Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC6E2D844E8111F0B49B3578DAE4EC9C.roa
File: DC6E2D844E8111F0B49B3578DAE4EC9C.roa (raw, json)
Hash identifier: r9MQharLxdmEdTANtZkY3GGibgaPEapi6LPH6m/gJv8=
Subject key identifier: BA:2A:BE:FA:93:4B:CE:C7:A3:72:36:4B:44:42:B4:C9:EE:79:6D:82
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015D9E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC6E2D844E8111F0B49B3578DAE4EC9C.roa
Signing time: Sat 21 Jun 2025 09:26:50 +0000
ROA not before: Sat 21 Jun 2025 09:26:46 +0000
ROA not after: Mon 28 Jul 2025 09:26:46 +0000
asID: 139880
IP address blocks: 156.227.64.0/18 maxlen: 24
156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89502 (0x15d9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 21 09:26:46 2025 GMT
Not After : Jul 28 09:26:46 2025 GMT
Subject: CN=68567ada-0ef2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:f6:11:26:24:24:a6:11:45:d2:d4:53:8b:9b:
43:0e:5e:3c:e7:e1:eb:7c:6c:2b:fd:61:9a:fd:99:
5d:86:3e:f9:1e:4f:f3:b7:f2:49:0d:a9:26:66:7d:
cc:12:25:30:e1:5e:81:d8:2b:03:1f:43:01:89:6d:
3f:dc:7c:8f:fc:35:66:a0:02:3a:0a:07:f1:df:f1:
e2:94:28:0a:85:e5:d9:9a:4f:64:bb:5a:94:07:db:
5b:46:e3:88:64:c5:27:49:b9:d4:0a:dc:9e:94:fd:
99:3e:9b:5b:72:9e:31:0d:19:23:4a:93:8b:41:ad:
12:c1:a5:72:c5:e1:e1:9e:e9:3b:ca:2c:63:71:f5:
8e:d1:86:61:3c:3d:0f:b6:3e:a4:99:ce:aa:8e:6a:
19:5e:ad:47:05:dc:56:94:c3:ba:6e:76:58:6a:0a:
5b:de:16:f1:37:8c:fb:30:7c:5a:88:a1:2a:94:6d:
e9:8a:c9:16:dc:8c:cf:c1:b4:fe:4f:e2:2a:c0:bc:
08:15:fd:25:5c:24:67:fc:b6:1f:d7:f1:69:93:9d:
01:ba:f0:90:48:0a:3c:ad:48:57:e0:cc:61:9d:6d:
70:0b:4a:ca:2c:fd:3b:57:ac:58:a3:cb:8d:84:07:
75:1d:12:02:46:1c:c3:c3:5a:18:ff:22:af:66:76:
06:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:2A:BE:FA:93:4B:CE:C7:A3:72:36:4B:44:42:B4:C9:EE:79:6D:82
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC6E2D844E8111F0B49B3578DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/18
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
83:68:8d:8c:5c:b1:f0:fd:c2:51:17:0e:32:34:b8:25:2f:a6:
16:51:91:53:24:ba:33:46:e5:7f:3e:7f:03:1d:ab:24:d4:3c:
bd:e1:44:95:7f:48:52:80:6f:ec:52:ed:48:29:f9:3d:15:4d:
97:11:4b:d8:af:f8:86:1c:d9:5e:1b:f9:93:7c:bc:c2:68:a2:
02:c6:78:49:e4:5e:ce:93:e6:b3:55:b1:15:eb:a6:27:e9:4b:
5d:42:98:ab:6e:99:a0:d7:7d:7b:f0:ee:b7:2e:56:f2:72:86:
3b:19:9b:8d:ef:13:31:d5:9a:7a:8e:5e:70:4c:ae:4e:7d:19:
f6:ed:de:6d:6f:41:90:21:aa:c5:9e:1d:fb:08:0a:b8:59:5f:
89:2c:1a:1f:da:78:3d:f7:30:52:4e:6f:ad:58:d4:a9:01:a4:
d6:60:3d:86:13:8b:53:8f:23:fe:d3:25:f4:60:9e:f1:f3:41:
35:8d:12:37:2d:98:c3:38:5f:9e:29:d4:a6:d9:3b:92:79:c2:
25:c4:6a:da:bc:39:4d:05:7f:11:5e:79:b6:e3:a5:cd:c0:41:
33:10:0d:13:68:d9:92:9b:46:7a:fb:73:35:c7:5f:5f:3b:4b:
9e:e3:07:7f:04:e3:d6:a4:2f:7a:56:63:22:3c:e1:be:e3:06:
9b:28:32:24
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAV2eMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjIxMDkyNjQ2WhcNMjUwNzI4MDkyNjQ2WjAYMRYw
FAYDVQQDEw02ODU2N2FkYS0wZWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9vYRJiQkphFF0tRTi5tDDl485+HrfGwr/WGa/Zldhj75Hk/zt/JJDakm
Zn3MEiUw4V6B2CsDH0MBiW0/3HyP/DVmoAI6Cgfx3/HilCgKheXZmk9ku1qUB9tb
RuOIZMUnSbnUCtyelP2ZPptbcp4xDRkjSpOLQa0SwaVyxeHhnuk7yixjcfWO0YZh
PD0Ptj6kmc6qjmoZXq1HBdxWlMO6bnZYagpb3hbxN4z7MHxaiKEqlG3piskW3IzP
wbT+T+IqwLwIFf0lXCRn/LYf1/Fpk50BuvCQSAo8rUhX4MxhnW1wC0rKLP07V6xY
o8uNhAd1HRICRhzDw1oY/yKvZnYG6wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFLoq
vvqTS87Ho3I2S0RCtMnueW2CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQzZFMkQ4NDRFODExMUYwQjQ5QjM1NzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQGnONAMAwDBAWc/iADBAWc/kAw
DQYJKoZIhvcNAQELBQADggEBAINojYxcsfD9wlEXDjI0uCUvphZRkVMkujNG5X8+
fwMdqyTUPL3hRJV/SFKAb+xS7Ugp+T0VTZcRS9iv+IYc2V4b+ZN8vMJoogLGeEnk
Xs6T5rNVsRXrpifpS11CmKtumaDXfXvw7rcuVvJyhjsZm43vEzHVmnqOXnBMrk59
Gfbt3m1vQZAhqsWeHfsICrhZX4ksGh/aeD33MFJOb61Y1KkBpNZgPYYTi1OPI/7T
JfRgnvHzQTWNEjctmMM4X54p1KbZO5J5wiXEatq8OU0FfxFeebbjpc3AQTMQDRNo
2ZKbRnr7czXHX187S57jB38E49akL3pWYyI84b7jBpsoMiQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:29:56 2025 by rpki-client