Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B95022A574611F0A7E07CF3DAE4EC9C.roa
File: 3B95022A574611F0A7E07CF3DAE4EC9C.roa (raw, json)
Hash identifier: GMCJJ/4JVT8lUiugTOjcaAub8t6ohF9NavFWwArkjG8=
Subject key identifier: 9D:AD:39:4F:63:1A:7E:7F:74:9C:0D:D7:36:E9:26:68:54:CF:D4:8A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01601C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B95022A574611F0A7E07CF3DAE4EC9C.roa
Signing time: Wed 02 Jul 2025 13:12:41 +0000
ROA not before: Wed 02 Jul 2025 13:12:36 +0000
ROA not after: Sun 24 Aug 2025 13:12:36 +0000
asID: 400619
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90140 (0x1601c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 2 13:12:36 2025 GMT
Not After : Aug 24 13:12:36 2025 GMT
Subject: CN=68653049-347e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4d:0d:4f:c3:ac:71:68:eb:d9:5f:fb:8c:6c:
4e:e2:c7:4e:53:d1:55:ec:7b:51:8b:94:08:99:a0:
a1:29:fc:bd:aa:ba:88:82:62:ad:64:83:97:41:70:
58:a2:e6:69:6f:18:16:c3:cb:33:70:99:ae:9f:7f:
db:9c:1e:2d:70:d2:c2:f2:3f:17:65:48:f7:b5:d1:
dd:6a:bb:3c:b6:9e:cb:11:77:17:b8:57:2a:5d:d7:
21:04:0b:06:00:df:fd:86:14:63:17:a5:1c:bd:b7:
27:da:dd:94:dc:3b:ee:f6:70:b2:19:0f:8b:92:b9:
21:74:a0:47:2b:75:a9:ad:78:f4:40:61:c0:49:f2:
ad:ed:31:f3:6b:01:3c:b4:32:b6:c1:00:df:a6:73:
18:71:f8:bc:0f:f9:84:33:bb:53:44:86:c5:79:18:
e8:41:7b:50:b7:3f:52:50:68:e7:4c:b3:45:d6:09:
12:8e:31:36:0b:b9:1b:6b:21:b0:df:ef:38:bb:0d:
3e:55:1d:3e:02:5b:a6:b0:be:ea:13:5b:5c:97:72:
5a:7c:3b:98:c4:15:93:2f:e8:f5:41:50:23:a9:c5:
94:d1:c7:64:58:ff:33:af:45:ab:5b:d4:b8:8e:32:
da:a9:0a:0c:63:6c:ff:de:6f:5f:55:69:96:24:83:
0c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AD:39:4F:63:1A:7E:7F:74:9C:0D:D7:36:E9:26:68:54:CF:D4:8A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3B95022A574611F0A7E07CF3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
62:ae:54:d6:c0:54:b7:56:d7:78:86:52:a5:20:18:33:00:4b:
53:2a:5e:f0:4c:0a:18:77:26:e9:af:b0:17:54:1d:34:e7:d6:
e9:85:47:4f:be:c7:55:a3:e1:0c:a7:d5:10:a7:4d:23:59:e5:
94:99:bc:34:e1:b5:18:71:d0:f6:0d:d8:96:d1:83:69:dc:4b:
88:12:3b:08:e4:36:13:4e:30:62:89:9a:ce:47:1b:bc:3f:e9:
f5:d8:ce:ed:e4:0f:b8:14:75:e9:9f:23:9f:70:29:28:b0:6f:
c8:5f:07:d0:71:06:f7:f6:ff:c8:e7:1b:52:ea:d2:09:f9:b5:
f2:50:e0:c9:31:e3:ae:f3:db:5f:8b:83:93:2a:08:b5:08:7e:
ec:a8:a7:ba:2b:5c:28:6e:12:7b:10:17:e6:11:47:cc:51:26:
e8:e5:9f:b2:f7:30:ac:c2:29:d1:ef:c6:2b:1d:25:7b:3e:c9:
33:ca:be:2d:43:c3:38:43:f9:95:2d:4a:8b:2b:4f:de:07:4a:
a7:31:12:36:52:e0:70:f9:07:ea:05:fa:a1:98:6c:0b:57:d4:
9a:d9:9e:5c:05:b3:70:55:9b:08:0b:07:33:51:16:a8:e3:d2:
e2:7c:23:6e:98:8f:04:8e:76:84:dd:0e:7f:6d:80:69:67:f4:
bc:c2:a0:ac
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWAcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAyMTMxMjM2WhcNMjUwODI0MTMxMjM2WjAYMRYw
FAYDVQQDEw02ODY1MzA0OS0zNDdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy00NT8OscWjr2V/7jGxO4sdOU9FV7HtRi5QImaChKfy9qrqIgmKtZIOX
QXBYouZpbxgWw8szcJmun3/bnB4tcNLC8j8XZUj3tdHdars8tp7LEXcXuFcqXdch
BAsGAN/9hhRjF6Ucvbcn2t2U3Dvu9nCyGQ+LkrkhdKBHK3WprXj0QGHASfKt7THz
awE8tDK2wQDfpnMYcfi8D/mEM7tTRIbFeRjoQXtQtz9SUGjnTLNF1gkSjjE2C7kb
ayGw3+84uw0+VR0+AlumsL7qE1tcl3JafDuYxBWTL+j1QVAjqcWU0cdkWP8zr0Wr
W9S4jjLaqQoMY2z/3m9fVWmWJIMM2wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJ2t
OU9jGn5/dJwN1zbpJmhUz9SKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQjk1MDIyQTU3NDYxMUYwQTdFMDdDRjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBAGKuVNbAVLdW13iGUqUgGDMAS1MqXvBMChh3JumvsBdUHTTn
1umFR0++x1Wj4Qyn1RCnTSNZ5ZSZvDThtRhx0PYN2JbRg2ncS4gSOwjkNhNOMGKJ
ms5HG7w/6fXYzu3kD7gUdemfI59wKSiwb8hfB9BxBvf2/8jnG1Lq0gn5tfJQ4Mkx
467z21+Lg5MqCLUIfuyop7orXChuEnsQF+YRR8xRJujln7L3MKzCKdHvxisdJXs+
yTPKvi1DwzhD+ZUtSosrT94HSqcxEjZS4HD5B+oF+qGYbAtX1JrZnlwFs3BVmwgL
BzNRFqjj0uJ8I26YjwSOdoTdDn9tgGln9LzCoKw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:35:32 2025 by rpki-client