Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC77CD0C4B6011F08C30148ADAE4EC9C.roa
File: FC77CD0C4B6011F08C30148ADAE4EC9C.roa (raw, json)
Hash identifier: KyVvGCX6HeRa6GJjLVlehA6k8XBtrDalzAyS28Suoa4=
Subject key identifier: DF:42:D3:12:6B:92:5A:E4:60:80:EF:2D:68:7D:D1:EC:AA:E4:CA:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C90
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC77CD0C4B6011F08C30148ADAE4EC9C.roa
Signing time: Tue 17 Jun 2025 09:53:58 +0000
ROA not before: Tue 17 Jun 2025 09:53:52 +0000
ROA not after: Thu 24 Jul 2025 09:53:52 +0000
asID: 18013
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 06:28:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89232 (0x15c90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 17 09:53:52 2025 GMT
Not After : Jul 24 09:53:52 2025 GMT
Subject: CN=68513b36-8659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3a:e7:27:9d:76:2c:61:5b:5b:6e:51:f7:f8:
15:3a:84:b0:9c:17:f6:0b:4a:3c:87:58:ba:a1:09:
d2:26:bb:2b:24:6a:8a:00:55:f9:87:cb:5f:af:2f:
78:05:8c:f2:24:f6:fc:e7:19:1e:5f:e3:67:00:2b:
af:6b:1b:a7:47:7d:e8:34:1e:ec:9d:23:ee:e3:52:
47:6d:86:8b:d6:af:cb:5c:7f:d2:83:0b:71:85:2e:
da:f0:de:1b:7e:94:06:44:84:ff:ff:26:73:af:9a:
fc:28:ec:99:91:e4:6b:e2:e0:13:0c:fa:22:ac:d5:
fe:28:c0:0e:a1:95:80:c4:9b:44:8e:a9:de:49:4a:
51:37:1d:64:a9:b7:2d:ea:98:4c:6e:fd:64:e8:64:
78:d6:1d:8d:e3:a9:18:1c:66:c8:67:5e:45:1c:d4:
ef:c1:30:9d:70:41:41:00:c7:2f:12:c2:84:e1:94:
1d:3c:9c:5e:33:82:28:84:c9:18:99:4b:82:6c:64:
4b:74:e6:af:0b:83:64:36:29:bf:42:42:3e:e1:6e:
38:fc:6a:3b:e7:1f:73:36:52:50:65:ae:f3:7f:74:
98:32:de:cf:07:55:21:58:05:6d:6d:fd:48:8f:19:
9d:5e:0a:ab:9c:4d:36:4f:e9:f1:74:c8:b1:95:49:
cc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:42:D3:12:6B:92:5A:E4:60:80:EF:2D:68:7D:D1:EC:AA:E4:CA:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FC77CD0C4B6011F08C30148ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
3d:7e:be:d5:ba:01:0d:4b:d5:b1:54:cc:be:6d:0a:0f:ec:ef:
a1:e1:da:3b:9a:7f:5e:4c:98:eb:0a:ac:09:a6:d4:d7:5b:87:
63:6b:1c:f8:39:9a:25:b9:9d:96:4e:9a:3c:2f:d6:b2:56:89:
9a:5e:f4:74:37:09:f2:39:93:14:e8:b6:31:dd:01:4c:4d:96:
0d:4c:cc:29:b4:33:e8:cc:7b:38:ad:00:51:7e:4e:03:9f:3c:
f4:9d:4d:66:a4:2d:7f:88:7c:28:71:db:44:08:ea:2b:cd:8e:
6d:a1:f9:e3:bc:fb:5e:70:28:bd:2c:eb:f8:dd:ff:bd:d1:e7:
45:e5:66:07:73:39:af:f0:e7:c8:2a:05:02:93:71:d7:6f:49:
4a:08:8d:65:45:59:49:1e:0e:61:8b:86:82:b8:db:bd:44:83:
c8:3b:ca:c3:06:6a:e4:93:1b:57:69:f5:ed:97:93:4e:20:85:
71:dd:60:1d:14:1d:08:c1:63:da:f9:b1:d2:85:14:cb:e8:18:
76:74:d9:5a:3b:ad:b5:0a:4a:91:3a:92:19:c6:c8:ec:9d:5f:
3a:ed:2f:d3:0e:b0:d8:dd:fb:65:ec:9c:99:1c:69:a6:3b:28:
f1:a6:74:63:8e:5f:0d:1d:68:d0:c6:a1:95:f1:19:dc:b6:45:
80:a8:0a:40
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVyQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE3MDk1MzUyWhcNMjUwNzI0MDk1MzUyWjAYMRYw
FAYDVQQDEw02ODUxM2IzNi04NjU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1DrnJ512LGFbW25R9/gVOoSwnBf2C0o8h1i6oQnSJrsrJGqKAFX5h8tf
ry94BYzyJPb85xkeX+NnACuvaxunR33oNB7snSPu41JHbYaL1q/LXH/SgwtxhS7a
8N4bfpQGRIT//yZzr5r8KOyZkeRr4uATDPoirNX+KMAOoZWAxJtEjqneSUpRNx1k
qbct6phMbv1k6GR41h2N46kYHGbIZ15FHNTvwTCdcEFBAMcvEsKE4ZQdPJxeM4Io
hMkYmUuCbGRLdOavC4NkNim/QkI+4W44/Go75x9zNlJQZa7zf3SYMt7PB1UhWAVt
bf1IjxmdXgqrnE02T+nxdMixlUnMqQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFN9C
0xJrklrkYIDvLWh90eyq5MocMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQzc3Q0QwQzRCNjAxMUYwOEMzMDE0OEFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBAD1+vtW6AQ1L1bFUzL5tCg/s76Hh2juaf15MmOsKrAmm1Ndb
h2NrHPg5miW5nZZOmjwv1rJWiZpe9HQ3CfI5kxTotjHdAUxNlg1MzCm0M+jMezit
AFF+TgOfPPSdTWakLX+IfChx20QI6ivNjm2h+eO8+15wKL0s6/jd/73R50XlZgdz
Oa/w58gqBQKTcddvSUoIjWVFWUkeDmGLhoK4271Eg8g7ysMGauSTG1dp9e2Xk04g
hXHdYB0UHQjBY9r5sdKFFMvoGHZ02Vo7rbUKSpE6khnGyOydXzrtL9MOsNjd+2Xs
nJkcaaY7KPGmdGOOXw0daNDGoZXxGdy2RYCoCkA=
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:35:48 2025 by rpki-client