Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/702497F0502311F0A0A1EC91DAE4EC9C.roa
File: 702497F0502311F0A0A1EC91DAE4EC9C.roa (raw, json)
Hash identifier: TKThQssce2usSG8fqrLv7uZqNWwbS2fbqTY3b7wi6xo=
Subject key identifier: 27:BE:87:E3:F7:54:24:D9:6E:A1:EB:B8:48:75:86:67:40:05:9E:E2
Certificate issuer: /CN=F36D2FA4AR/serialNumber=4121D28E0BB9EAFEE02003F923AC740C26F58364
Certificate serial: 0C
Authority key identifier: 41:21:D2:8E:0B:B9:EA:FE:E0:20:03:F9:23:AC:74:0C:26:F5:83:64
Authority info access: rsync://rpki.afrinic.net/repository/arin/QSHSjgu56v7gIAP5I6x0DCb1g2Q.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/702497F0502311F0A0A1EC91DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 11:15:58 +0000
ROA not before: Mon 23 Jun 2025 11:15:54 +0000
ROA not after: Mon 21 Jun 2049 11:15:54 +0000
asID: 10474
IP address blocks: 152.111.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/QSHSjgu56v7gIAP5I6x0DCb1g2Q.crl
rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/QSHSjgu56v7gIAP5I6x0DCb1g2Q.mft
rsync://rpki.afrinic.net/repository/arin/QSHSjgu56v7gIAP5I6x0DCb1g2Q.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 01 Jul 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F36D2FA4AR, serialNumber=4121D28E0BB9EAFEE02003F923AC740C26F58364
Validity
Not Before: Jun 23 11:15:54 2025 GMT
Not After : Jun 21 11:15:54 2049 GMT
Subject: CN=6859376e-78aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:23:e7:d1:10:b4:59:00:5a:c3:63:f5:09:e1:
ea:5f:7d:7e:2a:2b:e8:62:6c:f5:54:b1:03:95:57:
57:b3:0c:4b:be:d2:cc:b2:1a:bd:9e:2e:99:4b:d5:
4c:77:9f:a3:d1:51:13:5e:33:75:30:46:1b:0a:b2:
0f:3b:c7:58:b5:d6:df:dc:35:53:79:6b:8e:e2:98:
7d:de:5e:ca:30:96:a4:06:dd:b9:bf:de:40:d7:a3:
98:99:cb:09:23:23:17:4c:cb:47:15:a0:95:de:17:
e2:4a:aa:06:84:d6:23:78:92:95:c2:68:a5:b8:df:
cd:4c:55:82:bb:ac:38:9a:c8:67:a8:a7:ca:61:58:
98:a6:ff:69:5d:18:53:c0:6a:69:15:07:04:93:d3:
aa:93:11:b2:cf:cb:e5:8f:a6:68:b3:a7:81:ab:6b:
f4:fe:e7:3e:7a:7b:fe:4d:71:c6:d6:29:9f:d8:51:
a0:4e:e3:55:10:72:77:ca:c0:83:37:d1:fe:c1:2a:
33:59:78:28:da:47:7b:7e:89:61:bd:1c:17:fb:2a:
c5:74:41:78:50:7e:5b:6c:06:cd:c0:17:7f:1d:8e:
69:dd:f0:6f:fc:0f:e3:a8:47:0e:1d:4a:8d:b3:62:
6d:c5:e7:19:95:d3:a0:ab:d5:8c:f9:69:de:c1:dd:
a4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:BE:87:E3:F7:54:24:D9:6E:A1:EB:B8:48:75:86:67:40:05:9E:E2
X509v3 Authority Key Identifier:
keyid:41:21:D2:8E:0B:B9:EA:FE:E0:20:03:F9:23:AC:74:0C:26:F5:83:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/QSHSjgu56v7gIAP5I6x0DCb1g2Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/QSHSjgu56v7gIAP5I6x0DCb1g2Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36D2FA4/3425FC804CEA11F0948EF79BDAE4EC9C/702497F0502311F0A0A1EC91DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
152.111.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:14:e1:81:b7:b4:5c:1e:37:7a:02:03:92:47:d8:28:8c:60:
51:5c:8c:77:08:cb:8a:51:41:75:69:7c:e0:5e:98:51:60:db:
57:b1:8f:63:ef:c2:10:47:ca:42:19:82:86:ff:20:39:a4:42:
23:98:fe:75:2f:12:2e:cf:19:56:a2:12:93:b5:00:b8:39:e3:
92:19:e5:69:89:83:75:bd:4f:22:ee:d1:d7:cf:ba:d4:2b:a9:
af:ef:db:a8:20:64:56:91:a4:5e:11:ed:54:31:2c:13:77:be:
f6:32:ce:24:36:bb:38:36:f1:34:b5:a3:4b:97:c7:ff:4d:5c:
56:cd:16:f8:91:e1:30:6b:38:b3:7a:96:81:39:a9:dd:24:a2:
57:d1:39:b5:40:4d:39:e6:60:48:b3:ec:aa:95:d8:8b:31:4c:
eb:eb:da:5e:98:4c:18:a4:11:11:02:28:a2:9d:41:c2:2a:3f:
6d:a8:db:3f:d5:d8:43:16:f0:0d:86:c9:11:f9:e3:7a:e0:90:
9e:21:42:3b:48:df:4f:4e:11:c2:66:65:02:ed:91:da:a2:b8:
b2:17:05:eb:ce:0f:cd:ed:10:7b:1c:09:3f:fc:62:1d:e0:a2:
41:bd:09:52:15:46:fe:cf:e8:b0:11:ca:72:66:62:ee:5c:14:
df:3d:f6:c7
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZE
MkZBNEFSMTEwLwYDVQQFEyg0MTIxRDI4RTBCQjlFQUZFRTAyMDAzRjkyM0FDNzQw
QzI2RjU4MzY0MB4XDTI1MDYyMzExMTU1NFoXDTQ5MDYyMTExMTU1NFowGDEWMBQG
A1UEAxMNNjg1OTM3NmUtNzhhYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0j59EQtFkAWsNj9Qnh6l99fior6GJs9VSxA5VXV7MMS77SzLIavZ4umUvV
THefo9FRE14zdTBGGwqyDzvHWLXW39w1U3lrjuKYfd5eyjCWpAbdub/eQNejmJnL
CSMjF0zLRxWgld4X4kqqBoTWI3iSlcJopbjfzUxVgrusOJrIZ6inymFYmKb/aV0Y
U8BqaRUHBJPTqpMRss/L5Y+maLOngatr9P7nPnp7/k1xxtYpn9hRoE7jVRByd8rA
gzfR/sEqM1l4KNpHe36JYb0cF/sqxXRBeFB+W2wGzcAXfx2Oad3wb/wP46hHDh1K
jbNibcXnGZXToKvVjPlp3sHdpH0CAwEAAaOCAqEwggKdMB0GA1UdDgQWBBQnvofj
91Qk2W6h67hIdYZnQAWe4jAfBgNVHSMEGDAWgBRBIdKOC7nq/uAgA/kjrHQMJvWD
ZDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2RDJGQTQvMzQyNUZDODA0Q0VBMTFGMDk0OEVGNzlCREFFNEVDOUMvUVNIU2pn
dTU2djdnSUFQNUk2eDBEQ2IxZzJRLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
UVNIU2pndTU2djdnSUFQNUk2eDBEQ2IxZzJRLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2RDJGQTQvMzQyNUZDODA0Q0VBMTFGMDk0OEVGNzlCREFFNEVD
OUMvNzAyNDk3RjA1MDIzMTFGMEEwQTFFQzkxREFFNEVDOUMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJhvMA0GCSqGSIb3DQEBCwUAA4IB
AQCUFOGBt7RcHjd6AgOSR9gojGBRXIx3CMuKUUF1aXzgXphRYNtXsY9j78IQR8pC
GYKG/yA5pEIjmP51LxIuzxlWohKTtQC4OeOSGeVpiYN1vU8i7tHXz7rUK6mv79uo
IGRWkaReEe1UMSwTd772Ms4kNrs4NvE0taNLl8f/TVxWzRb4keEwazizepaBOand
JKJX0Tm1QE055mBIs+yqldiLMUzr69pemEwYpBERAiiinUHCKj9tqNs/1dhDFvAN
hskR+eN64JCeIUI7SN9PThHCZmUC7ZHaoriyFwXrzg/N7RB7HAk//GId4KJBvQlS
FUb+z+iwEcpyZmLuXBTfPfbH
-----END CERTIFICATE-----
Generated at Sun Jun 29 19:55:22 2025 by rpki-client