Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F7CFD21A490611F0B768DDBEDAE4EC9C.roa
File: F7CFD21A490611F0B768DDBEDAE4EC9C.roa (raw, json)
Hash identifier: tgt7MYoOqwYANtC35ghvi+G3M61f7D8vhjhUkCkU6dA=
Subject key identifier: 66:7D:3D:E0:BD:04:73:86:06:1D:B2:78:70:FD:F6:49:30:8D:F0:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015BFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F7CFD21A490611F0B768DDBEDAE4EC9C.roa
Signing time: Sat 14 Jun 2025 10:04:33 +0000
ROA not before: Sat 14 Jun 2025 10:04:27 +0000
ROA not after: Fri 04 Jul 2025 10:04:27 +0000
asID: 54600
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.252.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 01:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89083 (0x15bfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 14 10:04:27 2025 GMT
Not After : Jul 4 10:04:27 2025 GMT
Subject: CN=684d4931-0ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:04:8d:d3:ce:3d:6a:f6:10:1a:86:b9:bd:fc:
5f:e7:e4:fc:ed:88:e4:62:e2:ef:7a:4e:8c:69:35:
49:bb:4d:57:5b:ee:92:1e:16:70:a1:c3:68:53:96:
e5:b6:1a:77:9d:d6:01:76:3b:5d:e4:e9:fe:a7:38:
d2:92:89:9f:d9:2c:9d:d5:3a:bc:a3:d3:c2:de:80:
70:4b:4e:8f:92:8a:d2:a2:c9:d7:87:7c:b0:6a:fc:
b8:07:2f:97:88:fb:23:13:f3:48:5e:24:7c:ed:f1:
91:ab:d8:bc:89:23:d2:f5:47:63:5e:e6:66:65:6a:
eb:9e:85:dd:93:a8:f3:6e:40:3b:d2:7a:d1:2d:32:
08:7b:92:69:2e:1e:89:6d:ac:f1:c7:24:9c:6b:89:
c7:84:a0:5f:64:41:17:88:12:44:3a:52:08:6b:52:
94:f6:8e:5a:34:7d:c2:1e:30:f7:28:76:54:9e:e6:
51:a0:1c:23:6a:c4:8f:af:90:e3:04:18:18:bc:b6:
07:de:5c:8e:fd:63:58:f2:8e:39:e8:69:d7:10:bb:
1c:0b:08:99:de:88:0f:66:5b:e2:ea:cb:6e:7a:7f:
38:dd:d9:a7:17:0b:f6:a5:dc:4a:9b:9b:c0:72:80:
fd:22:b8:6c:d5:fc:42:f2:7a:f7:b9:9e:21:40:0b:
c6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7D:3D:E0:BD:04:73:86:06:1D:B2:78:70:FD:F6:49:30:8D:F0:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F7CFD21A490611F0B768DDBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.252.96.0/19
Signature Algorithm: sha256WithRSAEncryption
18:ee:74:ab:66:b0:b8:f3:37:4c:f8:91:b4:99:ee:ad:b3:e2:
3a:a8:ac:b2:50:9f:00:da:e4:28:45:df:98:f5:82:75:08:a7:
5b:dc:49:c1:df:51:f4:71:09:51:5f:7e:93:ed:4c:4c:48:de:
32:f3:23:c4:c8:8c:ae:72:46:a8:80:05:1a:61:2b:70:30:c2:
04:dd:5b:88:54:7d:c7:25:e4:5b:bf:e8:65:82:1b:69:57:e6:
13:88:83:1b:a5:d4:a9:00:ad:bb:64:e2:1b:d4:02:50:3a:0d:
10:65:bb:86:d4:3a:28:c3:33:bc:c1:ea:2e:d7:2e:25:e6:0f:
45:9f:14:61:e4:e2:26:30:15:19:a0:39:23:16:fc:5d:81:0e:
10:dc:1d:51:4e:3e:94:bb:e7:ce:64:f6:f2:8a:3d:96:0d:4a:
11:9a:32:80:c5:99:84:eb:f3:cb:c4:f9:b0:6a:23:60:db:07:
18:50:a8:70:30:86:c4:90:6f:25:73:c0:aa:40:d6:e9:28:6a:
06:50:da:63:81:24:e1:3b:37:9e:f8:41:35:b2:58:97:2b:5a:
cc:4b:4b:ac:7e:8a:18:04:7d:44:7f:9c:d2:04:67:89:79:53:
d6:9e:cc:d5:d6:88:3b:39:fe:79:8c:98:51:1d:dd:7b:8f:d0:
90:8f:f9:3e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVv7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE0MTAwNDI3WhcNMjUwNzA0MTAwNDI3WjAYMRYw
FAYDVQQDEw02ODRkNDkzMS0wZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsgSN0849avYQGoa5vfxf5+T87YjkYuLvek6MaTVJu01XW+6SHhZwocNo
U5blthp3ndYBdjtd5On+pzjSkomf2Syd1Tq8o9PC3oBwS06PkorSosnXh3ywavy4
By+XiPsjE/NIXiR87fGRq9i8iSPS9UdjXuZmZWrrnoXdk6jzbkA70nrRLTIIe5Jp
Lh6JbazxxySca4nHhKBfZEEXiBJEOlIIa1KU9o5aNH3CHjD3KHZUnuZRoBwjasSP
r5DjBBgYvLYH3lyO/WNY8o456GnXELscCwiZ3ogPZlvi6stuen843dmnFwv2pdxK
m5vAcoD9Irhs1fxC8nr3uZ4hQAvGpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGZ9
PeC9BHOGBh2yeHD99kkwjfDcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GN0NGRDIxQTQ5MDYxMUYwQjc2OEREQkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFnOOgAwQFnPxgMA0GCSqGSIb3
DQEBCwUAA4IBAQAY7nSrZrC48zdM+JG0me6ts+I6qKyyUJ8A2uQoRd+Y9YJ1CKdb
3EnB31H0cQlRX36T7UxMSN4y8yPEyIyuckaogAUaYStwMMIE3VuIVH3HJeRbv+hl
ghtpV+YTiIMbpdSpAK27ZOIb1AJQOg0QZbuG1DoowzO8weou1y4l5g9FnxRh5OIm
MBUZoDkjFvxdgQ4Q3B1RTj6Uu+fOZPbyij2WDUoRmjKAxZmE6/PLxPmwaiNg2wcY
UKhwMIbEkG8lc8CqQNbpKGoGUNpjgSThOzee+EE1sliXK1rMS0usfooYBH1Ef5zS
BGeJeVPWnszV1og7Of55jJhRHd17j9CQj/k+
-----END CERTIFICATE-----
Generated at Tue Jul 1 08:59:07 2025 by rpki-client