Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A119C316623011F09A77C4DFDAE4EC9C.roa
File: A119C316623011F09A77C4DFDAE4EC9C.roa (raw, json)
Hash identifier: 3/BCunjFDXDOxxOCDQWg1ezxiE+CnrnMhSQW2SQMfR8=
Subject key identifier: 98:E1:A8:AC:94:4C:32:4A:1D:C0:C0:2A:5D:EE:54:0C:44:EB:02:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01657F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A119C316623011F09A77C4DFDAE4EC9C.roa
Signing time: Wed 16 Jul 2025 10:35:45 +0000
ROA not before: Wed 16 Jul 2025 10:35:40 +0000
ROA not after: Tue 22 Jul 2025 10:35:40 +0000
asID: 399989
IP address blocks: 156.238.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91519 (0x1657f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 16 10:35:40 2025 GMT
Not After : Jul 22 10:35:40 2025 GMT
Subject: CN=68778081-c693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fd:7f:14:3a:e7:ce:cd:27:c8:29:dd:9f:30:
0d:dc:8c:8f:49:bf:7e:4e:46:7a:f0:fa:ae:75:48:
a4:c5:27:85:e0:5e:6e:b6:83:31:e1:23:fc:cb:f7:
b8:51:d2:9a:f7:56:8f:cf:1b:0d:52:4e:9e:c2:d2:
38:0c:bf:e1:ce:47:51:c5:c4:7c:81:b6:ec:14:dc:
c9:62:6f:52:6b:67:3b:71:bc:48:0a:dd:f3:a0:b3:
2b:50:e3:c7:b7:87:40:b7:9d:cb:97:b9:1d:df:c6:
e4:e3:9b:71:d5:a2:96:57:e7:b9:aa:09:82:4d:98:
8b:36:74:d8:fd:78:04:9c:b6:de:a7:d9:ee:b9:54:
ca:30:43:bb:57:0e:70:d2:e0:b0:62:eb:09:1e:1b:
36:58:f9:ab:29:cb:a0:24:09:12:73:9a:df:16:76:
ec:59:d8:50:13:f2:a7:e7:26:07:2f:47:85:a2:79:
7c:cd:38:9e:6d:77:5c:f3:b5:db:b6:ae:5b:c2:ac:
5a:0d:d8:fc:ba:f4:6c:a3:1a:9c:24:3e:5d:cc:80:
a6:2f:e1:11:30:2d:a4:04:8a:fb:41:22:a4:7e:12:
0f:fd:2e:9f:5a:74:f1:22:c4:15:55:de:ac:91:65:
a4:bc:63:ff:97:cb:b5:62:13:d2:94:53:9e:78:7d:
1f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E1:A8:AC:94:4C:32:4A:1D:C0:C0:2A:5D:EE:54:0C:44:EB:02:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A119C316623011F09A77C4DFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.176.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:50:3a:88:0a:0d:49:0b:96:17:0e:3f:7f:f0:b6:72:80:f5:
bf:db:70:c4:37:e2:f4:72:1f:8c:f4:2d:79:22:1b:63:9e:ba:
1c:2c:f2:14:45:89:ed:06:c9:0a:e3:3b:a1:07:91:5b:44:40:
31:cb:cb:88:43:ee:55:b0:11:e8:14:3a:0c:e1:1b:d9:42:74:
a3:0e:b1:c2:83:bb:10:0d:6e:21:16:a5:43:9a:f8:5e:97:53:
32:39:42:1b:1a:10:3e:3e:4c:c7:1d:88:3f:0a:18:00:d3:f4:
d8:52:a7:59:8e:1f:84:d8:55:7b:5b:b5:4f:27:26:2c:87:76:
31:97:c8:b4:66:2f:c3:57:89:83:c7:6a:0d:7c:b0:10:3e:e2:
13:0a:56:39:e2:c7:33:a9:bc:cf:f5:da:b4:cc:4a:6d:1e:0a:
9d:73:18:ea:b2:00:55:3f:34:bb:fd:6e:83:f1:e7:83:c7:02:
9b:3b:b9:59:7b:fb:eb:e8:aa:5b:67:1f:7d:2f:fd:c4:96:05:
7b:28:ae:1a:68:d3:9d:a2:4e:da:f4:06:72:40:6d:9b:8c:34:
5b:b4:f6:b2:9b:21:87:ee:b3:70:af:59:1a:73:e7:e7:69:bc:
4e:31:e0:aa:a0:91:ca:e8:80:36:db:eb:91:4d:8d:f0:97:ba:
ad:d5:d2:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWV/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE2MTAzNTQwWhcNMjUwNzIyMTAzNTQwWjAYMRYw
FAYDVQQDEw02ODc3ODA4MS1jNjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn/1/FDrnzs0nyCndnzAN3IyPSb9+TkZ68PqudUikxSeF4F5utoMx4SP8
y/e4UdKa91aPzxsNUk6ewtI4DL/hzkdRxcR8gbbsFNzJYm9Sa2c7cbxICt3zoLMr
UOPHt4dAt53Ll7kd38bk45tx1aKWV+e5qgmCTZiLNnTY/XgEnLbep9nuuVTKMEO7
Vw5w0uCwYusJHhs2WPmrKcugJAkSc5rfFnbsWdhQE/Kn5yYHL0eFonl8zTiebXdc
87Xbtq5bwqxaDdj8uvRsoxqcJD5dzICmL+ERMC2kBIr7QSKkfhIP/S6fWnTxIsQV
Vd6skWWkvGP/l8u1YhPSlFOeeH0f5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJjh
qKyUTDJKHcDAKl3uVAxE6wJJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMTE5QzMxNjYyMzAxMUYwOUE3N0M0REZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO6wMA0GCSqGSIb3DQEBCwUA
A4IBAQCtUDqICg1JC5YXDj9/8LZygPW/23DEN+L0ch+M9C15IhtjnrocLPIURYnt
BskK4zuhB5FbREAxy8uIQ+5VsBHoFDoM4RvZQnSjDrHCg7sQDW4hFqVDmvhel1My
OUIbGhA+PkzHHYg/ChgA0/TYUqdZjh+E2FV7W7VPJyYsh3Yxl8i0Zi/DV4mDx2oN
fLAQPuITClY54sczqbzP9dq0zEptHgqdcxjqsgBVPzS7/W6D8eeDxwKbO7lZe/vr
6KpbZx99L/3ElgV7KK4aaNOdok7a9AZyQG2bjDRbtPaymyGH7rNwr1kac+fnabxO
MeCqoJHK6IA22+uRTY3wl7qt1dIL
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:35:07 2025 by rpki-client