Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35D26A585AB111F0A9DABAADDAE4EC9C.roa
File: 35D26A585AB111F0A9DABAADDAE4EC9C.roa (raw, json)
Hash identifier: s4UywVpftQQ65UIfArLkRJGuvOATWUWBngUQ3qKrQ3A=
Subject key identifier: C5:9E:3E:F7:B6:95:4C:0F:14:B2:AE:32:3D:15:99:E0:6B:B1:C2:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016291
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35D26A585AB111F0A9DABAADDAE4EC9C.roa
Signing time: Sun 06 Jul 2025 21:36:01 +0000
ROA not before: Sun 06 Jul 2025 21:35:56 +0000
ROA not after: Sat 30 Aug 2025 21:35:56 +0000
asID: 398443
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90769 (0x16291)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 21:35:56 2025 GMT
Not After : Aug 30 21:35:56 2025 GMT
Subject: CN=686aec41-924b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:80:32:97:10:7b:f9:1e:42:60:ce:ed:da:d9:
34:3e:84:76:a3:2e:50:4c:7b:ae:19:6b:c7:a9:cd:
ec:32:42:0f:50:68:1c:43:95:54:31:56:0a:25:2a:
7a:b7:17:67:b4:da:d7:3a:8f:6e:b3:12:3d:a3:85:
c7:99:34:c0:f1:39:ab:46:74:ae:65:d0:1e:70:87:
89:53:18:fe:79:5b:73:92:2d:73:69:9c:bc:f8:06:
bd:02:6e:cc:d7:dc:9a:84:07:f7:8c:a8:07:db:28:
11:75:af:43:64:76:cc:0c:32:0a:84:a3:b2:92:d5:
06:1b:ef:01:01:e8:d8:21:b3:e2:00:4f:ed:01:42:
20:ae:c6:a1:d3:05:60:b2:d5:08:68:7c:85:20:50:
35:0a:f5:5c:6b:12:70:84:97:04:0f:7c:fb:b7:fb:
07:b4:45:e1:bb:25:69:e4:db:57:6f:35:40:c3:67:
91:28:de:61:95:f7:2f:aa:31:86:89:33:07:8f:cd:
f3:b4:85:12:f1:d9:5a:35:f2:8d:63:cb:90:45:e8:
93:01:7e:27:08:9c:2e:47:1d:80:74:65:15:f7:80:
fd:4a:a1:56:38:78:e2:53:13:9a:13:01:f3:60:ac:
41:2b:10:67:11:a0:13:ae:c3:e9:cd:cb:8c:bd:13:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9E:3E:F7:B6:95:4C:0F:14:B2:AE:32:3D:15:99:E0:6B:B1:C2:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/35D26A585AB111F0A9DABAADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
Signature Algorithm: sha256WithRSAEncryption
72:72:8b:78:de:e0:2b:2a:6a:8c:9b:b8:5b:88:34:1a:09:2c:
fb:52:54:e8:1e:9d:83:47:b9:a0:c8:9d:88:4d:24:f1:e4:fc:
2e:3d:4a:2b:00:59:0d:8e:4e:20:ee:95:b9:c8:68:1c:d3:e8:
e9:10:39:8d:72:b4:dd:68:73:61:87:f6:46:7c:a0:96:3c:ed:
40:d3:57:a8:32:55:43:4f:f5:8e:e1:61:56:59:a2:77:72:64:
96:a0:dd:c6:b1:ae:b9:37:8f:96:26:19:d1:63:4b:f4:7c:71:
0b:64:e8:33:3b:3c:2e:8a:25:bb:d2:c7:68:18:22:fc:97:89:
f7:8c:c4:dd:59:02:ce:72:e9:f8:1d:a5:7b:60:f6:25:e1:7d:
61:fb:56:7b:4a:41:e4:97:2a:60:7d:02:5f:b7:cf:e5:de:c0:
78:f4:2c:46:1f:2e:80:90:12:67:fe:1d:f6:cb:cd:55:6d:04:
24:c9:54:f4:8e:88:b4:5f:d5:63:aa:bd:d1:43:ca:ab:a1:09:
43:7f:93:02:6d:48:2d:fb:cb:4c:91:7c:72:8c:a4:30:83:a6:
ca:34:83:3e:0e:7e:28:e7:2b:f7:2f:5e:a9:7c:15:d0:38:b6:
0b:31:3b:ca:49:48:a6:fc:61:dc:38:e1:33:70:75:7f:4c:a4:
f9:46:bc:69
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWKRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MjEzNTU2WhcNMjUwODMwMjEzNTU2WjAYMRYw
FAYDVQQDEw02ODZhZWM0MS05MjRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2IAylxB7+R5CYM7t2tk0PoR2oy5QTHuuGWvHqc3sMkIPUGgcQ5VUMVYK
JSp6txdntNrXOo9usxI9o4XHmTTA8TmrRnSuZdAecIeJUxj+eVtzki1zaZy8+Aa9
Am7M19yahAf3jKgH2ygRda9DZHbMDDIKhKOyktUGG+8BAejYIbPiAE/tAUIgrsah
0wVgstUIaHyFIFA1CvVcaxJwhJcED3z7t/sHtEXhuyVp5NtXbzVAw2eRKN5hlfcv
qjGGiTMHj83ztIUS8dlaNfKNY8uQReiTAX4nCJwuRx2AdGUV94D9SqFWOHjiUxOa
EwHzYKxBKxBnEaATrsPpzcuMvRMkdQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMWe
Pve2lUwPFLKuMj0VmeBrscIqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNUQyNkE1ODVBQjExMUYwQTlEQUJBQUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc5bADBAWc5cAwDQYJKoZI
hvcNAQELBQADggEBAHJyi3je4CsqaoybuFuINBoJLPtSVOgenYNHuaDInYhNJPHk
/C49SisAWQ2OTiDulbnIaBzT6OkQOY1ytN1oc2GH9kZ8oJY87UDTV6gyVUNP9Y7h
YVZZondyZJag3caxrrk3j5YmGdFjS/R8cQtk6DM7PC6KJbvSx2gYIvyXifeMxN1Z
As5y6fgdpXtg9iXhfWH7VntKQeSXKmB9Al+3z+XewHj0LEYfLoCQEmf+HfbLzVVt
BCTJVPSOiLRf1WOqvdFDyquhCUN/kwJtSC37y0yRfHKMpDCDpso0gz4OfijnK/cv
Xql8FdA4tgsxO8pJSKb8Ydw44TNwdX9MpPlGvGk=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:31:14 2025 by rpki-client