Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2A8665A49CC11F09C4FB6C6DAE4EC9C.roa
File: F2A8665A49CC11F09C4FB6C6DAE4EC9C.roa (raw, json)
Hash identifier: CVJxPtEFWA9RZmql5wAG8Ey2ThRsncCQgtuprC3bIik=
Subject key identifier: A6:52:75:5D:F7:28:5D:61:9A:2E:7D:15:9C:39:D0:C3:5A:71:99:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C32
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2A8665A49CC11F09C4FB6C6DAE4EC9C.roa
Signing time: Sun 15 Jun 2025 09:41:45 +0000
ROA not before: Sun 15 Jun 2025 09:41:40 +0000
ROA not after: Tue 28 Apr 2026 09:41:40 +0000
asID: 13335
IP address blocks: 156.255.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 11:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89138 (0x15c32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 15 09:41:40 2025 GMT
Not After : Apr 28 09:41:40 2026 GMT
Subject: CN=684e9558-9355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ca:f0:f2:60:06:46:1c:58:eb:fd:d8:96:e4:
e2:03:12:e9:8c:e3:0b:a3:3d:b4:46:72:b1:e3:90:
a6:2a:4d:73:6b:8c:41:75:c4:a9:63:40:97:92:e9:
0a:5e:4b:ca:de:40:9e:54:5e:18:95:25:5b:f4:7c:
41:a6:c2:ae:cc:86:dd:67:be:4d:e3:9c:15:ed:5d:
74:0b:8a:bb:90:eb:a7:30:5a:22:7c:b9:38:0c:10:
e8:7e:d7:a9:f5:7a:7d:c7:b6:1c:da:93:60:84:85:
11:7c:ed:a2:67:24:82:26:77:a6:20:1c:80:b7:db:
f5:f5:c9:b5:04:84:cf:91:f3:b3:3e:b1:09:f4:14:
c9:16:5b:01:fd:e2:22:3c:c8:60:14:1f:58:2b:f1:
de:81:a2:83:7a:fb:fd:81:3f:14:98:89:f9:13:51:
37:ce:74:3b:b0:9f:d6:2b:43:0e:e0:2f:86:13:9a:
96:5e:c9:91:9c:1e:4c:8a:21:dc:02:6b:c4:32:02:
c6:80:fb:97:de:f0:77:91:0c:80:08:9c:63:b6:15:
4c:07:b8:b5:dd:97:f7:2b:23:f2:bb:a2:e6:6f:9b:
5b:3f:85:14:04:10:46:1d:1f:04:fc:1b:eb:83:17:
3f:33:3c:42:5a:23:ec:fe:18:56:4a:9f:a7:f2:84:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:52:75:5D:F7:28:5D:61:9A:2E:7D:15:9C:39:D0:C3:5A:71:99:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2A8665A49CC11F09C4FB6C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.123.0/24
Signature Algorithm: sha256WithRSAEncryption
45:46:a8:dd:24:18:c2:40:f8:a2:ab:62:42:21:7f:18:e9:5e:
ab:67:07:e4:f0:87:5a:77:43:84:8d:d9:46:14:39:4c:6c:1c:
63:5f:de:a2:d6:37:05:57:45:0a:22:7e:39:b0:14:61:65:c2:
c5:d6:23:8d:01:54:25:5f:cf:bf:f2:bd:03:0e:d2:0c:2c:36:
70:ed:92:43:8b:38:d9:8d:67:a1:3a:5e:3b:67:4b:42:7d:ab:
60:fb:9a:ab:1b:2a:24:b0:15:71:76:83:c5:b4:72:74:51:7b:
09:e4:9c:60:40:84:eb:8a:0d:5a:cd:27:86:1c:51:d0:5a:5b:
9c:2c:8e:12:01:28:af:68:23:57:5a:bf:73:f5:20:78:c3:ff:
09:18:e9:cb:eb:be:66:49:94:cf:3c:cf:9f:d6:5e:53:b3:9c:
23:dd:7d:03:38:a3:8e:ee:76:f1:2d:bc:0f:59:11:f1:fd:2c:
79:23:5f:ad:70:ea:58:42:23:4d:6c:ba:3d:92:b6:6a:d0:a6:
e8:69:d3:02:ba:4d:29:d1:e0:9a:2a:b5:c5:83:c0:97:dd:d2:
4a:1c:ad:37:f8:38:19:48:51:6a:c6:37:f6:81:c3:fb:85:2b:
a0:66:cb:53:b5:1b:e5:49:2c:b6:7b:10:e7:38:62:da:77:f5:
74:b6:6f:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVwyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE1MDk0MTQwWhcNMjYwNDI4MDk0MTQwWjAYMRYw
FAYDVQQDEw02ODRlOTU1OC05MzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx8rw8mAGRhxY6/3YluTiAxLpjOMLoz20RnKx45CmKk1za4xBdcSpY0CX
kukKXkvK3kCeVF4YlSVb9HxBpsKuzIbdZ75N45wV7V10C4q7kOunMFoifLk4DBDo
ftep9Xp9x7Yc2pNghIURfO2iZySCJnemIByAt9v19cm1BITPkfOzPrEJ9BTJFlsB
/eIiPMhgFB9YK/HegaKDevv9gT8UmIn5E1E3znQ7sJ/WK0MO4C+GE5qWXsmRnB5M
iiHcAmvEMgLGgPuX3vB3kQyACJxjthVMB7i13Zf3KyPyu6Lmb5tbP4UUBBBGHR8E
/Bvrgxc/MzxCWiPs/hhWSp+n8oRbsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKZS
dV33KF1hmi59FZw50MNacZn5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMkE4NjY1QTQ5Q0MxMUYwOUM0RkI2QzZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP97MA0GCSqGSIb3DQEBCwUA
A4IBAQBFRqjdJBjCQPiiq2JCIX8Y6V6rZwfk8Idad0OEjdlGFDlMbBxjX96i1jcF
V0UKIn45sBRhZcLF1iONAVQlX8+/8r0DDtIMLDZw7ZJDizjZjWehOl47Z0tCfatg
+5qrGyoksBVxdoPFtHJ0UXsJ5JxgQITrig1azSeGHFHQWlucLI4SASivaCNXWr9z
9SB4w/8JGOnL675mSZTPPM+f1l5Ts5wj3X0DOKOO7nbxLbwPWRHx/Sx5I1+tcOpY
QiNNbLo9krZq0KboadMCuk0p0eCaKrXFg8CX3dJKHK03+DgZSFFqxjf2gcP7hSug
ZstTtRvlSSy2exDnOGLad/V0tm+y
-----END CERTIFICATE-----
Generated at Wed Jul 2 05:24:16 2025 by rpki-client