Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C065BA591D11F08EFB0CE8DAE4EC9C.roa
File: 20C065BA591D11F08EFB0CE8DAE4EC9C.roa (raw, json)
Hash identifier: nW/pV4uqgNdzVeUFxtttGRYMbZEqqvP7j9LHXmOIJY0=
Subject key identifier: 94:70:8C:0E:ED:A5:92:2B:B0:D1:76:2F:54:A5:43:1A:29:C4:14:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01614A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C065BA591D11F08EFB0CE8DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 21:23:29 +0000
ROA not before: Fri 04 Jul 2025 21:23:24 +0000
ROA not after: Fri 17 Jul 2026 21:23:24 +0000
asID: 62610
IP address blocks: 156.241.129.0/24 maxlen: 24
156.241.133.0/24 maxlen: 24
156.241.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90442 (0x1614a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 21:23:24 2025 GMT
Not After : Jul 17 21:23:24 2026 GMT
Subject: CN=68684651-0c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:da:11:74:35:c5:31:7b:c1:da:71:ff:94:5b:
a4:e3:31:03:a4:24:e4:fa:19:26:70:12:d1:af:ae:
1d:75:0e:2d:e9:12:79:75:e3:29:c3:4c:4a:51:50:
c7:69:ea:b7:18:db:77:50:85:72:c8:98:49:24:59:
09:cf:f5:8f:f0:65:9f:a6:0c:14:25:44:7f:6e:c5:
d9:29:a4:ff:21:71:0f:c9:f4:3d:ba:62:37:91:a5:
97:f2:a0:2a:8e:6e:4a:a2:6f:b1:7e:4d:9d:0b:c0:
4c:cc:91:1e:54:8f:91:89:19:31:e1:a7:a9:94:64:
f1:52:a7:df:8f:7c:77:90:27:f2:07:45:23:66:27:
86:92:34:90:44:0f:1a:f9:d4:76:e0:6e:b4:cd:64:
6e:9c:82:a2:ee:02:88:fb:ee:16:67:a1:51:37:14:
38:fd:78:52:3c:a4:f0:a9:fe:05:8f:24:71:c3:17:
90:a5:e0:22:5f:05:0f:35:e5:26:df:1e:f5:f2:bb:
19:f6:37:26:3d:af:59:aa:68:d2:03:4e:7c:80:c1:
9e:f2:6a:06:d3:48:7c:66:91:cc:09:52:db:96:5c:
8c:9d:dc:41:31:4b:39:81:e0:9b:81:9e:df:9a:77:
a4:cb:b6:dd:05:dc:17:d7:48:35:b3:46:24:39:c1:
06:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:70:8C:0E:ED:A5:92:2B:B0:D1:76:2F:54:A5:43:1A:29:C4:14:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C065BA591D11F08EFB0CE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.129.0/24
156.241.133.0/24
156.241.135.0/24
Signature Algorithm: sha256WithRSAEncryption
91:05:33:75:ab:09:4a:34:f7:9c:ee:43:d2:9a:b0:fe:f2:c6:
fd:42:ad:41:78:42:33:43:ff:bf:1e:e9:a9:63:57:cc:4f:a9:
3d:9e:69:a5:21:1e:3a:2d:0f:b4:cf:62:c7:61:e0:2e:fb:fa:
cd:e4:e4:28:18:c2:dc:cb:a6:e2:d6:65:0e:f3:4f:2a:ff:38:
ea:0c:1e:bd:4a:88:2a:26:4e:f8:96:a9:be:85:eb:de:4d:bb:
10:f8:5b:a5:5c:c4:71:c7:cf:e3:30:b5:fe:d5:10:60:3b:69:
e2:8d:e9:1f:36:70:2c:58:ac:82:86:19:df:ad:10:c5:0b:d5:
f7:87:84:a2:f0:06:41:85:aa:c9:b2:ad:86:27:99:e3:68:39:
83:4a:57:76:d2:22:19:a0:ab:ea:e1:ac:1b:e5:6e:3d:c3:7a:
4c:40:75:bf:75:dd:80:bb:e4:e7:dc:21:22:ee:21:41:3f:66:
17:56:8c:96:28:d6:b4:82:c6:a1:21:13:b5:9a:78:72:a5:ab:
c1:4a:99:58:f6:58:8a:72:11:42:ef:44:5d:88:b3:09:41:16:
15:da:0e:3a:92:e6:9f:7c:71:34:18:2e:b3:1f:14:9a:e5:c6:
1a:d6:e1:3a:fe:6c:db:eb:c5:a7:3a:a3:a0:06:93:1a:e3:a0:
15:0f:ce:e8
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWFKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MjEyMzI0WhcNMjYwNzE3MjEyMzI0WjAYMRYw
FAYDVQQDEw02ODY4NDY1MS0wYzQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq9oRdDXFMXvB2nH/lFuk4zEDpCTk+hkmcBLRr64ddQ4t6RJ5deMpw0xK
UVDHaeq3GNt3UIVyyJhJJFkJz/WP8GWfpgwUJUR/bsXZKaT/IXEPyfQ9umI3kaWX
8qAqjm5Kom+xfk2dC8BMzJEeVI+RiRkx4aeplGTxUqffj3x3kCfyB0UjZieGkjSQ
RA8a+dR24G60zWRunIKi7gKI++4WZ6FRNxQ4/XhSPKTwqf4FjyRxwxeQpeAiXwUP
NeUm3x718rsZ9jcmPa9ZqmjSA058gMGe8moG00h8ZpHMCVLbllyMndxBMUs5geCb
gZ7fmneky7bdBdwX10g1s0YkOcEGfwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFJRw
jA7tpZIrsNF2L1SlQxopxBR9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEMwNjVCQTU5MUQxMUYwOEVGQjBDRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnPGBAwQAnPGFAwQAnPGHMA0G
CSqGSIb3DQEBCwUAA4IBAQCRBTN1qwlKNPec7kPSmrD+8sb9Qq1BeEIzQ/+/Hump
Y1fMT6k9nmmlIR46LQ+0z2LHYeAu+/rN5OQoGMLcy6bi1mUO808q/zjqDB69Sogq
Jk74lqm+heveTbsQ+FulXMRxx8/jMLX+1RBgO2nijekfNnAsWKyChhnfrRDFC9X3
h4Si8AZBharJsq2GJ5njaDmDSld20iIZoKvq4awb5W49w3pMQHW/dd2Au+Tn3CEi
7iFBP2YXVoyWKNa0gsahIRO1mnhypavBSplY9liKchFC70RdiLMJQRYV2g46kuaf
fHE0GC6zHxSa5cYa1uE6/mzb68WnOqOgBpMa46AVD87o
-----END CERTIFICATE-----
Generated at Sun Jul 20 17:26:40 2025 by rpki-client