Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AC8F8C45B6811F0A862E1DADAE4EC9C.roa
File: 5AC8F8C45B6811F0A862E1DADAE4EC9C.roa (raw, json)
Hash identifier: qnQ/lj2yzOjzDBhwDwX6hL5lOAiJCrz/TArDwVBf3KE=
Subject key identifier: AC:FC:E2:B9:29:F2:4D:B7:B3:60:9C:3F:7F:54:34:8E:26:90:99:7E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016348
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AC8F8C45B6811F0A862E1DADAE4EC9C.roa
Signing time: Mon 07 Jul 2025 19:27:01 +0000
ROA not before: Mon 07 Jul 2025 19:26:56 +0000
ROA not after: Sat 30 Aug 2025 19:26:56 +0000
asID: 398443
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90952 (0x16348)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 7 19:26:56 2025 GMT
Not After : Aug 30 19:26:56 2025 GMT
Subject: CN=686c1f85-296c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:d5:34:ac:02:3e:be:69:f8:6b:9b:ea:63:c7:
5e:79:38:4d:89:43:1c:95:9e:f7:50:e4:bc:41:0f:
1d:24:84:20:b2:ac:a9:7b:48:a1:53:0e:8d:51:19:
f0:14:50:51:ed:44:ad:17:f1:f0:ba:d6:ab:d5:bf:
c5:e5:0d:45:69:63:7f:c0:ab:c6:59:4d:78:73:b9:
ae:52:62:8a:c0:f4:cc:e6:47:66:33:82:af:12:93:
d7:1d:bf:77:6d:67:92:88:e6:0a:2a:96:01:e9:77:
05:07:5c:d3:b0:51:b5:cc:c9:27:50:db:6a:d5:0c:
f9:d2:d6:be:90:91:aa:50:36:30:10:3f:5f:79:b2:
21:2b:ca:42:08:62:c0:40:9b:e6:cc:d6:fe:f2:18:
e4:5b:62:8c:9c:a2:ca:62:cf:c0:31:7c:98:4f:c4:
dc:78:38:34:62:9e:c2:a9:25:85:fa:0d:c1:c9:87:
f9:4a:a5:ba:4b:33:68:a9:f1:a2:ed:cc:40:c3:62:
89:68:56:eb:03:0e:c1:9c:0e:b6:d5:69:59:ea:e6:
23:ad:c5:b2:bb:83:b8:5a:09:0e:f6:91:f9:37:26:
39:b1:fd:25:85:fe:71:68:62:f6:24:32:08:62:c7:
a2:c1:f8:96:5a:bc:45:70:2f:e3:a9:08:a7:e4:80:
74:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FC:E2:B9:29:F2:4D:B7:B3:60:9C:3F:7F:54:34:8E:26:90:99:7E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5AC8F8C45B6811F0A862E1DADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
Signature Algorithm: sha256WithRSAEncryption
2a:b6:eb:6b:0c:66:b2:a6:9c:e4:64:0b:81:21:c3:4f:b8:a7:
e9:0f:db:12:7c:f5:f7:84:c3:22:2a:5c:c4:34:97:7a:cb:e0:
5e:a6:df:40:15:7f:29:6a:f2:6b:5c:73:6b:92:c3:b5:1a:ba:
1c:40:97:d9:98:7c:ed:09:2e:00:d6:db:35:6c:f5:d5:2f:cf:
e2:11:25:13:51:97:ab:04:b8:89:ae:8f:e2:a7:78:f8:03:aa:
ce:f7:40:cf:03:4c:64:7d:4e:39:3c:eb:c8:3d:68:5e:75:9e:
27:e6:84:a5:04:4b:70:02:a2:3a:10:48:37:cf:cd:45:4f:c7:
d3:ae:be:07:9c:71:91:65:fe:eb:5f:3b:5b:c0:f5:5a:0d:f3:
77:3b:ee:16:7e:48:b9:2e:fe:d0:b0:45:d6:10:3f:f9:4d:84:
53:a3:a8:a4:3e:ee:17:4a:0f:56:40:fa:c6:aa:02:1a:bd:9d:
2a:2e:ee:ae:dc:44:ca:fb:22:00:1f:0d:5b:59:d6:90:d9:01:
45:ac:d0:da:d2:3f:0f:8b:df:c1:7c:21:c3:2a:9a:9c:38:62:
87:03:64:f2:93:58:4b:ae:80:26:34:8f:e0:37:4f:c4:89:98:
97:f0:67:b9:0a:3a:a9:ef:c7:8a:26:26:0d:47:4e:00:50:cd:
ed:4d:4e:1a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWNIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA3MTkyNjU2WhcNMjUwODMwMTkyNjU2WjAYMRYw
FAYDVQQDEw02ODZjMWY4NS0yOTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA79U0rAI+vmn4a5vqY8deeThNiUMclZ73UOS8QQ8dJIQgsqype0ihUw6N
URnwFFBR7UStF/Hwutar1b/F5Q1FaWN/wKvGWU14c7muUmKKwPTM5kdmM4KvEpPX
Hb93bWeSiOYKKpYB6XcFB1zTsFG1zMknUNtq1Qz50ta+kJGqUDYwED9febIhK8pC
CGLAQJvmzNb+8hjkW2KMnKLKYs/AMXyYT8TceDg0Yp7CqSWF+g3ByYf5SqW6SzNo
qfGi7cxAw2KJaFbrAw7BnA621WlZ6uYjrcWyu4O4WgkO9pH5NyY5sf0lhf5xaGL2
JDIIYseiwfiWWrxFcC/jqQin5IB0DwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKz8
4rkp8k23s2CcP39UNI4mkJl+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QUM4RjhDNDVCNjgxMUYwQTg2MkUxREFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc5bADBAWc5cAwDQYJKoZI
hvcNAQELBQADggEBACq262sMZrKmnORkC4Ehw0+4p+kP2xJ89feEwyIqXMQ0l3rL
4F6m30AVfylq8mtcc2uSw7UauhxAl9mYfO0JLgDW2zVs9dUvz+IRJRNRl6sEuImu
j+KnePgDqs73QM8DTGR9Tjk868g9aF51nifmhKUES3ACojoQSDfPzUVPx9Ouvgec
cZFl/utfO1vA9VoN83c77hZ+SLku/tCwRdYQP/lNhFOjqKQ+7hdKD1ZA+saqAhq9
nSou7q7cRMr7IgAfDVtZ1pDZAUWs0NrSPw+L38F8IcMqmpw4YocDZPKTWEuugCY0
j+A3T8SJmJfwZ7kKOqnvx4omJg1HTgBQze1NTho=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:32:58 2025 by rpki-client