Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87DD0B745D6C11F0A79A298BDAE4EC9C.roa
File: 87DD0B745D6C11F0A79A298BDAE4EC9C.roa (raw, json)
Hash identifier: TGez2/yGd4p+U8bH+iisz4WZVlEhucQo+WhdvDxEtGE=
Subject key identifier: 09:35:C0:C4:57:CB:02:D9:E8:74:61:4D:B0:80:E7:C6:71:74:0E:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016455
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87DD0B745D6C11F0A79A298BDAE4EC9C.roa
Signing time: Thu 10 Jul 2025 09:01:57 +0000
ROA not before: Thu 10 Jul 2025 09:01:51 +0000
ROA not after: Sat 16 Aug 2025 09:01:51 +0000
asID: 58879
IP address blocks: 156.255.2.0/24 maxlen: 24
156.255.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91221 (0x16455)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 10 09:01:51 2025 GMT
Not After : Aug 16 09:01:51 2025 GMT
Subject: CN=686f8185-859b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5c:be:e3:7d:40:08:b6:08:1d:dc:8c:21:c1:
17:90:80:77:6e:aa:36:a1:0f:0d:e2:91:f1:e8:2d:
08:57:39:8f:87:66:9c:fd:74:60:0e:99:5e:ff:9e:
ff:3c:1b:07:11:b7:cf:f1:09:88:e5:15:33:eb:23:
e8:fc:6a:bb:38:1d:77:ce:e9:c2:4b:53:ba:0e:05:
22:12:32:59:58:c3:00:a0:75:26:7f:1b:60:f9:df:
d3:4e:ae:98:70:f8:d5:5b:0d:4a:fa:67:b2:e7:63:
8a:60:8a:f3:d2:12:c5:72:4f:99:0b:bf:eb:ef:de:
ae:cc:74:8c:05:2d:76:d7:bb:87:05:97:33:fc:3a:
c6:42:7a:07:77:7d:9a:97:92:22:78:57:b8:ef:5c:
8f:3a:28:31:a3:65:1c:bd:0f:b6:fb:9b:31:76:d0:
a0:05:15:a3:a8:77:85:d5:dc:0f:80:27:e3:77:14:
6e:da:7f:a0:a3:e1:aa:43:ee:d8:b0:06:50:8e:61:
94:b6:fe:82:cf:79:4d:f0:f9:56:79:0e:a9:87:c7:
0b:91:2f:41:5c:65:d2:12:0d:c5:c6:e9:12:85:b8:
b2:a7:71:64:65:27:1a:65:55:4a:2b:4a:03:14:da:
9d:f1:cd:87:83:d5:1a:2e:95:c5:c8:e7:9b:36:fd:
03:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:35:C0:C4:57:CB:02:D9:E8:74:61:4D:B0:80:E7:C6:71:74:0E:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/87DD0B745D6C11F0A79A298BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.2.0/23
Signature Algorithm: sha256WithRSAEncryption
03:3a:3a:25:79:a0:a9:41:ab:aa:7c:55:7b:e5:14:50:e3:b7:
44:3c:4e:11:59:5c:35:69:14:23:d3:41:09:23:ad:aa:d1:ad:
2a:56:ad:f5:55:6b:6e:d6:81:45:d4:0b:34:21:a4:a9:f9:e7:
d9:e0:cd:90:fc:58:3d:1f:1b:7e:c5:9c:93:e7:d3:54:99:a4:
f5:4a:16:83:bf:90:0b:0a:37:2f:c8:38:81:db:65:5c:f4:5e:
a9:1d:ec:c8:1f:13:cf:ff:53:a5:08:ab:cd:7b:74:8e:c6:af:
32:05:8f:c5:44:01:e7:7b:6f:2d:9d:3a:b3:75:78:ff:8d:c6:
a2:5f:b4:18:97:69:e9:84:89:04:bb:b4:b7:3d:a9:12:95:82:
4c:a2:26:91:e4:ca:e9:a4:8b:93:99:0a:d3:eb:60:df:0a:ce:
40:6b:11:c8:74:fe:4c:93:88:46:2d:2a:06:f8:7e:4d:bd:00:
d4:72:91:75:55:40:bc:03:8a:33:1f:47:81:3e:e8:54:55:8d:
15:62:c2:85:e6:a4:5f:77:a3:bf:b1:76:32:bd:30:49:8a:43:
07:7b:82:f9:cc:3f:bf:1e:9f:d7:51:c2:9f:b2:43:ec:92:19:
be:f1:91:88:5b:af:d3:7e:e5:bb:8b:b5:9b:72:13:33:1b:29:
4b:ea:1a:4f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWRVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzEwMDkwMTUxWhcNMjUwODE2MDkwMTUxWjAYMRYw
FAYDVQQDEw02ODZmODE4NS04NTliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2Vy+431ACLYIHdyMIcEXkIB3bqo2oQ8N4pHx6C0IVzmPh2ac/XRgDple
/57/PBsHEbfP8QmI5RUz6yPo/Gq7OB13zunCS1O6DgUiEjJZWMMAoHUmfxtg+d/T
Tq6YcPjVWw1K+mey52OKYIrz0hLFck+ZC7/r796uzHSMBS1217uHBZcz/DrGQnoH
d32al5IieFe471yPOigxo2UcvQ+2+5sxdtCgBRWjqHeF1dwPgCfjdxRu2n+go+Gq
Q+7YsAZQjmGUtv6Cz3lN8PlWeQ6ph8cLkS9BXGXSEg3FxukShbiyp3FkZScaZVVK
K0oDFNqd8c2Hg9UaLpXFyOebNv0DlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAk1
wMRXywLZ6HRhTbCA58ZxdA6eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84N0REMEI3NDVENkMxMUYwQTc5QTI5OEJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP8CMA0GCSqGSIb3DQEBCwUA
A4IBAQADOjoleaCpQauqfFV75RRQ47dEPE4RWVw1aRQj00EJI62q0a0qVq31VWtu
1oFF1As0IaSp+efZ4M2Q/Fg9Hxt+xZyT59NUmaT1ShaDv5ALCjcvyDiB22Vc9F6p
HezIHxPP/1OlCKvNe3SOxq8yBY/FRAHne28tnTqzdXj/jcaiX7QYl2nphIkEu7S3
PakSlYJMoiaR5MrppIuTmQrT62DfCs5AaxHIdP5Mk4hGLSoG+H5NvQDUcpF1VUC8
A4ozH0eBPuhUVY0VYsKF5qRfd6O/sXYyvTBJikMHe4L5zD+/Hp/XUcKfskPskhm+
8ZGIW6/TfuW7i7WbchMzGylL6hpP
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:52:12 2025 by rpki-client