Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7754682597211F0A2A984A6DAE4EC9C.roa
File: C7754682597211F0A2A984A6DAE4EC9C.roa (raw, json)
Hash identifier: oikld0OOxNOA96leXeuxBX5Ta8C9KAwg2GGhaq410+A=
Subject key identifier: 37:41:89:D0:6B:32:74:09:5A:4C:8D:C2:C7:B8:F8:7A:39:FD:FB:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016151
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7754682597211F0A2A984A6DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 07:36:36 +0000
ROA not before: Sat 05 Jul 2025 07:36:31 +0000
ROA not after: Fri 25 Jul 2025 07:36:31 +0000
asID: 203020
IP address blocks: 156.243.120.0/21 maxlen: 24
156.243.236.0/22 maxlen: 24
156.244.192.0/21 maxlen: 24
156.244.216.0/21 maxlen: 24
156.248.16.0/22 maxlen: 24
156.248.96.0/22 maxlen: 24
156.249.68.0/22 maxlen: 24
156.249.84.0/22 maxlen: 24
156.249.88.0/21 maxlen: 24
156.249.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90449 (0x16151)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 5 07:36:31 2025 GMT
Not After : Jul 25 07:36:31 2025 GMT
Subject: CN=6868d604-3bd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:39:e6:b5:66:17:2c:04:51:58:08:9e:86:f7:
f3:c8:b3:46:46:8d:ff:60:ea:c0:4d:1f:ca:83:53:
db:a8:35:1b:60:03:85:7f:94:8b:d2:bf:c4:a9:dd:
5d:d8:f6:a0:7e:d4:3c:c2:89:fa:83:93:78:9b:73:
f2:9c:b2:f1:d0:50:7e:b2:08:6d:13:19:55:fe:12:
04:78:65:98:f6:50:ea:03:d6:83:50:15:d1:46:e7:
f8:e5:a9:57:02:3a:93:01:5f:c9:4d:d5:28:a8:b3:
46:d7:c9:3c:f4:56:8b:81:01:5d:da:73:91:09:50:
46:94:f3:26:e1:bf:32:e3:c5:96:3c:6c:8e:e0:6f:
76:b9:6a:1d:ca:bf:7b:47:31:c4:e3:30:04:08:46:
c5:a4:73:ad:ac:56:7a:a3:37:15:b8:05:06:42:5d:
2a:f7:b4:87:a9:6e:3f:35:e2:77:e4:93:6d:92:66:
44:2a:38:ca:05:21:fa:52:3a:45:53:23:2f:fa:3a:
b1:2c:1b:36:3d:ac:67:59:94:0f:35:22:7c:ba:63:
ff:64:0f:a9:82:b0:51:27:85:1a:fb:5d:29:cd:1f:
4b:2d:30:bf:a7:63:cc:ff:07:96:a0:85:9e:88:6e:
cb:fa:36:92:02:6b:31:e6:11:63:4d:a8:f7:67:90:
0d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:41:89:D0:6B:32:74:09:5A:4C:8D:C2:C7:B8:F8:7A:39:FD:FB:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7754682597211F0A2A984A6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.120.0/21
156.243.236.0/22
156.244.192.0/21
156.244.216.0/21
156.248.16.0/22
156.248.96.0/22
156.249.68.0/22
156.249.84.0-156.249.95.255
156.249.116.0/22
Signature Algorithm: sha256WithRSAEncryption
75:1d:47:9c:5a:3e:74:8c:94:1e:15:40:1f:16:66:c1:39:dc:
6a:0e:b0:3e:58:24:1b:95:ce:fc:c2:9a:ff:77:ce:70:d3:93:
0e:f9:cc:07:7b:8f:8f:ae:b7:37:8b:39:43:aa:d2:7e:24:c8:
50:40:b6:8a:16:b2:32:b1:16:77:d0:d2:43:20:e4:27:32:25:
03:24:f6:99:54:ba:25:32:96:93:32:7c:02:e6:fb:93:69:45:
9e:2d:c6:24:0b:46:81:b7:e1:34:c7:45:be:e8:34:b3:97:ca:
1f:14:ae:5f:ea:1d:21:c5:24:f7:43:2b:cc:02:f8:23:05:b4:
9b:cc:25:e5:2f:98:55:b3:61:7c:80:64:e9:26:47:7f:50:e6:
de:fe:30:88:36:cb:ba:2b:24:c7:91:a9:c0:10:a9:b5:72:53:
9d:18:df:7a:5f:1d:e6:f1:ba:25:83:b5:9b:37:52:a1:3a:5f:
ce:0d:a3:59:51:b8:4b:64:d2:48:06:2c:94:3f:09:76:8f:9e:
68:04:ca:08:c6:1c:69:5b:36:b3:34:f5:c8:ff:73:c0:bc:61:
a4:bd:49:af:db:88:0a:91:05:79:56:0b:ac:b4:c1:09:8f:0b:
f6:40:d2:70:4c:1a:e8:75:f6:e2:55:cf:40:af:99:6a:c5:46:
61:c0:e4:59
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAWFRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA1MDczNjMxWhcNMjUwNzI1MDczNjMxWjAYMRYw
FAYDVQQDEw02ODY4ZDYwNC0zYmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyjnmtWYXLARRWAiehvfzyLNGRo3/YOrATR/Kg1PbqDUbYAOFf5SL0r/E
qd1d2PagftQ8won6g5N4m3PynLLx0FB+sghtExlV/hIEeGWY9lDqA9aDUBXRRuf4
5alXAjqTAV/JTdUoqLNG18k89FaLgQFd2nORCVBGlPMm4b8y48WWPGyO4G92uWod
yr97RzHE4zAECEbFpHOtrFZ6ozcVuAUGQl0q97SHqW4/NeJ35JNtkmZEKjjKBSH6
UjpFUyMv+jqxLBs2PaxnWZQPNSJ8umP/ZA+pgrBRJ4Ua+10pzR9LLTC/p2PM/weW
oIWeiG7L+jaSAmsx5hFjTaj3Z5ANWQIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFDdB
idBrMnQJWkyNwse4+Ho5/fu1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNzc1NDY4MjU5NzIxMUYwQTJBOTg0QTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDnPN4AwQCnPPsAwQDnPTAAwQD
nPTYAwQCnPgQAwQCnPhgAwQCnPlEMAwDBAKc+VQDBAWc+UADBAKc+XQwDQYJKoZI
hvcNAQELBQADggEBAHUdR5xaPnSMlB4VQB8WZsE53GoOsD5YJBuVzvzCmv93znDT
kw75zAd7j4+utzeLOUOq0n4kyFBAtooWsjKxFnfQ0kMg5CcyJQMk9plUuiUylpMy
fALm+5NpRZ4txiQLRoG34TTHRb7oNLOXyh8Url/qHSHFJPdDK8wC+CMFtJvMJeUv
mFWzYXyAZOkmR39Q5t7+MIg2y7orJMeRqcAQqbVyU50Y33pfHebxuiWDtZs3UqE6
X84No1lRuEtk0kgGLJQ/CXaPnmgEygjGHGlbNrM09cj/c8C8YaS9Sa/biAqRBXlW
C6y0wQmPC/ZA0nBMGuh19uJVz0CvmWrFRmHA5Fk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:37 2025 by rpki-client