Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80B048C4566A11F0837C61E2DAE4EC9C.roa
File: 80B048C4566A11F0837C61E2DAE4EC9C.roa (raw, json)
Hash identifier: ux48wQTLHKg7+2ZfnoIZZNuKdP9s0OHZnzYrafcfo94=
Subject key identifier: 24:56:11:98:53:C4:1B:5D:02:1F:5F:72:54:FC:A5:BB:40:74:3F:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015FCE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80B048C4566A11F0837C61E2DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 10:59:52 +0000
ROA not before: Tue 01 Jul 2025 10:59:41 +0000
ROA not after: Sat 09 Aug 2025 10:59:41 +0000
asID: 200373
IP address blocks: 156.242.32.0/20 maxlen: 24
156.242.51.0/24 maxlen: 24
156.248.80.0/21 maxlen: 24
156.249.56.0/21 maxlen: 24
156.249.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90062 (0x15fce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 1 10:59:41 2025 GMT
Not After : Aug 9 10:59:41 2025 GMT
Subject: CN=6863bfa8-9eeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a4:0a:a1:c7:1a:ee:86:ad:1b:e4:66:1c:a3:
58:b5:a2:d6:43:04:eb:37:c3:0a:fc:0f:ad:dc:e5:
ef:d6:8d:67:0d:98:63:8b:70:48:7c:09:19:05:9f:
00:93:92:0f:73:ab:f4:39:13:54:60:52:0e:aa:bf:
01:cc:29:e3:2b:10:2f:1a:bb:0d:08:de:43:f7:69:
7c:32:55:7f:a7:e6:84:7f:22:42:0a:58:c7:e8:16:
fa:73:12:d6:59:0a:36:d5:cc:27:df:81:58:91:b9:
8c:02:81:03:9e:15:80:6c:c1:cf:d0:77:60:3d:35:
c6:17:cc:62:ed:a6:97:f4:fa:78:a7:e1:e0:cf:04:
b5:4a:ee:47:84:b4:6e:33:64:98:1e:c1:93:00:7e:
be:be:c1:06:89:77:7e:3d:33:ff:83:c4:a3:61:95:
9d:c2:aa:46:53:95:31:e6:1e:ea:98:cb:4b:f1:e7:
02:63:51:b0:4c:2a:61:64:cd:5a:aa:a1:8f:d6:36:
ce:a9:d9:f4:4d:b8:e0:4d:f2:81:de:f8:27:57:1c:
15:a8:09:d5:96:0e:36:b6:01:32:9c:50:00:74:eb:
76:6c:a4:8e:be:52:87:5f:5e:1a:ea:0f:c0:c8:db:
cd:22:12:cc:3a:ef:0a:4c:0e:c7:eb:80:8d:1a:08:
9f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:56:11:98:53:C4:1B:5D:02:1F:5F:72:54:FC:A5:BB:40:74:3F:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/80B048C4566A11F0837C61E2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.32.0/20
156.242.51.0/24
156.248.80.0/21
156.249.56.0/21
156.249.124.0/22
Signature Algorithm: sha256WithRSAEncryption
45:e2:4b:81:91:d7:11:63:87:63:54:ef:19:ca:ea:f3:c8:c3:
b5:6a:e1:6f:8c:d7:41:08:47:7f:c5:d5:55:20:99:a9:5f:08:
ff:41:fb:4e:6f:04:16:79:10:35:6c:b2:db:97:26:79:8e:5c:
35:c4:05:0a:da:ce:37:48:06:e7:14:8f:e5:23:d2:22:6e:d3:
91:9d:e7:70:fc:37:75:89:b7:c0:b4:91:de:63:07:73:23:20:
ea:10:6a:d2:66:63:ec:00:93:53:eb:74:11:7e:5f:8b:e1:a3:
f5:ea:4d:15:95:9c:3d:01:ce:c7:d5:f6:fb:1a:7d:0f:c0:e2:
44:28:2b:21:7e:0b:af:fb:55:00:7f:6d:de:d1:79:44:59:cf:
59:d7:24:ce:f4:4a:8f:69:c6:e1:22:60:94:6c:a9:44:2a:e9:
c1:8e:2f:06:4e:31:2f:f9:76:79:b8:d9:2e:ea:b4:3e:6b:d4:
82:c5:a3:5a:3f:aa:3a:b7:1f:84:da:a2:2e:d4:d2:91:3e:d8:
1c:7c:69:c3:9f:dd:37:f3:1c:d2:57:ae:08:94:2c:54:86:54:
53:96:af:d3:c4:92:5b:5a:aa:a2:92:ec:a4:b8:45:8b:66:02:
98:d8:bb:12:80:c8:29:40:69:cf:a8:e6:2d:ae:e0:fe:78:05:
89:1a:52:3b
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgIDAV/OMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAxMTA1OTQxWhcNMjUwODA5MTA1OTQxWjAYMRYw
FAYDVQQDEw02ODYzYmZhOC05ZWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2qQKocca7oatG+RmHKNYtaLWQwTrN8MK/A+t3OXv1o1nDZhji3BIfAkZ
BZ8Ak5IPc6v0ORNUYFIOqr8BzCnjKxAvGrsNCN5D92l8MlV/p+aEfyJCCljH6Bb6
cxLWWQo21cwn34FYkbmMAoEDnhWAbMHP0HdgPTXGF8xi7aaX9Pp4p+HgzwS1Su5H
hLRuM2SYHsGTAH6+vsEGiXd+PTP/g8SjYZWdwqpGU5Ux5h7qmMtL8ecCY1GwTCph
ZM1aqqGP1jbOqdn0TbjgTfKB3vgnVxwVqAnVlg42tgEynFAAdOt2bKSOvlKHX14a
6g/AyNvNIhLMOu8KTA7H64CNGgifBQIDAQABo4ICujCCArYwHQYDVR0OBBYEFCRW
EZhTxBtdAh9fclT8pbtAdD8NMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MEIwNDhDNDU2NkExMUYwODM3QzYxRTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEnPIgAwQAnPIzAwQDnPhQAwQD
nPk4AwQCnPl8MA0GCSqGSIb3DQEBCwUAA4IBAQBF4kuBkdcRY4djVO8ZyurzyMO1
auFvjNdBCEd/xdVVIJmpXwj/QftObwQWeRA1bLLblyZ5jlw1xAUK2s43SAbnFI/l
I9IibtORnedw/Dd1ibfAtJHeYwdzIyDqEGrSZmPsAJNT63QRfl+L4aP16k0VlZw9
Ac7H1fb7Gn0PwOJEKCshfguv+1UAf23e0XlEWc9Z1yTO9EqPacbhImCUbKlEKunB
ji8GTjEv+XZ5uNku6rQ+a9SCxaNaP6o6tx+E2qIu1NKRPtgcfGnDn9038xzSV64I
lCxUhlRTlq/TxJJbWqqikuykuEWLZgKY2LsSgMgpQGnPqOYtruD+eAWJGlI7
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:19 2025 by rpki-client