Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/786000B0616E11F086CCF4EDDAE4EC9C.roa
File: 786000B0616E11F086CCF4EDDAE4EC9C.roa (raw, json)
Hash identifier: eQbpT5M2jp804hNgSiPZ20A+8a6wmuBw6w8jaidi+mk=
Subject key identifier: 5C:C3:D6:A6:24:FD:3F:E1:E3:45:CC:C8:E3:10:A0:72:95:89:CB:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016539
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/786000B0616E11F086CCF4EDDAE4EC9C.roa
Signing time: Tue 15 Jul 2025 11:25:55 +0000
ROA not before: Tue 15 Jul 2025 11:25:49 +0000
ROA not after: Fri 15 Aug 2025 11:25:49 +0000
asID: 134365
IP address blocks: 156.226.176.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91449 (0x16539)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 15 11:25:49 2025 GMT
Not After : Aug 15 11:25:49 2025 GMT
Subject: CN=68763ac2-cc7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ab:34:97:ce:7f:da:c7:33:65:37:ed:c5:c0:
bd:40:52:75:99:c9:93:a8:58:25:57:fb:30:f0:2f:
1b:b9:94:e2:79:8c:6f:54:b3:88:8f:80:2e:20:d8:
ed:ed:0f:ed:36:cc:35:1a:dd:8c:a7:ee:30:22:15:
d2:a6:d5:b2:e9:e3:26:9a:32:be:0f:fa:f1:fa:40:
d4:32:c8:91:0b:c0:b7:52:02:8e:23:78:bc:b4:4a:
7f:8b:b4:4c:94:1f:b7:2d:3f:86:8a:2e:37:13:88:
0f:a9:df:a3:a4:35:4e:ff:03:42:1d:44:80:e5:f1:
a9:30:a8:09:78:d3:b0:e8:90:a7:c8:5a:c9:ea:4a:
2c:d1:2f:0c:8c:7f:26:17:60:db:17:88:1a:ab:2e:
cd:cc:6e:ec:88:8d:42:cf:e4:5c:28:c9:b4:31:8e:
69:28:2b:dd:5d:83:6e:bf:8f:09:fd:1b:c7:00:1b:
04:4c:a8:ad:89:dd:ee:12:d7:d2:46:b9:71:8d:90:
86:4e:61:8f:b6:f1:f9:c3:23:36:f6:45:28:39:ca:
e3:9b:18:72:9c:cd:ad:b0:8b:ae:a3:ae:40:f4:f3:
3a:89:8b:0a:ba:da:f6:16:d1:6e:df:e0:39:01:59:
0e:23:81:e9:e1:70:15:d2:93:ea:ba:bb:cb:86:55:
95:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C3:D6:A6:24:FD:3F:E1:E3:45:CC:C8:E3:10:A0:72:95:89:CB:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/786000B0616E11F086CCF4EDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.176.0/21
Signature Algorithm: sha256WithRSAEncryption
55:08:7e:b7:0c:dc:7c:fb:44:06:71:54:94:2b:46:66:bf:31:
e5:78:65:e9:9d:ff:88:f2:7b:38:30:89:67:37:24:92:0a:25:
44:8a:33:de:90:0a:f8:af:dd:fa:bc:f3:22:59:9f:df:2b:8e:
e3:5a:71:12:c8:5e:e4:a9:0b:7b:83:b9:7f:b7:a5:25:68:4d:
ae:fa:a0:2c:ac:9f:dc:94:0f:c8:55:62:80:0b:79:6f:59:09:
89:2c:58:e2:61:73:63:f6:ce:7e:59:86:f8:0f:ba:fc:21:ee:
47:69:c0:32:40:ce:4e:b5:7f:c0:34:75:fe:63:ef:3e:90:e8:
84:2f:3f:72:cd:39:e2:68:65:68:b9:a4:43:47:a3:ab:64:95:
a1:e2:b9:41:57:0b:e5:ac:3d:0c:9e:9c:f9:b5:b4:54:99:96:
2b:b9:01:b2:9f:ea:1b:78:5b:54:cc:55:fe:21:62:ec:d8:cb:
9a:11:bd:6e:d9:b1:fa:d8:a7:65:60:0a:3f:d4:fe:0b:8f:be:
fe:13:64:22:f7:87:1d:3f:48:2c:1a:56:4a:06:99:ac:aa:b0:
40:ac:40:c7:b7:1e:10:72:da:c8:8f:84:fc:44:7e:3e:71:fc:
71:d8:5d:e5:7c:48:61:f9:15:bd:81:d8:b1:24:b6:9e:04:03:
82:62:11:4d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWU5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE1MTEyNTQ5WhcNMjUwODE1MTEyNTQ5WjAYMRYw
FAYDVQQDEw02ODc2M2FjMi1jYzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvas0l85/2sczZTftxcC9QFJ1mcmTqFglV/sw8C8buZTieYxvVLOIj4Au
INjt7Q/tNsw1Gt2Mp+4wIhXSptWy6eMmmjK+D/rx+kDUMsiRC8C3UgKOI3i8tEp/
i7RMlB+3LT+Gii43E4gPqd+jpDVO/wNCHUSA5fGpMKgJeNOw6JCnyFrJ6kos0S8M
jH8mF2DbF4gaqy7NzG7siI1Cz+RcKMm0MY5pKCvdXYNuv48J/RvHABsETKitid3u
EtfSRrlxjZCGTmGPtvH5wyM29kUoOcrjmxhynM2tsIuuo65A9PM6iYsKutr2FtFu
3+A5AVkOI4Hp4XAV0pPqurvLhlWVJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFzD
1qYk/T/h40XMyOMQoHKVicsUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83ODYwMDBCMDYxNkUxMUYwODZDQ0Y0RUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOKwMA0GCSqGSIb3DQEBCwUA
A4IBAQBVCH63DNx8+0QGcVSUK0ZmvzHleGXpnf+I8ns4MIlnNySSCiVEijPekAr4
r936vPMiWZ/fK47jWnESyF7kqQt7g7l/t6UlaE2u+qAsrJ/clA/IVWKAC3lvWQmJ
LFjiYXNj9s5+WYb4D7r8Ie5HacAyQM5OtX/ANHX+Y+8+kOiELz9yzTniaGVouaRD
R6OrZJWh4rlBVwvlrD0Mnpz5tbRUmZYruQGyn+obeFtUzFX+IWLs2MuaEb1u2bH6
2KdlYAo/1P4Lj77+E2Qi94cdP0gsGlZKBpmsqrBArEDHtx4QctrIj4T8RH4+cfxx
2F3lfEhh+RW9gdixJLaeBAOCYhFN
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:31:52 2025 by rpki-client