea:f1:29:52:d8:7c:21:d4:
ca:a1:84:94:04:05:ac:af:bf:16:92:03:79:13:85:
d0:57:d9:d8:f5:b7:ad:30:95:16:a9:e6:90:04:19:
25:d3:13:e9:83:61:47:fa:02:e4:77:ce:57:11:27:
6a:c7:60:81:f9:42:aa:69:44:52:c0:b8:10:47:16:
af:f0:5c:6e:d5:12:cd:ec:d6:89:22:b2:e7:05:e9:
02:32:bb:b4:f7:ff:10:95:31:ea:c0:51:d0:21:58:
a7:66:bb:19:d1:f9:2d:e4:1d:34:fa:7c:8c:87:11:
d2:f6:85:0b:67:f5:ab:d1:75:51:ac:1e:db:71:8b:
f1:6f:18:03:81:c1:48:a0:c7:45:42:c6:18:a7:b7:
e2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:ED:3C:4F:FE:72:2A:BF:C5:A8:D0:40:B6:A0:52:96:A0:49:1A:67
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80E3B8E6565411F09E6EC2D4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.128.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:52:d6:3c:fa:14:ad:04:b9:7a:a4:62:20:ae:af:52:8d:b0:
13:fc:90:61:59:28:4f:fa:19:ee:e6:73:30:78:9a:c9:d4:57:
6e:0e:ce:81:f0:e2:7f:22:d0:4d:55:11:b9:aa:f2:54:a8:4a:
55:37:9e:85:51:3b:ae:3d:8e:0d:04:8c:98:3b:ff:93:c0:ca:
b9:3e:a4:2a:bc:51:38:3c:11:86:ea:9e:d7:72:d1:dc:5a:17:
e1:0c:9a:43:56:da:f9:c7:fe:c6:f2:ba:de:aa:f7:c5:35:88:
6e:ef:09:35:72:07:f1:e5:ba:75:e3:77:7c:08:c5:74:d8:0a:
1c:8d:d5:dc:69:f7:8f:99:95:54:bd:b2:dc:82:fa:6a:bd:6b:
85:fb:19:cb:7f:92:05:83:21:10:ba:bd:c9:bf:5c:18:24:25:
06:9e:aa:b0:b5:50:f0:f5:5f:be:ac:d1:bd:02:18:c9:3f:43:
23:1e:8a:3b:41:c9:82:62:dd:c4:75:ee:71:f3:a8:8e:8b:2c:
3b:61:e2:ed:b8:30:75:82:57:b0:74:f7:13:bb:a1:96:15:26:
84:de:ff:cb:07:1e:fe:45:22:a0:7b:68:9a:94:04:b5:69:f9:
b4:ce:e8:ad:52:7b:ec:24:09:21:df:b1:14:ef:32:37:1b:ed:
b0:3a:df:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAV+pMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAxMDgyMjEwWhcNMjUwNzA3MDgyMjEwWjAYMRYw
FAYDVQQDEw02ODYzOWFiZC0wOGY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxlej7hi50+lvcBNK+JR03uSVUH50l4nM+AZNFbsg5PmTF91WpxfRSbq9
E4J6n1Ro7+SD9cPaz8TQXV/cgqb8u3t9fnPjhMDPwbv2dSagB7tUEAYbJQixbKcl
PQbXWYixHYAhVD9txa7XOBFqC+qo6vEpUth8IdTKoYSUBAWsr78WkgN5E4XQV9nY
9betMJUWqeaQBBkl0xPpg2FH+gLkd85XESdqx2CB+UKqaURSwLgQRxav8Fxu1RLN
7NaJIrLnBekCMru09/8QlTHqwFHQIVinZrsZ0fkt5B00+nyMhxHS9oULZ/Wr0XVR
rB7bcYvxbxgDgcFIoMdFQsYYp7fihQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHDt
PE/+ciq/xajQQLagUpagSRpnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MEUzQjhFNjU2NTQxMUYwOUU2RUMyRDREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP+AMA0GCSqGSIb3DQEBCwUA
A4IBAQB8UtY8+hStBLl6pGIgrq9SjbAT/JBhWShP+hnu5nMweJrJ1FduDs6B8OJ/
ItBNVRG5qvJUqEpVN56FUTuuPY4NBIyYO/+TwMq5PqQqvFE4PBGG6p7XctHcWhfh
DJpDVtr5x/7G8rreqvfFNYhu7wk1cgfx5bp143d8CMV02AocjdXcafePmZVUvbLc
gvpqvWuF+xnLf5IFgyEQur3Jv1wYJCUGnqqwtVDw9V++rNG9AhjJP0MjHoo7QcmC
Yt3Ede5x86iOiyw7YeLtuDB1glewdPcTu6GWFSaE3v/LBx7+RSKge2ialAS1afm0
zuitUnvsJAkh37EU7zI3G+2wOt/W
-----END CERTIFICATE-----
Generated at Sun Jul 6 16:38:01 2025 by rpki-client