Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/566594C05B5611F0A0E19FE6DAE4EC9C.roa
File: 566594C05B5611F0A0E19FE6DAE4EC9C.roa (raw, json)
Hash identifier: gUi/ZYeiWz5bXSzDJdF4Zzgiy+9+UIE+LuuLdwQTQ3o=
Subject key identifier: 67:FA:35:66:FC:53:4C:D4:F3:64:08:CF:20:02:4D:02:0F:9B:80:7A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016338
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/566594C05B5611F0A0E19FE6DAE4EC9C.roa
Signing time: Mon 07 Jul 2025 17:18:03 +0000
ROA not before: Mon 07 Jul 2025 17:17:58 +0000
ROA not after: Sun 24 Aug 2025 17:17:58 +0000
asID: 395886
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90936 (0x16338)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 17:17:58 2025 GMT
Not After : Aug 24 17:17:58 2025 GMT
Subject: CN=686c014b-e554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0f:b2:32:b9:93:08:f8:59:b8:a7:7e:59:d8:
83:01:04:ee:70:58:40:39:37:2b:3f:95:27:72:06:
bf:57:e3:97:ab:2c:5b:b1:66:69:01:fa:41:98:e2:
6e:3b:e3:69:53:59:01:14:12:fa:ef:34:5f:d8:a0:
5c:9a:0d:bb:5c:b2:6d:c0:fe:79:6e:97:61:dd:63:
f8:5d:aa:e0:33:d6:e4:5e:75:46:b7:70:65:59:a2:
e1:fe:d3:5b:8e:96:28:3e:c4:ac:27:81:95:1d:33:
6c:5b:1f:fa:bd:98:17:42:bd:7b:33:63:7a:30:0b:
73:ae:84:1a:b7:08:1d:9a:bb:d0:bd:0f:8c:12:00:
75:9e:36:11:dd:b7:c5:ad:3e:5a:70:91:3c:0e:85:
cd:79:64:03:91:c1:04:d5:0c:dc:0e:12:cd:f1:ea:
6f:c9:e5:62:3b:02:4b:a8:ea:e5:0a:14:2d:06:6c:
f6:d3:e6:cf:63:30:40:f1:c0:9e:45:03:03:8a:1b:
29:a4:62:74:76:fc:d2:b2:08:ca:60:2a:24:31:e4:
cc:59:de:a9:aa:8b:94:24:50:68:60:50:f2:9c:54:
4d:da:ec:43:a3:51:8e:bc:1c:2b:9b:df:8f:20:e2:
b8:72:bf:e1:bd:1c:37:ba:c7:8c:5b:00:7a:a4:9c:
4b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FA:35:66:FC:53:4C:D4:F3:64:08:CF:20:02:4D:02:0F:9B:80:7A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/566594C05B5611F0A0E19FE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
bb:14:7c:87:65:ca:03:f4:d7:23:2c:bc:42:01:da:01:33:3b:
a8:a8:0a:a6:ec:62:1b:ff:89:55:c2:0d:a3:a8:76:57:a0:88:
10:47:32:3a:17:ce:51:38:8f:0c:7c:73:2f:68:8c:3a:80:8a:
04:14:0b:78:20:75:dd:0b:83:ed:76:d8:8f:8b:4d:13:36:e5:
b1:70:fb:db:f7:d4:5d:da:41:c7:f9:d6:95:b2:09:93:6b:61:
6b:c3:df:81:0b:65:08:25:3b:47:e4:0f:92:bd:9a:5e:53:4e:
b5:b1:d9:cb:2a:dc:78:06:e1:23:21:2f:16:28:8d:95:23:db:
b2:61:be:72:9f:e4:1a:dc:1b:7b:e3:bc:2b:c0:bc:20:fc:f8:
71:38:30:fd:11:22:c0:22:1b:99:86:9e:e5:9d:71:20:09:6f:
8c:2f:f5:8c:de:a2:21:0e:19:a7:e0:72:a1:1b:b5:0f:6d:91:
1a:b8:f3:99:c4:41:53:3b:66:f8:0c:4f:1f:d9:d2:34:a4:55:
ef:21:00:1c:4a:2b:a5:1a:a7:8c:cb:6f:72:53:ea:f3:48:b4:
03:a2:21:d3:14:4e:23:fa:10:fb:78:e0:1b:5c:94:26:1d:09:
e8:2a:bb:95:f0:b9:6b:78:c3:8c:a7:08:fb:45:04:8f:88:1c:
02:16:61:6f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWM4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MTcxNzU4WhcNMjUwODI0MTcxNzU4WjAYMRYw
FAYDVQQDEw02ODZjMDE0Yi1lNTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqA+yMrmTCPhZuKd+WdiDAQTucFhAOTcrP5Uncga/V+OXqyxbsWZpAfpB
mOJuO+NpU1kBFBL67zRf2KBcmg27XLJtwP55bpdh3WP4XargM9bkXnVGt3BlWaLh
/tNbjpYoPsSsJ4GVHTNsWx/6vZgXQr17M2N6MAtzroQatwgdmrvQvQ+MEgB1njYR
3bfFrT5acJE8DoXNeWQDkcEE1QzcDhLN8epvyeViOwJLqOrlChQtBmz20+bPYzBA
8cCeRQMDihsppGJ0dvzSsgjKYCokMeTMWd6pqouUJFBoYFDynFRN2uxDo1GOvBwr
m9+PIOK4cr/hvRw3useMWwB6pJxLmQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGf6
NWb8U0zU82QIzyACTQIPm4B6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NjY1OTRDMDVCNTYxMUYwQTBFMTlGRTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBALsUfIdlygP01yMsvEIB2gEzO6ioCqbsYhv/iVXCDaOodleg
iBBHMjoXzlE4jwx8cy9ojDqAigQUC3ggdd0Lg+122I+LTRM25bFw+9v31F3aQcf5
1pWyCZNrYWvD34ELZQglO0fkD5K9ml5TTrWx2csq3HgG4SMhLxYojZUj27JhvnKf
5BrcG3vjvCvAvCD8+HE4MP0RIsAiG5mGnuWdcSAJb4wv9YzeoiEOGafgcqEbtQ9t
kRq485nEQVM7ZvgMTx/Z0jSkVe8hABxKK6Uap4zLb3JT6vNItAOiIdMUTiP6EPt4
4BtclCYdCegqu5XwuWt4w4ynCPtFBI+IHAIWYW8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:21 2025 by rpki-client