Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BCFA1F8575311F09BD463C4DAE4EC9C.roa
File: 2BCFA1F8575311F09BD463C4DAE4EC9C.roa (raw, json)
Hash identifier: i79wXTA7BFvv6ajwE2gd38PvZ+zsHjqkBHmhg45krU0=
Subject key identifier: 67:CC:C2:34:4D:83:39:65:B8:D4:54:E2:16:54:43:D2:2C:1A:07:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01602A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BCFA1F8575311F09BD463C4DAE4EC9C.roa
Signing time: Wed 02 Jul 2025 14:45:18 +0000
ROA not before: Wed 02 Jul 2025 14:45:13 +0000
ROA not after: Sat 30 Aug 2025 14:45:13 +0000
asID: 398443
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90154 (0x1602a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 2 14:45:13 2025 GMT
Not After : Aug 30 14:45:13 2025 GMT
Subject: CN=686545fe-3ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f9:8b:d8:be:41:bc:8e:ed:f2:7a:e6:77:a9:
d3:aa:9a:72:f2:eb:9d:ea:33:be:73:94:a7:df:f9:
e7:c3:68:20:67:09:8b:27:bf:e6:a5:92:db:98:3e:
b7:82:59:0b:a2:d7:02:56:69:3c:11:81:2a:7b:4b:
94:43:f4:6b:ea:1a:a0:ea:53:06:7e:79:2a:94:a9:
b0:43:80:ca:f4:04:0c:d6:a1:66:ca:d7:28:67:9b:
ea:5c:d5:4e:69:d5:f4:80:c1:d3:05:94:75:e2:8d:
1d:7f:fb:84:3c:a3:90:49:58:a5:b3:51:28:dc:2f:
d1:c0:30:9f:b1:df:80:ca:9c:4b:da:ec:d8:74:66:
02:a6:03:db:36:79:23:37:79:8a:55:27:62:29:93:
e6:dc:1e:3f:3b:f2:c2:07:c4:ea:bc:ea:61:75:8f:
d8:a0:86:c9:07:13:02:16:5e:0a:44:fd:13:d0:d4:
c0:b8:f1:c7:bd:64:06:e5:c1:37:48:e3:a5:4b:04:
e6:d8:28:91:4a:2c:f3:7f:97:05:9a:57:50:64:1c:
04:4c:4a:26:6d:6b:e9:95:82:ac:c1:f5:e6:72:4a:
2c:fe:81:18:77:db:98:e0:ae:b6:61:4c:6b:10:b2:
ff:a7:8b:de:50:34:ca:80:1f:bb:d3:6d:22:94:49:
46:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CC:C2:34:4D:83:39:65:B8:D4:54:E2:16:54:43:D2:2C:1A:07:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BCFA1F8575311F09BD463C4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
Signature Algorithm: sha256WithRSAEncryption
04:97:12:64:d2:fb:b1:a1:a1:8e:7e:76:d7:b5:37:f1:c6:3b:
f2:99:27:0d:00:50:54:31:bd:78:b0:b2:b9:77:4a:52:49:97:
4b:08:3b:f5:c2:26:1c:dd:01:cc:ad:c2:ac:c9:c9:db:ba:e0:
1b:0a:01:40:cb:4f:7c:45:12:97:02:50:3b:76:f1:fc:f3:2e:
5a:e0:58:42:53:96:46:93:5d:bf:01:dd:59:85:9b:33:c7:2f:
92:7c:c4:17:e1:fb:f9:a4:2d:11:eb:d0:83:fc:5a:31:a8:b7:
c7:bb:fe:ff:5b:8d:7e:02:f0:a4:2b:a9:f1:7c:23:d8:17:83:
95:72:45:6b:c8:17:81:48:46:93:09:c0:70:6b:6a:e8:cb:d8:
ef:f9:4a:8a:5f:b8:7e:6f:33:d7:c3:88:58:8e:f9:0d:8c:7f:
45:4b:db:70:8e:ad:62:d9:ef:24:1e:08:e7:ea:b9:e8:0c:15:
64:86:3d:b3:ce:fc:d1:70:ee:50:b1:3d:86:27:6e:9b:57:78:
19:c1:a5:9c:44:b3:db:de:9a:84:60:ee:f4:32:4a:9a:d9:cc:
20:35:7c:51:22:76:c6:49:7e:b6:89:d5:f4:1a:38:82:2b:a4:
5d:bc:41:60:da:80:8a:df:93:e3:0d:19:5c:83:ea:01:87:f5:
08:ca:c4:81
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWAqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAyMTQ0NTEzWhcNMjUwODMwMTQ0NTEzWjAYMRYw
FAYDVQQDEw02ODY1NDVmZS0zYWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvvmL2L5BvI7t8nrmd6nTqppy8uud6jO+c5Sn3/nnw2ggZwmLJ7/mpZLb
mD63glkLotcCVmk8EYEqe0uUQ/Rr6hqg6lMGfnkqlKmwQ4DK9AQM1qFmytcoZ5vq
XNVOadX0gMHTBZR14o0df/uEPKOQSVils1Eo3C/RwDCfsd+AypxL2uzYdGYCpgPb
NnkjN3mKVSdiKZPm3B4/O/LCB8TqvOphdY/YoIbJBxMCFl4KRP0T0NTAuPHHvWQG
5cE3SOOlSwTm2CiRSizzf5cFmldQZBwETEombWvplYKswfXmckos/oEYd9uY4K62
YUxrELL/p4veUDTKgB+7020ilElGqQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGfM
wjRNgzlluNRU4hZUQ9IsGgePMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkNGQTFGODU3NTMxMUYwOUJENDYzQzREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc5bADBAWc5cAwDQYJKoZI
hvcNAQELBQADggEBAASXEmTS+7GhoY5+dte1N/HGO/KZJw0AUFQxvXiwsrl3SlJJ
l0sIO/XCJhzdAcytwqzJydu64BsKAUDLT3xFEpcCUDt28fzzLlrgWEJTlkaTXb8B
3VmFmzPHL5J8xBfh+/mkLRHr0IP8WjGot8e7/v9bjX4C8KQrqfF8I9gXg5VyRWvI
F4FIRpMJwHBraujL2O/5SopfuH5vM9fDiFiO+Q2Mf0VL23COrWLZ7yQeCOfquegM
FWSGPbPO/NFw7lCxPYYnbptXeBnBpZxEs9vemoRg7vQySprZzCA1fFEidsZJfraJ
1fQaOIIrpF28QWDagIrfk+MNGVyD6gGH9QjKxIE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:31:47 2025 by rpki-client