Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/04A065205AA211F0B33C04CBDAE4EC9C.roa
File: 04A065205AA211F0B33C04CBDAE4EC9C.roa (raw, json)
Hash identifier: pSSb/QNdUTyjd/A+mH7GRyz25kNmtV+y07gvrKWLZ8U=
Subject key identifier: 79:A3:94:88:86:A4:81:5F:BF:FC:07:B0:59:CC:74:6E:9C:61:99:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016283
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/04A065205AA211F0B33C04CBDAE4EC9C.roa
Signing time: Sun 06 Jul 2025 19:47:16 +0000
ROA not before: Sun 06 Jul 2025 19:47:11 +0000
ROA not after: Fri 17 Jul 2026 19:47:11 +0000
asID: 400619
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
156.241.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90755 (0x16283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 19:47:11 2025 GMT
Not After : Jul 17 19:47:11 2026 GMT
Subject: CN=686ad2c4-9afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:72:71:3f:16:c8:23:ea:dc:eb:bb:e4:4c:ba:
67:7c:f2:2f:bf:09:81:0c:cb:09:08:80:4b:e2:f0:
e4:eb:d6:09:30:8a:cc:57:0f:c7:d2:bb:98:94:64:
ef:f1:bd:fb:b2:ea:4f:d0:9e:db:96:c1:b6:2a:8d:
7b:3b:70:a6:b1:61:34:79:f0:61:3f:73:c4:a2:d1:
3e:b7:1b:b6:b1:b1:9f:ca:9d:6c:b4:52:fb:10:1f:
bd:a2:21:89:a6:9b:ba:42:8c:2c:ec:e2:4b:4a:06:
d2:05:15:d4:69:60:f7:89:7b:46:a9:82:a9:da:0d:
e6:da:46:45:8f:1b:56:f2:a2:72:52:1b:81:b6:db:
66:d0:30:62:ce:92:41:e1:36:20:42:67:82:65:f1:
63:0a:cd:5f:a8:60:b4:cb:ac:22:51:15:9f:38:3e:
50:d4:32:95:5e:a1:55:dc:33:2b:74:5c:54:15:ad:
8f:ec:01:ac:ae:29:37:96:8c:c8:ae:24:70:45:ff:
88:e1:35:9d:ac:ad:7c:f2:b5:95:7c:90:58:06:39:
16:ad:0d:47:74:ba:8a:c0:ec:73:b6:d1:f2:dc:41:
2d:e1:6b:63:d5:f1:0b:67:7f:d6:c8:2f:7e:71:a2:
2b:cb:a2:23:ba:25:a0:1d:33:e6:5f:26:be:81:f4:
84:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A3:94:88:86:A4:81:5F:BF:FC:07:B0:59:CC:74:6E:9C:61:99:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/04A065205AA211F0B33C04CBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
156.241.128.0/18
Signature Algorithm: sha256WithRSAEncryption
37:17:57:d0:f5:93:84:14:74:77:a9:f6:ce:7e:cd:30:6d:3c:
a4:85:24:58:c0:3a:61:82:59:69:0e:5c:8e:f4:06:2f:9c:8f:
5d:37:ac:24:2a:3d:bb:55:30:e5:37:dc:f0:6b:7e:54:43:6d:
01:03:70:e2:fa:c9:2f:0d:0d:b3:90:64:20:1e:b4:6c:0d:a4:
7a:44:69:71:ed:f5:94:24:7c:aa:d4:98:a6:fc:6b:72:1c:61:
e4:94:5a:ab:68:e4:e3:80:8d:46:50:07:ba:22:3e:e0:41:74:
2e:6f:fb:48:50:9a:cf:a9:02:f4:ec:e5:f5:6b:8f:8a:f0:4d:
f5:f1:b3:0d:ca:82:ca:e0:93:88:fa:d5:04:2b:63:b8:47:14:
1d:74:83:58:7c:3f:a0:b3:4d:4a:29:99:6a:3c:22:9f:e8:ab:
ef:3c:38:a6:55:76:6e:5b:de:a8:42:f9:11:ee:59:df:57:02:
10:f9:45:59:ee:c4:c9:1b:26:00:f5:14:85:48:04:da:6a:4c:
18:c1:7f:98:46:e5:97:2d:c1:91:48:09:b4:33:2e:98:e0:d9:
8f:4f:8e:c6:6b:2e:07:71:ed:3c:0c:1d:43:12:1e:ed:6f:37:
0d:47:7c:14:07:37:a7:0f:b0:ac:23:fc:7c:ae:1b:80:2b:21:
2b:25:08:76
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAWKDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTk0NzExWhcNMjYwNzE3MTk0NzExWjAYMRYw
FAYDVQQDEw02ODZhZDJjNC05YWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA43JxPxbII+rc67vkTLpnfPIvvwmBDMsJCIBL4vDk69YJMIrMVw/H0ruY
lGTv8b37supP0J7blsG2Ko17O3CmsWE0efBhP3PEotE+txu2sbGfyp1stFL7EB+9
oiGJppu6Qows7OJLSgbSBRXUaWD3iXtGqYKp2g3m2kZFjxtW8qJyUhuBtttm0DBi
zpJB4TYgQmeCZfFjCs1fqGC0y6wiURWfOD5Q1DKVXqFV3DMrdFxUFa2P7AGsrik3
lozIriRwRf+I4TWdrK188rWVfJBYBjkWrQ1HdLqKwOxzttHy3EEt4Wtj1fELZ3/W
yC9+caIry6IjuiWgHTPmXya+gfSERwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFHmj
lIiGpIFfv/wHsFnMdG6cYZnnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNEEwNjUyMDVBQTIxMUYwQjMzQzA0Q0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAOc7xgDBAGc7zQDBAac8YAw
DQYJKoZIhvcNAQELBQADggEBADcXV9D1k4QUdHep9s5+zTBtPKSFJFjAOmGCWWkO
XI70Bi+cj103rCQqPbtVMOU33PBrflRDbQEDcOL6yS8NDbOQZCAetGwNpHpEaXHt
9ZQkfKrUmKb8a3IcYeSUWqto5OOAjUZQB7oiPuBBdC5v+0hQms+pAvTs5fVrj4rw
TfXxsw3Kgsrgk4j61QQrY7hHFB10g1h8P6CzTUopmWo8Ip/oq+88OKZVdm5b3qhC
+RHuWd9XAhD5RVnuxMkbJgD1FIVIBNpqTBjBf5hG5ZctwZFICbQzLpjg2Y9PjsZr
Lgdx7TwMHUMSHu1vNw1HfBQHN6cPsKwj/HyuG4ArISslCHY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:07 2025 by rpki-client