Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFCE2BE04ABB11F082D26BD1DAE4EC9C.roa
File: AFCE2BE04ABB11F082D26BD1DAE4EC9C.roa (raw, json)
Hash identifier: JjmB11Wp+QrttBw2Pmyg6yljLEw0LHdQOzsux2mekeA=
Subject key identifier: 37:54:E1:E1:54:04:04:64:2C:87:DA:F8:E4:82:70:86:5C:60:1E:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C6B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFCE2BE04ABB11F082D26BD1DAE4EC9C.roa
Signing time: Mon 16 Jun 2025 14:10:42 +0000
ROA not before: Mon 16 Jun 2025 14:10:37 +0000
ROA not after: Sun 20 Jul 2025 14:10:37 +0000
asID: 20326
IP address blocks: 156.233.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 00:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89195 (0x15c6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 16 14:10:37 2025 GMT
Not After : Jul 20 14:10:37 2025 GMT
Subject: CN=685025e2-0ec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:0e:80:c5:6b:86:70:53:0b:ae:0a:4c:3f:3e:
1a:a9:80:f3:a5:73:8d:fe:a8:86:51:cd:41:3f:b7:
df:ea:a5:ab:0e:6f:72:fe:0d:de:1f:c7:94:32:86:
2d:71:16:5b:12:33:f7:6f:fc:86:95:56:88:e1:cb:
bc:a6:8c:a1:87:e1:7c:1c:6a:b2:b8:f6:20:f8:f9:
b9:1e:e6:58:26:4f:dd:39:39:24:37:54:6d:b4:ea:
07:e1:97:bf:42:c7:79:3e:81:79:f0:64:f9:80:c0:
b9:c8:5b:d1:bb:ca:55:2e:92:a7:0a:34:15:51:ac:
ba:48:92:69:3f:00:5c:b1:0a:86:6c:4e:63:b3:f0:
9c:90:26:61:80:64:d4:7b:0b:9a:19:cf:81:b3:3a:
c5:fb:92:34:dd:0b:28:32:d5:76:4e:c9:18:d0:a5:
21:12:07:27:f0:bc:d6:10:0b:7f:c8:96:ab:49:a4:
5d:ae:67:7e:45:b9:fa:a0:31:0a:55:b2:fe:a6:c3:
ab:d7:71:63:e9:26:8f:a6:13:f6:4b:d8:19:5e:9c:
e8:7a:e8:70:22:5c:84:d9:f6:a8:dd:47:5f:da:08:
44:51:2f:28:ef:dc:bf:54:94:d5:d0:f9:05:dd:cf:
7d:2f:3a:07:3f:11:9c:e5:1e:cc:7b:92:bd:4b:e4:
c5:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:54:E1:E1:54:04:04:64:2C:87:DA:F8:E4:82:70:86:5C:60:1E:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFCE2BE04ABB11F082D26BD1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.10.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:ae:f2:b5:74:a1:4a:08:87:76:df:e3:dc:8a:da:1d:e3:59:
80:57:ab:66:b5:37:75:d6:99:7f:48:f4:af:07:c7:ea:cb:07:
47:e1:5d:9f:6c:22:31:cf:3f:e1:14:a5:0a:3d:4f:29:8d:46:
91:3a:53:93:96:57:e6:e6:ce:f9:7a:5b:a8:2d:bd:6f:47:3f:
06:b6:a4:6e:b9:f7:36:4e:0e:a3:ef:e4:d6:91:35:96:81:e3:
df:1c:85:0f:05:fe:42:4f:8e:2a:48:26:45:00:b1:fb:e5:69:
6b:85:92:4d:e1:a8:bf:8c:ed:9c:ea:9d:48:ed:b4:4e:8d:ca:
7d:1a:49:64:97:31:ba:c2:0f:c5:86:b9:4e:e1:a1:2d:b1:0e:
bd:a1:41:3b:c3:29:29:0d:c9:4f:7d:3a:a0:ab:be:da:c2:80:
6e:1a:6f:f9:21:b1:13:31:f8:34:fc:ae:a3:51:01:d2:87:a0:
d6:7f:30:36:d5:88:6d:f6:47:fb:aa:15:5a:20:f3:c5:ab:86:
a0:aa:f5:02:ca:09:bf:6b:b5:db:12:1a:ac:09:ee:c7:1d:6e:
2b:e9:6a:bd:2e:53:f0:0f:1a:4c:aa:19:2a:5c:88:17:61:77:
cc:b1:10:b0:33:e4:af:90:ed:43:cd:0d:af:9b:e7:18:c3:61:
26:01:28:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVxrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE2MTQxMDM3WhcNMjUwNzIwMTQxMDM3WjAYMRYw
FAYDVQQDEw02ODUwMjVlMi0wZWM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+Q6AxWuGcFMLrgpMPz4aqYDzpXON/qiGUc1BP7ff6qWrDm9y/g3eH8eU
MoYtcRZbEjP3b/yGlVaI4cu8poyhh+F8HGqyuPYg+Pm5HuZYJk/dOTkkN1RttOoH
4Ze/Qsd5PoF58GT5gMC5yFvRu8pVLpKnCjQVUay6SJJpPwBcsQqGbE5js/CckCZh
gGTUewuaGc+BszrF+5I03QsoMtV2TskY0KUhEgcn8LzWEAt/yJarSaRdrmd+Rbn6
oDEKVbL+psOr13Fj6SaPphP2S9gZXpzoeuhwIlyE2fao3Udf2ghEUS8o79y/VJTV
0PkF3c99LzoHPxGc5R7Me5K9S+TF4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDdU
4eFUBARkLIfa+OSCcIZcYB6HMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRkNFMkJFMDRBQkIxMUYwODJEMjZCRDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOkKMA0GCSqGSIb3DQEBCwUA
A4IBAQCurvK1dKFKCId23+Pcitod41mAV6tmtTd11pl/SPSvB8fqywdH4V2fbCIx
zz/hFKUKPU8pjUaROlOTllfm5s75eluoLb1vRz8GtqRuufc2Tg6j7+TWkTWWgePf
HIUPBf5CT44qSCZFALH75WlrhZJN4ai/jO2c6p1I7bROjcp9GklklzG6wg/FhrlO
4aEtsQ69oUE7wykpDclPfTqgq77awoBuGm/5IbETMfg0/K6jUQHSh6DWfzA21Yht
9kf7qhVaIPPFq4agqvUCygm/a7XbEhqsCe7HHW4r6Wq9LlPwDxpMqhkqXIgXYXfM
sRCwM+SvkO1DzQ2vm+cYw2EmASjP
-----END CERTIFICATE-----
Generated at Tue Jul 1 05:44:59 2025 by rpki-client