Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33CB1526623011F09E14D7DBDAE4EC9C.roa
File: 33CB1526623011F09E14D7DBDAE4EC9C.roa (raw, json)
Hash identifier: eNt8JFPTW7pyXgEDm3ybViPetBuXYWTdn9UzoKJgP8g=
Subject key identifier: 5A:E7:15:E6:60:6F:64:02:BD:E8:55:8A:32:73:82:ED:63:E3:ED:7C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01657D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33CB1526623011F09E14D7DBDAE4EC9C.roa
Signing time: Wed 16 Jul 2025 10:32:42 +0000
ROA not before: Wed 16 Jul 2025 10:32:37 +0000
ROA not after: Tue 22 Jul 2025 10:32:37 +0000
asID: 7029
IP address blocks: 156.238.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91517 (0x1657d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 16 10:32:37 2025 GMT
Not After : Jul 22 10:32:37 2025 GMT
Subject: CN=68777fca-7905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:83:b0:40:d0:b9:82:61:41:93:77:71:c3:
8b:4d:c4:c2:f3:a9:0e:bf:45:ac:4a:61:01:39:2e:
06:2a:21:80:21:f8:fd:87:fc:41:0d:ed:80:73:2b:
73:85:c5:70:4f:a0:45:5f:05:e4:8d:6d:69:78:16:
89:b2:ff:02:cc:c7:7c:21:f4:f2:14:44:35:c2:0b:
a5:0e:73:de:e6:9f:dc:ae:74:cd:3a:c6:a4:41:ba:
ed:e6:6a:53:f9:32:b4:db:41:6e:c8:a1:ae:2a:a5:
a4:b6:bc:13:4c:e0:e5:d0:75:e3:9c:7b:37:2f:9a:
b0:e4:6c:62:bb:9b:6d:3f:1a:e4:0c:df:1d:cf:44:
c6:a0:30:8c:df:5d:4d:fe:8e:6a:4e:f3:38:72:62:
86:20:66:43:fa:00:bc:d5:83:f6:56:ae:b1:e8:b5:
9a:a9:08:ab:b5:5d:83:39:9e:1e:9c:27:d9:a6:d3:
9f:00:69:0e:24:4b:f9:bd:55:42:60:58:06:51:9a:
50:39:7f:11:d9:7e:f7:9c:6d:64:05:5d:37:9f:1d:
05:3d:f2:80:57:17:0d:8a:a1:cc:c2:e0:a0:d6:34:
3e:27:d2:f8:21:ca:8c:bb:10:31:8a:61:81:1e:f8:
04:26:04:f5:60:3f:bb:65:19:55:ad:09:6c:fd:3f:
ea:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E7:15:E6:60:6F:64:02:BD:E8:55:8A:32:73:82:ED:63:E3:ED:7C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/33CB1526623011F09E14D7DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.176.0/22
Signature Algorithm: sha256WithRSAEncryption
12:92:1a:24:03:03:12:32:4b:86:5b:72:35:55:41:c5:33:a3:
79:9f:a9:ac:b2:d9:ba:5b:0d:ab:0f:58:87:a1:56:90:6b:e5:
ec:cb:fe:dd:da:76:9d:c0:0c:7a:64:c5:b3:20:ac:4d:85:b4:
a9:56:51:ca:96:59:ab:74:c3:57:3c:9e:31:e8:ed:dc:d4:9e:
8b:c4:8b:b8:c7:1e:fe:f1:de:bf:0f:60:00:8d:db:24:a8:e9:
b8:82:66:31:6e:40:64:0e:d8:35:fe:51:7d:3b:6c:a2:9a:d7:
bf:9c:dc:d8:36:72:f7:9b:64:68:52:ff:0b:2f:e9:b6:00:0e:
ca:d4:ad:73:74:0f:50:2a:55:29:d6:a9:29:f7:a6:42:0e:93:
ed:a0:0d:84:b1:67:df:77:50:b9:99:02:0c:19:60:cc:d7:88:
80:b3:5d:a7:99:3d:36:96:38:c5:d1:80:4a:d9:25:c1:5d:38:
f6:42:2c:12:c7:ab:93:c0:62:17:1b:bf:83:5d:75:61:ce:1f:
fd:8e:06:9a:9e:95:20:76:86:09:fe:c8:49:a0:d0:2d:3b:fd:
29:09:3c:c5:d1:b6:fd:30:1d:27:dc:d8:f1:9e:6c:26:82:c5:
84:86:31:b6:10:13:44:ac:ad:d1:ce:71:f3:a7:76:c0:a9:02:
f7:9d:dc:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWV9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE2MTAzMjM3WhcNMjUwNzIyMTAzMjM3WjAYMRYw
FAYDVQQDEw02ODc3N2ZjYS03OTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvv2DsEDQuYJhQZN3ccOLTcTC86kOv0WsSmEBOS4GKiGAIfj9h/xBDe2A
cytzhcVwT6BFXwXkjW1peBaJsv8CzMd8IfTyFEQ1wgulDnPe5p/crnTNOsakQbrt
5mpT+TK020FuyKGuKqWktrwTTODl0HXjnHs3L5qw5Gxiu5ttPxrkDN8dz0TGoDCM
311N/o5qTvM4cmKGIGZD+gC81YP2Vq6x6LWaqQirtV2DOZ4enCfZptOfAGkOJEv5
vVVCYFgGUZpQOX8R2X73nG1kBV03nx0FPfKAVxcNiqHMwuCg1jQ+J9L4IcqMuxAx
imGBHvgEJgT1YD+7ZRlVrQls/T/qbwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFrn
FeZgb2QCvehVijJzgu1j4+18MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zM0NCMTUyNjYyMzAxMUYwOUUxNEQ3REJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO6wMA0GCSqGSIb3DQEBCwUA
A4IBAQASkhokAwMSMkuGW3I1VUHFM6N5n6msstm6Ww2rD1iHoVaQa+Xsy/7d2nad
wAx6ZMWzIKxNhbSpVlHKllmrdMNXPJ4x6O3c1J6LxIu4xx7+8d6/D2AAjdskqOm4
gmYxbkBkDtg1/lF9O2yimte/nNzYNnL3m2RoUv8LL+m2AA7K1K1zdA9QKlUp1qkp
96ZCDpPtoA2EsWffd1C5mQIMGWDM14iAs12nmT02ljjF0YBK2SXBXTj2QiwSx6uT
wGIXG7+DXXVhzh/9jgaanpUgdoYJ/shJoNAtO/0pCTzF0bb9MB0n3NjxnmwmgsWE
hjG2EBNErK3RznHzp3bAqQL3ndwh
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:33 2025 by rpki-client