Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DC138965D6D11F0BDC5A98FDAE4EC9C.roa
File: 5DC138965D6D11F0BDC5A98FDAE4EC9C.roa (raw, json)
Hash identifier: EvdB4Xm4Zawjm3qg6+KpyfyIx83xlnPPhbWjSJJSa/M=
Subject key identifier: CC:70:C3:5B:1C:33:DA:3D:46:E7:57:7E:0F:36:A8:26:C9:08:0C:07
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016457
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DC138965D6D11F0BDC5A98FDAE4EC9C.roa
Signing time: Thu 10 Jul 2025 09:07:56 +0000
ROA not before: Thu 10 Jul 2025 09:07:51 +0000
ROA not after: Sat 16 Aug 2025 09:07:51 +0000
asID: 137443
IP address blocks: 156.255.2.0/24 maxlen: 24
156.255.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91223 (0x16457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 10 09:07:51 2025 GMT
Not After : Aug 16 09:07:51 2025 GMT
Subject: CN=686f82ec-2b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:cd:d2:30:bd:72:4b:d3:8b:41:f5:68:22:10:
98:17:0b:f9:1d:7f:05:ad:16:e4:e3:3b:d4:63:24:
28:3a:c2:47:98:d4:cc:e9:7b:b7:39:68:d4:cd:29:
6d:4c:a2:68:00:0d:f9:95:43:4e:b9:5c:5c:40:26:
1c:32:28:c2:c5:0e:d1:0a:08:7f:3c:e6:d4:6b:9d:
b2:a2:89:93:36:1d:3f:75:da:a0:b1:8d:9f:b6:b0:
dc:ff:2f:7d:6f:80:74:7f:95:fa:ab:21:61:b9:2b:
63:86:16:6c:a1:bc:81:e1:48:5b:4f:c1:eb:69:8c:
d0:a8:1d:6a:34:eb:36:6e:f6:44:01:98:8d:e6:64:
b5:15:ec:0e:72:ee:04:c8:02:37:e8:1b:52:3c:57:
0b:fa:33:6b:03:c9:0e:58:80:e2:00:87:b9:b0:3b:
58:55:7d:37:9b:13:69:b0:6d:df:f9:e1:13:8d:a0:
df:0c:27:bf:52:04:28:7f:e6:7a:db:ee:9b:cf:a4:
6d:e2:26:45:c0:c4:48:bc:58:e6:19:2f:3e:d7:d5:
43:ae:14:e9:40:ae:e4:d9:2f:e5:30:1b:a5:df:f9:
7e:a5:08:08:5d:4c:c4:22:c5:23:98:55:d1:80:15:
c4:47:f5:72:3f:00:fe:34:83:ba:93:80:60:c7:a7:
8f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:70:C3:5B:1C:33:DA:3D:46:E7:57:7E:0F:36:A8:26:C9:08:0C:07
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DC138965D6D11F0BDC5A98FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.2.0/23
Signature Algorithm: sha256WithRSAEncryption
37:34:9a:d5:0b:09:3d:f1:83:1e:3e:fe:ef:0d:ec:bd:e9:e6:
44:e1:0c:f8:ba:bb:e2:41:ea:7f:84:ca:47:d1:5b:67:8e:97:
db:d2:c8:76:d3:7c:4a:45:31:ea:4f:64:7f:0d:19:75:0e:e8:
7f:04:f0:ba:bc:d1:42:63:45:7a:c7:08:66:45:34:d5:39:4d:
0f:87:2a:51:22:4a:36:26:c0:c8:4d:ea:a1:a3:7f:b8:f3:9b:
a9:2e:95:75:e4:75:9c:56:06:c9:0e:35:4d:1d:25:22:e3:d0:
87:09:c8:41:96:87:a5:7b:4d:0d:9e:4c:c5:36:c5:99:06:9c:
21:6d:4c:9f:c6:41:45:96:c8:60:0e:3a:67:5b:ee:69:5d:3f:
5a:d2:7b:4a:ea:91:4f:96:08:a2:35:5b:f7:39:66:50:85:e0:
e5:2c:b8:83:0c:f0:85:ca:28:33:7f:39:a2:50:bc:7d:70:04:
5e:7a:b5:37:25:fd:9c:91:fc:a7:0c:f2:9a:fb:a5:63:19:59:
d4:4e:81:ab:c7:7c:ce:e4:3a:5f:dc:ba:b8:99:a4:b5:ce:30:
15:43:bd:7a:4f:ce:ca:d9:eb:44:d6:15:77:d5:fb:6d:6f:69:
fb:b8:85:ef:82:fc:df:af:07:16:30:e8:d5:f0:d6:8b:23:aa:
44:62:97:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWRXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzEwMDkwNzUxWhcNMjUwODE2MDkwNzUxWjAYMRYw
FAYDVQQDEw02ODZmODJlYy0yYjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6c3SML1yS9OLQfVoIhCYFwv5HX8FrRbk4zvUYyQoOsJHmNTM6Xu3OWjU
zSltTKJoAA35lUNOuVxcQCYcMijCxQ7RCgh/PObUa52yoomTNh0/ddqgsY2ftrDc
/y99b4B0f5X6qyFhuStjhhZsobyB4UhbT8HraYzQqB1qNOs2bvZEAZiN5mS1FewO
cu4EyAI36BtSPFcL+jNrA8kOWIDiAIe5sDtYVX03mxNpsG3f+eETjaDfDCe/UgQo
f+Z62+6bz6Rt4iZFwMRIvFjmGS8+19VDrhTpQK7k2S/lMBul3/l+pQgIXUzEIsUj
mFXRgBXER/VyPwD+NIO6k4Bgx6ePRQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMxw
w1scM9o9RudXfg82qCbJCAwHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81REMxMzg5NjVENkQxMUYwQkRDNUE5OEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP8CMA0GCSqGSIb3DQEBCwUA
A4IBAQA3NJrVCwk98YMePv7vDey96eZE4Qz4urviQep/hMpH0Vtnjpfb0sh203xK
RTHqT2R/DRl1Duh/BPC6vNFCY0V6xwhmRTTVOU0PhypRIko2JsDITeqho3+485up
LpV15HWcVgbJDjVNHSUi49CHCchBloele00NnkzFNsWZBpwhbUyfxkFFlshgDjpn
W+5pXT9a0ntK6pFPlgiiNVv3OWZQheDlLLiDDPCFyigzfzmiULx9cAReerU3Jf2c
kfynDPKa+6VjGVnUToGrx3zO5Dpf3Lq4maS1zjAVQ716T87K2etE1hV31fttb2n7
uIXvgvzfrwcWMOjV8NaLI6pEYpdW
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:32:22 2025 by rpki-client