Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EA1A90E5B4911F0B94F0596DAE4EC9C.roa
File: 2EA1A90E5B4911F0B94F0596DAE4EC9C.roa (raw, json)
Hash identifier: g784Vs6128MJFXY50cPGfiFXQ8ilKP4c03BtK3YRWRY=
Subject key identifier: BD:FE:BF:17:EB:95:A6:A7:08:8B:A7:D7:FB:39:B3:92:01:08:51:74
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016326
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EA1A90E5B4911F0B94F0596DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 15:43:53 +0000
ROA not before: Mon 07 Jul 2025 15:43:47 +0000
ROA not after: Sat 16 Aug 2025 15:43:47 +0000
asID: 61112
IP address blocks: 156.224.76.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90918 (0x16326)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 15:43:47 2025 GMT
Not After : Aug 16 15:43:47 2025 GMT
Subject: CN=686beb38-a5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:16:5d:5b:dd:45:4e:dd:6b:91:aa:89:dd:
5a:a0:b1:48:61:49:ab:7c:eb:53:e3:c7:17:e6:27:
f1:32:33:cd:96:c8:37:c4:96:34:d6:2b:45:1c:b9:
e3:81:e9:ee:6b:29:62:9d:20:7f:69:37:73:49:8b:
7d:6a:23:66:98:f7:cf:a0:64:0e:26:15:96:fc:2b:
6a:ee:c0:11:5f:f9:56:36:05:b0:8b:16:b6:c0:3b:
6a:94:7f:92:bb:d5:d4:b6:0a:01:96:5a:29:09:d8:
a3:6f:f1:fb:af:79:6a:4a:9d:f8:61:c2:2f:2a:bd:
0f:60:cc:c7:72:44:7f:d5:5e:a6:d9:6f:19:39:c4:
be:fe:ab:16:5c:89:da:c3:f9:b4:8f:e7:5f:f0:22:
44:c2:26:5c:12:84:4f:fe:16:db:42:f8:e2:51:39:
1c:39:9a:b1:69:c1:78:23:25:43:5f:09:7c:a5:8b:
01:79:9d:03:9a:bb:54:e0:19:c4:52:05:c6:d5:8d:
b3:0a:8b:b5:00:a5:ce:96:3b:82:f2:71:bf:9f:f0:
b0:51:47:e8:be:5c:f1:6f:3d:9a:f9:b8:59:5e:d2:
72:3f:d6:ac:4c:48:6f:44:12:d9:dd:dd:4e:8e:67:
fa:69:fe:00:5a:70:fe:1f:a3:74:c0:79:6c:71:f5:
92:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:FE:BF:17:EB:95:A6:A7:08:8B:A7:D7:FB:39:B3:92:01:08:51:74
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2EA1A90E5B4911F0B94F0596DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:01:d1:43:67:09:ee:8b:c3:db:d7:6d:68:94:f7:cd:bb:4b:
db:05:d8:4b:ff:6c:d2:e2:fc:67:f5:77:59:4d:2d:13:f5:33:
66:92:67:47:fb:ae:44:47:5a:8b:30:3d:3c:18:5b:ba:00:dd:
9c:16:66:d3:de:00:58:7f:26:1d:87:8e:10:65:4e:02:55:ab:
32:77:48:c9:97:60:5c:d3:e6:8a:56:19:e4:d8:ae:33:46:31:
41:7a:18:cb:b1:82:3d:a4:be:69:32:75:a1:a3:03:b5:de:c2:
fc:56:19:ee:7f:40:f4:d9:66:6e:2d:bc:c7:e7:97:1f:91:79:
60:d8:e6:83:50:ba:db:ea:1c:5b:87:78:0c:9b:26:9f:e1:a3:
4f:e5:15:f8:69:db:2b:91:dc:ea:c7:56:ae:b7:73:04:7c:f3:
0e:92:e5:17:da:87:c7:27:4b:f5:79:49:35:5c:de:be:c6:e3:
c4:79:09:94:44:07:59:c1:d8:ef:50:0d:14:ed:de:c3:3f:5a:
45:61:b2:c2:85:24:33:61:be:5d:38:00:75:19:27:0f:67:70:
9c:68:4c:6a:f6:ae:9a:2e:89:dc:ce:59:c5:e5:0f:95:d5:a1:
e8:a3:4f:fc:ff:99:6a:80:46:c7:b8:88:b7:b1:e3:8e:8c:99:
85:48:18:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWMmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MTU0MzQ3WhcNMjUwODE2MTU0MzQ3WjAYMRYw
FAYDVQQDEw02ODZiZWIzOC1hNWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArm0WXVvdRU7da5Gqid1aoLFIYUmrfOtT48cX5ifxMjPNlsg3xJY01itF
HLnjgenuaylinSB/aTdzSYt9aiNmmPfPoGQOJhWW/Ctq7sARX/lWNgWwixa2wDtq
lH+Su9XUtgoBllopCdijb/H7r3lqSp34YcIvKr0PYMzHckR/1V6m2W8ZOcS+/qsW
XInaw/m0j+df8CJEwiZcEoRP/hbbQvjiUTkcOZqxacF4IyVDXwl8pYsBeZ0DmrtU
4BnEUgXG1Y2zCou1AKXOljuC8nG/n/CwUUfovlzxbz2a+bhZXtJyP9asTEhvRBLZ
3d1Ojmf6af4AWnD+H6N0wHlscfWSwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL3+
vxfrlaanCIun1/s5s5IBCFF0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRUExQTkwRTVCNDkxMUYwQjk0RjA1OTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOBMMA0GCSqGSIb3DQEBCwUA
A4IBAQC0AdFDZwnui8Pb121olPfNu0vbBdhL/2zS4vxn9XdZTS0T9TNmkmdH+65E
R1qLMD08GFu6AN2cFmbT3gBYfyYdh44QZU4CVasyd0jJl2Bc0+aKVhnk2K4zRjFB
ehjLsYI9pL5pMnWhowO13sL8Vhnuf0D02WZuLbzH55cfkXlg2OaDULrb6hxbh3gM
myaf4aNP5RX4adsrkdzqx1aut3MEfPMOkuUX2ofHJ0v1eUk1XN6+xuPEeQmURAdZ
wdjvUA0U7d7DP1pFYbLChSQzYb5dOAB1GScPZ3CcaExq9q6aLonczlnF5Q+V1aHo
o0/8/5lqgEbHuIi3seOOjJmFSBib
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:04 2025 by rpki-client