Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA82348C5D0D11F0B919A792DAE4EC9C.roa
File: BA82348C5D0D11F0B919A792DAE4EC9C.roa (raw, json)
Hash identifier: qcKR/xc04Srpy2giQ4xigkBVf+McPOlCKtyzE+/JCU0=
Subject key identifier: E8:B2:63:46:6F:A3:64:7A:A0:8E:E2:2F:70:24:8B:F9:3B:C8:2A:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01644E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA82348C5D0D11F0B919A792DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 21:43:20 +0000
ROA not before: Wed 09 Jul 2025 21:43:15 +0000
ROA not after: Sun 24 Aug 2025 21:43:15 +0000
asID: 8796
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91214 (0x1644e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 21:43:15 2025 GMT
Not After : Aug 24 21:43:15 2025 GMT
Subject: CN=686ee278-c9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c8:56:6c:3c:82:e6:24:a6:4e:b4:8b:ef:9b:
08:10:70:70:a0:45:2c:44:d3:a2:4d:63:39:52:27:
80:10:eb:b3:98:9e:62:a2:54:1e:c0:40:e3:67:6d:
03:23:51:ce:4f:60:db:08:4c:2a:4a:55:26:12:9f:
b1:62:c1:7f:2b:4f:11:47:6a:e0:77:a6:8f:63:2c:
94:f2:32:fa:bc:8c:fb:cd:c4:68:0a:6a:3f:ec:3f:
b1:5f:2a:9b:ed:a3:99:2e:96:bd:74:f4:bf:79:e8:
83:d2:dd:53:a8:1f:73:e0:f7:f1:a7:6d:07:aa:b7:
86:8e:ae:5c:cd:4a:17:9f:ec:84:ae:1e:c0:fc:6f:
bc:bd:be:aa:2d:99:9c:16:3b:0b:8c:2d:e8:57:c5:
21:44:4a:6f:7b:53:14:9c:07:43:4c:7c:8d:3b:1d:
b6:39:39:95:0f:9f:c9:76:e9:7e:fb:8a:8f:50:04:
01:e1:65:bc:ae:f2:d6:86:82:8e:2a:c4:4c:f9:2c:
03:b7:1b:a5:00:fc:8f:55:54:73:07:63:ab:76:20:
29:25:9d:45:07:64:91:e5:83:67:fc:bb:c2:6a:50:
f1:4a:08:4a:95:c7:bc:30:db:18:3b:39:d7:1f:62:
56:31:c8:bd:25:b6:9b:fa:6c:11:87:02:88:d6:2d:
3c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:B2:63:46:6F:A3:64:7A:A0:8E:E2:2F:70:24:8B:F9:3B:C8:2A:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA82348C5D0D11F0B919A792DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
a7:c2:cb:f8:ea:fb:8b:56:43:49:fe:47:ae:c5:28:c7:3a:c1:
6a:a5:7f:5d:68:f2:22:ec:39:52:23:07:18:4d:33:3f:26:a1:
8f:f9:e4:a4:9a:a5:44:c9:11:bf:4e:c4:6d:10:10:87:d9:b2:
5a:59:8b:cb:07:90:85:1c:d1:9c:42:7a:d6:5e:93:14:ee:c3:
59:e3:82:ac:25:a4:fa:a1:fa:23:b8:b4:bc:82:d0:da:32:c6:
2a:97:db:58:4b:63:8a:fd:30:cc:a0:53:f1:36:ca:ef:d7:6a:
3d:9e:5b:57:08:14:09:00:29:2b:58:c0:d4:e1:d8:81:1a:96:
c6:77:62:2f:e5:3a:6d:72:32:72:78:5b:b1:f2:77:11:54:36:
f9:47:33:4d:ba:a4:ad:af:3d:e6:80:6a:68:26:59:48:0a:aa:
38:19:a2:fa:9e:54:2a:44:9b:00:14:40:2f:57:c5:5e:5d:01:
df:ea:5d:fb:b2:14:51:86:80:19:e3:16:c0:72:16:dd:4f:37:
12:df:bd:ec:02:da:75:18:5d:96:ad:bc:a3:d9:f9:7f:c5:3a:
d5:85:f4:60:53:b7:95:17:5a:a9:ac:0a:54:1a:15:5f:0a:db:
38:aa:c9:3f:06:11:35:cb:3d:2f:95:9b:90:56:eb:c7:39:fb:
fd:53:d2:f9
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWROMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MjE0MzE1WhcNMjUwODI0MjE0MzE1WjAYMRYw
FAYDVQQDEw02ODZlZTI3OC1jOWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA38hWbDyC5iSmTrSL75sIEHBwoEUsRNOiTWM5UieAEOuzmJ5iolQewEDj
Z20DI1HOT2DbCEwqSlUmEp+xYsF/K08RR2rgd6aPYyyU8jL6vIz7zcRoCmo/7D+x
Xyqb7aOZLpa9dPS/eeiD0t1TqB9z4Pfxp20HqreGjq5czUoXn+yErh7A/G+8vb6q
LZmcFjsLjC3oV8UhREpve1MUnAdDTHyNOx22OTmVD5/Jdul++4qPUAQB4WW8rvLW
hoKOKsRM+SwDtxulAPyPVVRzB2OrdiApJZ1FB2SR5YNn/LvCalDxSghKlce8MNsY
OznXH2JWMci9Jbab+mwRhwKI1i08lQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOiy
Y0Zvo2R6oI7iL3Aki/k7yCp4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTgyMzQ4QzVEMEQxMUYwQjkxOUE3OTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBAKfCy/jq+4tWQ0n+R67FKMc6wWqlf11o8iLsOVIjBxhNMz8m
oY/55KSapUTJEb9OxG0QEIfZslpZi8sHkIUc0ZxCetZekxTuw1njgqwlpPqh+iO4
tLyC0NoyxiqX21hLY4r9MMygU/E2yu/Xaj2eW1cIFAkAKStYwNTh2IEalsZ3Yi/l
Om1yMnJ4W7HydxFUNvlHM026pK2vPeaAamgmWUgKqjgZovqeVCpEmwAUQC9XxV5d
Ad/qXfuyFFGGgBnjFsByFt1PNxLfvewC2nUYXZatvKPZ+X/FOtWF9GBTt5UXWqms
ClQaFV8K2ziqyT8GETXLPS+Vm5BW68c5+/1T0vk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:35:24 2025 by rpki-client