Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37A50BAC60A011F0896CADB0DAE4EC9C.roa
File: 37A50BAC60A011F0896CADB0DAE4EC9C.roa (raw, json)
Hash identifier: +7bdMxE+3Iuy1IrV8M5WrkppKA73i5ywrITKoN/OTfU=
Subject key identifier: 45:FB:47:51:46:7D:7F:D3:06:A9:49:69:7B:F2:B8:3D:C8:82:A7:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016516
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37A50BAC60A011F0896CADB0DAE4EC9C.roa
Signing time: Mon 14 Jul 2025 10:49:30 +0000
ROA not before: Mon 14 Jul 2025 10:49:25 +0000
ROA not after: Wed 14 Jan 2026 10:49:25 +0000
asID: 328608
IP address blocks: 156.248.8.0/24 maxlen: 24
156.248.9.0/24 maxlen: 24
156.248.10.0/24 maxlen: 24
156.248.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91414 (0x16516)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 14 10:49:25 2025 GMT
Not After : Jan 14 10:49:25 2026 GMT
Subject: CN=6874e0ba-efe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ff:14:db:1b:74:47:23:95:39:ca:d7:11:23:
42:8a:80:0f:e3:fd:95:b4:5b:a2:04:d5:e9:92:6d:
d9:cb:5b:ca:8f:30:f2:9e:ab:d3:87:57:11:d4:42:
23:5f:b3:1f:0c:ef:4a:17:82:b5:99:58:f7:96:85:
a4:6f:80:5f:44:75:5a:a7:92:11:e0:d9:2a:0c:4c:
ca:15:5b:ae:91:5a:a3:2e:4c:90:9e:6a:08:f9:3c:
e9:12:6f:b7:f9:c8:85:12:19:19:44:ca:b3:4d:56:
d7:df:52:5c:2f:db:e7:83:b9:7a:74:1c:8b:21:06:
99:98:41:d4:2c:bd:fb:a6:a6:cc:87:f0:35:0a:20:
f0:b2:c4:98:21:4f:02:42:a0:f5:00:96:9b:22:97:
a1:1f:fe:07:a4:82:23:03:fa:b7:4d:d3:2d:2c:2c:
17:8f:d7:b3:ee:05:d4:7f:52:a3:5e:2a:68:fd:56:
87:aa:f4:47:2d:e0:f2:46:69:0f:ae:98:14:0d:c8:
4c:7e:b2:b5:de:b8:1f:13:82:ec:95:70:e4:b9:34:
05:5b:9c:6c:63:9b:ae:83:4b:aa:5b:6c:b2:54:be:
e3:be:7a:b7:4b:3c:3c:2f:7f:f8:58:2f:a4:3d:3f:
78:07:f2:21:0e:d1:56:68:76:40:71:68:af:7c:9c:
66:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FB:47:51:46:7D:7F:D3:06:A9:49:69:7B:F2:B8:3D:C8:82:A7:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37A50BAC60A011F0896CADB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.8.0/22
Signature Algorithm: sha256WithRSAEncryption
55:d4:c9:13:18:05:29:67:53:e5:4a:85:6d:06:fe:5e:7c:65:
2b:66:ac:d2:36:09:44:36:29:70:b4:2c:f3:12:c1:2e:91:34:
51:d9:b5:65:8b:fd:11:fc:c0:8e:19:54:d0:c4:01:84:63:04:
dc:23:e0:15:19:ed:25:a6:60:27:36:7f:33:5c:29:a0:78:3c:
26:c4:c7:a1:b7:6d:fb:91:d3:ae:79:5c:18:5c:cf:73:02:0e:
95:84:d0:9c:c1:55:5c:73:2c:88:6a:ad:2a:89:8b:87:7e:91:
e3:a7:de:60:21:d1:a0:15:68:83:e0:29:62:e1:6f:27:3b:68:
ce:e2:65:e4:dd:a0:2e:3c:82:31:64:19:bb:1d:e5:e2:5e:53:
a4:48:ef:40:8d:4d:53:7c:ae:cb:69:71:d8:02:9c:8a:24:df:
c1:90:48:1b:f2:f5:44:20:f2:9d:fb:44:e1:8c:56:02:21:13:
53:20:0f:a7:2f:d5:14:7c:b2:14:b7:7b:7f:44:13:45:1f:c4:
89:11:9f:7f:82:35:cb:4d:64:71:9c:d6:7a:bc:46:58:bf:a5:
c9:76:1a:dc:76:23:41:d4:15:a3:e6:43:10:5d:2e:37:91:c1:
6e:da:f3:55:c3:db:99:d5:b5:4b:74:4d:d1:32:62:de:0e:c9:
59:f4:a8:65
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWUWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE0MTA0OTI1WhcNMjYwMTE0MTA0OTI1WjAYMRYw
FAYDVQQDEw02ODc0ZTBiYS1lZmU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsv8U2xt0RyOVOcrXESNCioAP4/2VtFuiBNXpkm3Zy1vKjzDynqvTh1cR
1EIjX7MfDO9KF4K1mVj3loWkb4BfRHVap5IR4NkqDEzKFVuukVqjLkyQnmoI+Tzp
Em+3+ciFEhkZRMqzTVbX31JcL9vng7l6dByLIQaZmEHULL37pqbMh/A1CiDwssSY
IU8CQqD1AJabIpehH/4HpIIjA/q3TdMtLCwXj9ez7gXUf1KjXipo/VaHqvRHLeDy
RmkPrpgUDchMfrK13rgfE4LslXDkuTQFW5xsY5uug0uqW2yyVL7jvnq3Szw8L3/4
WC+kPT94B/IhDtFWaHZAcWivfJxmSwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEX7
R1FGfX/TBqlJaXvyuD3Igqd/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0E1MEJBQzYwQTAxMUYwODk2Q0FEQjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPgIMA0GCSqGSIb3DQEBCwUA
A4IBAQBV1MkTGAUpZ1PlSoVtBv5efGUrZqzSNglENilwtCzzEsEukTRR2bVli/0R
/MCOGVTQxAGEYwTcI+AVGe0lpmAnNn8zXCmgeDwmxMeht237kdOueVwYXM9zAg6V
hNCcwVVccyyIaq0qiYuHfpHjp95gIdGgFWiD4Cli4W8nO2jO4mXk3aAuPIIxZBm7
HeXiXlOkSO9AjU1TfK7LaXHYApyKJN/BkEgb8vVEIPKd+0ThjFYCIRNTIA+nL9UU
fLIUt3t/RBNFH8SJEZ9/gjXLTWRxnNZ6vEZYv6XJdhrcdiNB1BWj5kMQXS43kcFu
2vNVw9uZ1bVLdE3RMmLeDslZ9Khl
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:30:41 2025 by rpki-client