Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D1281464580711F0902E24E0DAE4EC9C.roa
File: D1281464580711F0902E24E0DAE4EC9C.roa (raw, json)
Hash identifier: G9U741py6Tkl9a2+Ad1KCL1gZhuaTbc9jqafbO5BgM4=
Subject key identifier: 77:42:96:5D:57:A5:DF:F5:9F:FD:8C:04:90:EA:60:49:F1:1E:50:50
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016073
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D1281464580711F0902E24E0DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 12:18:25 +0000
ROA not before: Thu 03 Jul 2025 12:18:19 +0000
ROA not after: Mon 03 Aug 2026 12:18:19 +0000
asID: 984
IP address blocks: 156.252.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90227 (0x16073)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 3 12:18:19 2025 GMT
Not After : Aug 3 12:18:19 2026 GMT
Subject: CN=68667511-7d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2c:39:ec:5f:df:5c:e1:b9:e2:71:a0:d7:a0:
32:bd:62:77:66:ea:bb:c3:3a:f9:09:51:b1:ef:51:
7c:ec:95:5f:eb:0e:cf:19:9d:b0:20:ae:0f:3e:74:
83:ca:5e:59:e2:08:39:89:b3:88:e0:51:f0:ec:fc:
f6:88:56:aa:ec:ad:99:66:73:5e:e8:58:e2:9f:83:
14:a0:2b:95:7b:97:90:67:65:c2:6e:fb:df:2c:ca:
7d:53:33:23:86:ff:9e:73:02:20:7d:00:3a:08:53:
c3:a4:b6:0a:ec:e5:f2:85:f4:46:eb:79:51:d9:12:
f4:79:72:b3:35:4e:58:b7:7e:b7:57:29:bc:32:a2:
d4:cd:4c:be:6a:9a:a3:46:60:a5:a6:8a:28:20:0f:
a7:c3:01:86:ac:d7:45:fa:b3:96:3c:72:95:03:5b:
fb:23:26:6d:c3:70:c1:06:5b:76:9a:9e:5d:f3:f1:
17:d7:29:d8:66:4f:f5:fe:62:54:a9:6d:35:86:a2:
eb:e5:f4:6f:71:81:80:f0:7f:88:56:0e:42:0b:a9:
23:f5:cd:8e:56:7d:aa:6c:22:1a:2e:c5:70:7a:8f:
2b:8e:ba:78:88:a9:23:d3:66:a5:cd:a6:ce:67:f1:
20:46:28:79:9e:cb:ba:2e:54:bc:70:21:01:88:0b:
4b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:42:96:5D:57:A5:DF:F5:9F:FD:8C:04:90:EA:60:49:F1:1E:50:50
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D1281464580711F0902E24E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.8.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:28:81:cb:0c:8f:0f:a6:8d:61:c9:8a:ae:c1:8f:c3:71:aa:
08:4b:a3:59:c9:aa:8a:b7:04:6f:f5:54:b6:b2:c3:5f:ce:41:
79:50:62:1a:e8:c9:a7:0a:36:aa:8c:22:d7:50:9b:5d:c5:d4:
4d:a3:0a:b6:7d:33:61:57:96:b2:23:f3:8b:df:84:d6:fb:d3:
2f:71:22:ba:9e:61:a1:05:38:cd:7e:a6:b3:4d:74:b5:65:9b:
17:89:b5:34:cf:82:b9:7c:51:6a:1b:3a:20:0f:ae:dd:f4:21:
79:94:1c:6f:62:c5:98:c3:fe:09:2d:4f:84:31:2f:20:1d:31:
9e:0f:4f:17:33:85:74:7c:b2:0c:7a:13:01:8f:82:22:7b:2f:
ef:28:36:56:45:37:7f:95:f8:60:02:d8:96:47:22:54:00:9e:
39:a8:20:1c:84:2e:f6:4b:89:8e:dc:29:01:81:fe:71:d3:5d:
72:e0:05:56:90:7b:38:49:ca:ad:40:14:09:57:f0:10:73:17:
37:b1:5b:41:08:23:fa:c8:e7:03:42:4c:60:bc:ca:18:71:b1:
45:61:30:e3:41:40:80:7b:fb:e9:61:8b:c6:61:60:0d:f3:e3:
6f:a1:00:d5:0c:d8:b8:a0:53:35:cd:bb:cb:bb:8f:46:37:96:
85:1f:b7:1d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWBzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAzMTIxODE5WhcNMjYwODAzMTIxODE5WjAYMRYw
FAYDVQQDEw02ODY2NzUxMS03ZDRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAniw57F/fXOG54nGg16AyvWJ3Zuq7wzr5CVGx71F87JVf6w7PGZ2wIK4P
PnSDyl5Z4gg5ibOI4FHw7Pz2iFaq7K2ZZnNe6Fjin4MUoCuVe5eQZ2XCbvvfLMp9
UzMjhv+ecwIgfQA6CFPDpLYK7OXyhfRG63lR2RL0eXKzNU5Yt363Vym8MqLUzUy+
apqjRmClpoooIA+nwwGGrNdF+rOWPHKVA1v7IyZtw3DBBlt2mp5d8/EX1ynYZk/1
/mJUqW01hqLr5fRvcYGA8H+IVg5CC6kj9c2OVn2qbCIaLsVweo8rjrp4iKkj02al
zabOZ/EgRih5nsu6LlS8cCEBiAtLnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHdC
ll1Xpd/1n/2MBJDqYEnxHlBQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTI4MTQ2NDU4MDcxMUYwOTAyRTI0RTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwIMA0GCSqGSIb3DQEBCwUA
A4IBAQBaKIHLDI8Ppo1hyYquwY/DcaoIS6NZyaqKtwRv9VS2ssNfzkF5UGIa6Mmn
CjaqjCLXUJtdxdRNowq2fTNhV5ayI/OL34TW+9MvcSK6nmGhBTjNfqazTXS1ZZsX
ibU0z4K5fFFqGzogD67d9CF5lBxvYsWYw/4JLU+EMS8gHTGeD08XM4V0fLIMehMB
j4Iiey/vKDZWRTd/lfhgAtiWRyJUAJ45qCAchC72S4mO3CkBgf5x011y4AVWkHs4
ScqtQBQJV/AQcxc3sVtBCCP6yOcDQkxgvMoYcbFFYTDjQUCAe/vpYYvGYWAN8+Nv
oQDVDNi4oFM1zbvLu49GN5aFH7cd
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:45:52 2025 by rpki-client