Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EF5E3C65A9611F0B2597784DAE4EC9C.roa
File: 5EF5E3C65A9611F0B2597784DAE4EC9C.roa (raw, json)
Hash identifier: Hm/nfIoxJHZUz5xuy8SPxHhB2b8st8hINXj7kudgm0s=
Subject key identifier: 72:D5:2D:43:ED:23:A6:6B:AF:6E:98:D0:1A:E0:BD:7D:2E:BA:52:CC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01626F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EF5E3C65A9611F0B2597784DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 18:23:54 +0000
ROA not before: Sun 06 Jul 2025 18:23:49 +0000
ROA not after: Sat 16 Aug 2025 18:23:49 +0000
asID: 61112
IP address blocks: 156.224.76.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90735 (0x1626f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 18:23:49 2025 GMT
Not After : Aug 16 18:23:49 2025 GMT
Subject: CN=686abf3a-dd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:64:a1:b3:f2:6e:4e:a0:9e:a1:74:c2:aa:f1:
f1:52:67:d9:27:15:5c:be:a1:12:09:3f:8b:fd:e6:
82:a6:51:cc:0f:92:88:48:ae:f5:fa:d5:e3:92:b8:
ba:fe:c5:d7:bc:a8:ee:08:58:e7:06:6d:bd:57:a4:
46:34:a8:24:16:39:33:96:f1:1c:68:bd:30:90:91:
f1:bd:03:f5:05:37:07:71:01:cd:31:be:98:3c:8c:
e1:d1:bb:b2:e7:26:4c:f9:a9:07:b4:0a:c4:72:08:
15:e3:69:b1:ce:e1:4c:37:06:ce:48:b6:f0:8a:0a:
ba:90:2c:a9:21:de:5c:ea:e3:ef:d7:7a:70:b4:15:
7f:d0:db:14:06:56:c3:ae:ed:8e:88:0a:3b:8c:76:
e0:34:d9:48:98:f4:7a:f2:4f:28:fc:8d:cb:41:bf:
13:ec:89:47:15:84:89:16:99:c1:4c:07:8b:99:92:
bc:44:24:d7:71:4b:dd:84:f1:f9:a0:81:a6:a6:b3:
ea:e0:f7:7c:82:3a:e7:3f:2a:98:2a:5d:2c:75:d0:
11:c6:b3:18:76:b2:d6:3b:8d:3c:95:bb:48:6c:81:
fe:b6:23:b7:c8:04:ca:0f:0e:f2:d0:1f:8a:95:26:
c3:b1:47:db:83:a1:85:47:ff:f0:1c:49:99:63:9f:
a5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D5:2D:43:ED:23:A6:6B:AF:6E:98:D0:1A:E0:BD:7D:2E:BA:52:CC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5EF5E3C65A9611F0B2597784DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.76.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:7f:a6:36:f0:0b:d6:5c:86:fa:f1:ec:96:01:14:9c:fa:52:
fe:9c:56:11:9b:c1:16:ba:b3:7a:07:96:54:24:95:46:2a:aa:
70:35:b3:c7:2c:dc:da:18:45:2f:4f:c3:f5:9a:60:a1:7b:c4:
05:0c:82:9c:4b:51:2c:b4:e9:3b:09:44:95:41:26:ff:3b:01:
82:ab:a6:88:b8:ea:2c:4b:e4:16:1c:97:e2:09:ec:e0:eb:2d:
8c:66:2a:13:2d:04:b1:77:1e:ad:97:dd:0a:02:ae:52:3f:a8:
30:98:12:01:2f:3e:86:60:c2:98:6d:bb:25:2c:23:4d:34:d2:
83:65:57:75:0b:37:d9:89:5d:98:92:80:8e:be:aa:da:41:68:
c1:84:82:1b:f4:f9:7b:30:f4:9b:b3:ed:38:6e:2d:73:d6:fb:
ee:23:be:80:d6:2c:62:61:a3:30:ae:1b:05:d1:b0:eb:18:bf:
b3:ee:6f:be:76:09:e6:47:45:99:09:6c:10:ca:50:50:f0:7e:
dc:f2:ea:df:df:a3:ea:74:49:3b:57:18:d9:18:c6:62:81:a5:
48:e1:d5:74:6d:87:60:b2:6e:87:57:53:71:50:f0:15:b9:4c:
d1:f5:ce:cb:62:51:b5:8a:19:6f:30:e2:b5:8f:f3:82:b1:c0:
b8:c3:0e:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWJvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTgyMzQ5WhcNMjUwODE2MTgyMzQ5WjAYMRYw
FAYDVQQDEw02ODZhYmYzYS1kZDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+WShs/JuTqCeoXTCqvHxUmfZJxVcvqESCT+L/eaCplHMD5KISK71+tXj
kri6/sXXvKjuCFjnBm29V6RGNKgkFjkzlvEcaL0wkJHxvQP1BTcHcQHNMb6YPIzh
0buy5yZM+akHtArEcggV42mxzuFMNwbOSLbwigq6kCypId5c6uPv13pwtBV/0NsU
BlbDru2OiAo7jHbgNNlImPR68k8o/I3LQb8T7IlHFYSJFpnBTAeLmZK8RCTXcUvd
hPH5oIGmprPq4Pd8gjrnPyqYKl0sddARxrMYdrLWO408lbtIbIH+tiO3yATKDw7y
0B+KlSbDsUfbg6GFR//wHEmZY5+lhwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHLV
LUPtI6Zrr26Y0BrgvX0uulLMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RUY1RTNDNjVBOTYxMUYwQjI1OTc3ODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOBMMA0GCSqGSIb3DQEBCwUA
A4IBAQC8f6Y28AvWXIb68eyWARSc+lL+nFYRm8EWurN6B5ZUJJVGKqpwNbPHLNza
GEUvT8P1mmChe8QFDIKcS1EstOk7CUSVQSb/OwGCq6aIuOosS+QWHJfiCezg6y2M
ZioTLQSxdx6tl90KAq5SP6gwmBIBLz6GYMKYbbslLCNNNNKDZVd1CzfZiV2YkoCO
vqraQWjBhIIb9Pl7MPSbs+04bi1z1vvuI76A1ixiYaMwrhsF0bDrGL+z7m++dgnm
R0WZCWwQylBQ8H7c8urf36PqdEk7VxjZGMZigaVI4dV0bYdgsm6HV1NxUPAVuUzR
9c7LYlG1ihlvMOK1j/OCscC4ww4a
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:28:10 2025 by rpki-client