Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25620BD0622F11F093F3FCD6DAE4EC9C.roa
File: 25620BD0622F11F093F3FCD6DAE4EC9C.roa (raw, json)
Hash identifier: Rsc6pBOiF41VP1hW1dJif8xDmlSRVWqu3JzhQRxhwL4=
Subject key identifier: 31:33:F6:F4:3D:18:31:C1:8C:78:49:1F:2B:37:7C:D2:04:E2:B9:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016579
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25620BD0622F11F093F3FCD6DAE4EC9C.roa
Signing time: Wed 16 Jul 2025 10:25:08 +0000
ROA not before: Wed 16 Jul 2025 10:25:03 +0000
ROA not after: Tue 22 Jul 2025 10:25:03 +0000
asID: 3561
IP address blocks: 156.248.88.0/22 maxlen: 24
156.255.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91513 (0x16579)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 16 10:25:03 2025 GMT
Not After : Jul 22 10:25:03 2025 GMT
Subject: CN=68777e04-3140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b6:f2:84:b1:34:e2:5a:6b:85:2b:a1:30:07:
67:62:c1:9f:45:de:6c:53:fc:b4:77:7c:12:42:67:
75:a4:9f:50:d9:45:72:97:a5:2a:da:ec:d9:e6:68:
54:2b:e0:6a:b9:6c:e0:82:9f:dd:01:64:99:3c:06:
bc:1c:68:ca:a1:0b:5a:ee:40:e8:0e:86:63:8f:b0:
45:05:40:93:d1:fd:84:9c:fa:60:33:79:8b:e7:05:
e8:05:29:c4:4f:be:ec:a3:ee:45:86:62:af:bf:f3:
4f:ee:f8:29:d2:9c:51:8e:3f:23:e2:85:6d:bc:6b:
02:4c:04:0d:47:96:2a:d5:a4:07:8b:af:2c:e8:74:
3c:de:e6:42:10:8e:0f:5b:e9:6b:b1:80:d1:aa:1c:
cc:06:d0:d0:90:5f:38:6a:35:d5:33:84:a6:9c:f0:
4d:ad:e1:fc:ca:bf:d4:84:3b:5a:fd:1d:31:b6:f9:
53:44:2b:95:ea:63:c9:e6:35:ca:76:78:c0:ad:a3:
bf:1e:53:1e:d7:ba:28:d0:9a:58:63:86:22:dd:9c:
24:f8:4c:87:78:9a:13:62:7e:ee:c4:4b:42:d5:c9:
e5:24:7b:e2:aa:e4:17:f8:9c:9c:8e:9a:d8:58:9e:
9a:24:17:22:e2:74:09:7e:3b:3d:6b:8f:cf:99:0a:
48:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:33:F6:F4:3D:18:31:C1:8C:78:49:1F:2B:37:7C:D2:04:E2:B9:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/25620BD0622F11F093F3FCD6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.88.0/22
156.255.4.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:12:be:07:d7:7b:4b:1f:fb:96:5f:c1:de:e2:ea:b2:d7:79:
6d:43:67:70:fa:e2:e8:4b:90:41:12:e7:a7:d8:68:0c:2c:b5:
2e:72:d9:10:a5:a3:6d:4f:90:1d:d8:98:f5:d4:7f:7b:39:67:
16:6c:a8:eb:a5:6f:c1:b2:16:9f:cc:32:6d:a5:7d:78:d3:16:
d4:f7:3b:8f:36:be:fe:24:d1:16:dd:ed:d1:66:53:24:db:d3:
fd:75:ae:1d:59:db:f0:4e:ab:a6:af:bd:53:06:91:32:31:97:
1b:6e:66:31:d9:98:33:62:68:56:91:ae:7a:bb:7e:11:ec:eb:
c9:5b:5c:98:63:f6:2c:99:d1:b6:5b:29:ca:dc:66:e6:10:76:
95:12:26:54:4a:4a:d9:c9:ce:81:c4:ac:ac:d6:c9:76:f3:b3:
fe:d4:c5:e8:be:c1:8b:09:50:ac:4e:df:1a:8d:96:e1:6e:28:
6a:a7:8f:6e:b5:af:1d:9e:09:d9:24:80:29:70:71:44:ae:6f:
6f:ad:11:49:c1:41:68:4f:de:51:b0:f5:2d:35:a5:94:39:c4:
b4:23:af:77:f2:66:a1:03:a2:7a:8c:d6:b2:5b:95:ea:41:b3:
fb:5b:01:58:3b:2d:c0:d2:95:8f:94:a1:f9:ad:e0:54:92:e5:
5a:05:d8:ba
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWV5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE2MTAyNTAzWhcNMjUwNzIyMTAyNTAzWjAYMRYw
FAYDVQQDEw02ODc3N2UwNC0zMTQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyLbyhLE04lprhSuhMAdnYsGfRd5sU/y0d3wSQmd1pJ9Q2UVyl6Uq2uzZ
5mhUK+BquWzggp/dAWSZPAa8HGjKoQta7kDoDoZjj7BFBUCT0f2EnPpgM3mL5wXo
BSnET77so+5FhmKvv/NP7vgp0pxRjj8j4oVtvGsCTAQNR5Yq1aQHi68s6HQ83uZC
EI4PW+lrsYDRqhzMBtDQkF84ajXVM4SmnPBNreH8yr/UhDta/R0xtvlTRCuV6mPJ
5jXKdnjAraO/HlMe17oo0JpYY4Yi3Zwk+EyHeJoTYn7uxEtC1cnlJHviquQX+Jyc
jprYWJ6aJBci4nQJfjs9a4/PmQpIawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDEz
9vQ9GDHBjHhJHys3fNIE4rmaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNTYyMEJEMDYyMkYxMUYwOTNGM0ZDRDZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnPhYAwQCnP8EMA0GCSqGSIb3
DQEBCwUAA4IBAQCyEr4H13tLH/uWX8He4uqy13ltQ2dw+uLoS5BBEuen2GgMLLUu
ctkQpaNtT5Ad2Jj11H97OWcWbKjrpW/BshafzDJtpX140xbU9zuPNr7+JNEW3e3R
ZlMk29P9da4dWdvwTqumr71TBpEyMZcbbmYx2ZgzYmhWka56u34R7OvJW1yYY/Ys
mdG2WynK3GbmEHaVEiZUSkrZyc6BxKys1sl287P+1MXovsGLCVCsTt8ajZbhbihq
p49uta8dngnZJIApcHFErm9vrRFJwUFoT95RsPUtNaWUOcS0I6938mahA6J6jNay
W5XqQbP7WwFYOy3A0pWPlKH5reBUkuVaBdi6
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:33:11 2025 by rpki-client