Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0A27EEE477F11F096FB4DBEDAE4EC9C.roa
File: F0A27EEE477F11F096FB4DBEDAE4EC9C.roa (raw, json)
Hash identifier: 279yuX0ZWfXMfwDtn7CK9Ao/PqoXD6+pzyxWihr3AVM=
Subject key identifier: 09:6F:03:2B:49:88:D5:F7:3C:17:2D:A0:9C:0F:52:F8:8B:B7:65:E0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015B6F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0A27EEE477F11F096FB4DBEDAE4EC9C.roa
Signing time: Thu 12 Jun 2025 11:25:28 +0000
ROA not before: Thu 12 Jun 2025 11:25:05 +0000
ROA not after: Mon 21 Jul 2025 11:25:05 +0000
asID: 203020
IP address blocks: 156.233.180.0/22 maxlen: 24
156.233.184.0/21 maxlen: 24
156.233.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88943 (0x15b6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 12 11:25:05 2025 GMT
Not After : Jul 21 11:25:05 2025 GMT
Subject: CN=684ab928-816e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:87:15:34:01:62:36:1d:0f:d4:1c:0b:38:
6b:eb:c4:41:07:65:19:6b:9d:f5:70:5d:8b:3b:1a:
56:4e:7a:ca:52:a3:25:09:5b:83:0b:98:03:c1:35:
b5:60:42:0a:76:c2:37:b2:b3:d3:e7:0b:bc:73:18:
b1:ce:b8:a5:e8:cd:94:82:c9:dc:92:b2:9d:0c:f9:
50:7b:f5:d7:1b:f8:9d:6d:53:dd:11:70:ff:80:dc:
e4:a5:80:b7:49:c9:40:7b:f0:91:83:95:56:04:89:
80:1b:5b:7a:9b:dd:40:8a:30:7c:0f:98:da:0c:6f:
ea:b7:75:0e:c9:6c:c1:ee:86:a9:11:ac:86:26:51:
3b:b1:2a:46:0d:df:34:7b:1d:ce:47:51:d7:a8:2c:
de:d7:49:a2:98:1e:a2:20:df:2d:e3:b6:aa:17:5c:
57:61:5e:66:62:c7:62:5d:9d:dd:d1:2a:08:49:b8:
df:ae:0b:db:d0:2e:95:a8:be:64:ce:de:c3:d5:d9:
2b:9a:d0:8f:81:ad:0e:51:a7:b7:fe:4d:27:e6:c9:
c3:4b:16:69:ef:19:10:dc:f3:21:c8:40:02:97:fb:
73:b0:68:5e:25:cf:f8:93:3a:fc:28:29:2c:2f:a0:
1d:a1:2e:61:68:7a:9b:ee:f7:f7:a2:0f:42:03:f2:
0a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6F:03:2B:49:88:D5:F7:3C:17:2D:A0:9C:0F:52:F8:8B:B7:65:E0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F0A27EEE477F11F096FB4DBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.180.0-156.233.192.255
Signature Algorithm: sha256WithRSAEncryption
08:e6:a0:5f:95:64:eb:c9:f5:a5:e1:bd:cc:b2:cc:70:b7:fb:
c0:3f:ff:7b:bc:9d:98:7e:dd:6d:1d:cf:15:ad:97:5a:1c:19:
e9:0c:cd:b7:c4:52:16:6f:56:b1:38:11:de:f1:40:2e:b9:16:
6f:8f:85:de:c6:ca:88:31:2a:ae:c9:7c:28:ae:78:ee:39:e9:
29:50:a3:8f:09:1f:d4:ae:05:27:0c:09:f3:a7:35:da:48:72:
ab:f3:71:77:da:72:e9:b6:19:4f:d0:23:41:2b:65:00:c0:01:
f8:7c:0d:17:19:91:11:e0:e3:9f:b0:97:8e:fb:0c:ee:4d:15:
88:b2:9f:b6:36:1f:ff:ee:8b:90:c5:55:62:0f:a9:99:8a:be:
d8:1b:12:8e:ae:87:f0:b8:94:02:ac:0e:98:9d:42:95:1d:78:
36:ae:f3:da:6e:2f:00:4b:d9:de:9f:fc:51:bd:c8:32:f5:ff:
7f:07:f7:ea:93:f9:b5:41:c8:6e:cf:e1:56:68:39:44:75:75:
82:27:a1:21:fb:83:b3:1c:cb:cf:f1:a3:d7:69:4c:0e:8c:42:
9d:79:76:96:d3:08:bf:33:9f:9c:57:a3:9b:0d:ff:c9:9d:f7:
3c:58:af:bf:c3:4c:a0:0f:81:9c:6e:55:6e:bb:a8:c3:04:64:
1b:ae:9f:3c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVtvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEyMTEyNTA1WhcNMjUwNzIxMTEyNTA1WjAYMRYw
FAYDVQQDEw02ODRhYjkyOC04MTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnW2HFTQBYjYdD9QcCzhr68RBB2UZa531cF2LOxpWTnrKUqMlCVuDC5gD
wTW1YEIKdsI3srPT5wu8cxixzril6M2UgsnckrKdDPlQe/XXG/idbVPdEXD/gNzk
pYC3SclAe/CRg5VWBImAG1t6m91AijB8D5jaDG/qt3UOyWzB7oapEayGJlE7sSpG
Dd80ex3OR1HXqCze10mimB6iIN8t47aqF1xXYV5mYsdiXZ3d0SoISbjfrgvb0C6V
qL5kzt7D1dkrmtCPga0OUae3/k0n5snDSxZp7xkQ3PMhyEACl/tzsGheJc/4kzr8
KCksL6AdoS5haHqb7vf3og9CA/IKKwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAlv
AytJiNX3PBctoJwPUviLt2XgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMEEyN0VFRTQ3N0YxMUYwOTZGQjREQkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKc6bQDBACc6cAwDQYJKoZI
hvcNAQELBQADggEBAAjmoF+VZOvJ9aXhvcyyzHC3+8A//3u8nZh+3W0dzxWtl1oc
GekMzbfEUhZvVrE4Ed7xQC65Fm+Phd7GyogxKq7JfCiueO456SlQo48JH9SuBScM
CfOnNdpIcqvzcXfacum2GU/QI0ErZQDAAfh8DRcZkRHg45+wl477DO5NFYiyn7Y2
H//ui5DFVWIPqZmKvtgbEo6uh/C4lAKsDpidQpUdeDau89puLwBL2d6f/FG9yDL1
/38H9+qT+bVByG7P4VZoOUR1dYInoSH7g7Mcy8/xo9dpTA6MQp15dpbTCL8zn5xX
o5sN/8md9zxYr7/DTKAPgZxuVW67qMMEZBuunzw=
-----END CERTIFICATE-----
Generated at Mon Jun 30 15:51:53 2025 by rpki-client