Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53C907045CA711F0B5041485DAE4EC9C.roa
File: 53C907045CA711F0B5041485DAE4EC9C.roa (raw, json)
Hash identifier: bpNeZNhbAhKqBWgUz5wQnUM0Wx9EtOMpjdzbvvV6SpA=
Subject key identifier: FD:C2:0E:7A:66:5E:20:04:CD:29:A8:CF:BC:BF:A4:9B:06:D3:F8:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01638D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53C907045CA711F0B5041485DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 09:30:19 +0000
ROA not before: Wed 09 Jul 2025 09:30:14 +0000
ROA not after: Thu 14 Aug 2025 09:30:14 +0000
asID: 269070
IP address blocks: 156.249.64.0/24 maxlen: 24
156.249.65.0/24 maxlen: 24
156.249.66.0/24 maxlen: 24
156.249.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91021 (0x1638d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 09:30:14 2025 GMT
Not After : Aug 14 09:30:14 2025 GMT
Subject: CN=686e36ab-a70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8d:9d:ac:a5:93:da:d4:e4:62:fd:60:de:4d:
f3:e7:4b:57:9d:45:5b:62:3a:a3:01:db:01:2a:6a:
47:7c:4d:b1:88:89:62:01:42:28:c9:7a:02:fb:ef:
5d:ec:a1:20:1b:b4:37:ad:06:42:74:cf:e7:b6:16:
0b:79:61:0e:fc:a2:fe:e4:53:a4:49:46:0f:71:e0:
cf:e9:9d:91:66:a9:ae:49:24:b3:5d:70:76:2e:76:
81:e9:8f:18:50:f5:77:8f:46:5a:52:6d:23:1d:f9:
70:12:51:27:83:d7:8f:6c:6e:8d:3f:ba:73:12:96:
17:83:58:c5:5a:ae:fb:3c:2a:23:37:ca:19:79:27:
f0:de:9e:7b:b5:d6:3b:7d:88:47:ea:8e:e5:ef:90:
00:07:dd:45:4f:ef:c8:55:dd:ec:0b:73:be:79:eb:
cc:c3:a9:8b:fe:88:14:53:a0:12:fa:45:29:3b:13:
34:fa:f1:b6:07:79:82:e0:ed:ae:15:c5:3c:d0:a1:
81:02:ba:05:24:f9:fa:c8:f0:a3:b2:42:9b:97:b2:
d9:f4:c0:95:54:26:9e:e1:c9:f5:65:d2:37:78:d7:
41:ee:d6:ae:b3:8c:95:9a:35:6d:15:ab:d9:40:bc:
1f:2b:40:e6:64:40:54:21:f5:23:21:cd:31:e6:61:
e0:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:C2:0E:7A:66:5E:20:04:CD:29:A8:CF:BC:BF:A4:9B:06:D3:F8:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53C907045CA711F0B5041485DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.64.0/22
Signature Algorithm: sha256WithRSAEncryption
01:86:d7:77:fb:8e:23:3b:ca:82:3e:38:3f:1c:e3:4c:fd:4b:
e5:d3:52:c2:70:7f:ce:52:44:cd:e5:52:97:77:40:d3:be:83:
9f:61:df:27:af:72:85:67:e3:db:52:04:14:8b:06:bf:70:4a:
2f:39:58:91:42:84:62:a2:9f:59:a8:54:04:a8:74:d0:7c:13:
a2:f8:5a:40:5d:d5:9f:6c:af:c2:21:f1:20:94:4a:56:8c:af:
71:19:0f:d3:60:78:13:5d:2a:87:23:ce:68:88:58:1d:5e:1a:
1f:5d:d8:75:80:21:16:91:fa:c5:75:f9:b0:20:0f:51:cb:ca:
01:b8:dc:dc:e6:4f:3b:c8:db:b9:3b:71:9b:4b:a5:7e:81:b5:
aa:2d:9e:d4:18:ce:71:32:69:54:d7:17:79:1f:f4:47:ba:da:
33:93:ac:61:64:e8:8f:43:82:bb:4f:98:32:78:fc:64:c4:6b:
b1:48:a0:1c:6d:2e:1f:b6:83:e8:67:3e:7e:19:c0:0c:fa:bf:
19:fe:3d:fd:fb:aa:01:72:45:0c:0e:72:ce:59:bb:8b:c4:9f:
9c:26:43:3c:b2:96:96:93:18:1f:29:67:11:71:77:04:73:0b:
ed:6a:2a:d8:70:74:dd:83:23:88:1b:7c:48:75:e2:59:1c:e8:
9b:e8:62:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWONMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MDkzMDE0WhcNMjUwODE0MDkzMDE0WjAYMRYw
FAYDVQQDEw02ODZlMzZhYi1hNzBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqI2drKWT2tTkYv1g3k3z50tXnUVbYjqjAdsBKmpHfE2xiIliAUIoyXoC
++9d7KEgG7Q3rQZCdM/nthYLeWEO/KL+5FOkSUYPceDP6Z2RZqmuSSSzXXB2LnaB
6Y8YUPV3j0ZaUm0jHflwElEng9ePbG6NP7pzEpYXg1jFWq77PCojN8oZeSfw3p57
tdY7fYhH6o7l75AAB91FT+/IVd3sC3O+eevMw6mL/ogUU6AS+kUpOxM0+vG2B3mC
4O2uFcU80KGBAroFJPn6yPCjskKbl7LZ9MCVVCae4cn1ZdI3eNdB7taus4yVmjVt
FavZQLwfK0DmZEBUIfUjIc0x5mHgdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFP3C
DnpmXiAEzSmoz7y/pJsG0/iQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81M0M5MDcwNDVDQTcxMUYwQjUwNDE0ODVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPlAMA0GCSqGSIb3DQEBCwUA
A4IBAQABhtd3+44jO8qCPjg/HONM/Uvl01LCcH/OUkTN5VKXd0DTvoOfYd8nr3KF
Z+PbUgQUiwa/cEovOViRQoRiop9ZqFQEqHTQfBOi+FpAXdWfbK/CIfEglEpWjK9x
GQ/TYHgTXSqHI85oiFgdXhofXdh1gCEWkfrFdfmwIA9Ry8oBuNzc5k87yNu5O3Gb
S6V+gbWqLZ7UGM5xMmlU1xd5H/RHutozk6xhZOiPQ4K7T5gyePxkxGuxSKAcbS4f
toPoZz5+GcAM+r8Z/j39+6oBckUMDnLOWbuLxJ+cJkM8spaWkxgfKWcRcXcEcwvt
airYcHTdgyOIG3xIdeJZHOib6GKK
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:44:36 2025 by rpki-client