Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFECF38E574E11F0A989DDA9DAE4EC9C.roa
File: DFECF38E574E11F0A989DDA9DAE4EC9C.roa (raw, json)
Hash identifier: SbAPJkBJ8ooEn/1UX+hu5k7zvxMZpVpUfgUwzKFdBck=
Subject key identifier: 4D:33:F0:E9:92:A4:A4:26:C0:2E:EA:B2:CA:46:D3:E5:42:3C:6D:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016022
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFECF38E574E11F0A989DDA9DAE4EC9C.roa
Signing time: Wed 02 Jul 2025 14:14:33 +0000
ROA not before: Wed 02 Jul 2025 14:14:28 +0000
ROA not after: Sun 24 Aug 2025 14:14:28 +0000
asID: 8796
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90146 (0x16022)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 2 14:14:28 2025 GMT
Not After : Aug 24 14:14:28 2025 GMT
Subject: CN=68653ec9-1755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e4:08:90:e3:29:82:bb:8e:00:96:5c:cc:1a:
f9:2e:2b:44:0c:2b:6f:ac:48:b0:0d:ff:4d:34:b1:
04:63:5f:cd:79:c7:af:d9:6d:02:5a:0d:7a:0d:ef:
98:94:9f:a8:8c:ba:05:08:54:a4:92:e9:94:2f:ad:
82:f6:ae:c9:0e:78:62:db:51:1d:ed:8e:33:29:f3:
d0:54:d4:23:40:cd:1e:1b:e1:f2:15:07:17:56:67:
07:5d:43:56:dc:ce:09:8c:a0:08:92:73:83:c8:34:
96:30:c9:5f:ba:8e:5c:7c:87:3d:18:7e:8b:98:e9:
93:df:ef:c6:99:42:70:e9:80:c6:54:c0:fa:52:5c:
35:29:31:dd:db:1d:a7:31:62:95:0e:f3:67:76:ad:
b9:40:01:ad:4d:78:a5:fe:58:1d:b6:bf:3f:fa:02:
7c:d6:54:aa:e2:45:5a:ec:8d:9d:e0:d8:41:47:2f:
98:76:79:2d:3c:50:70:75:03:5c:c2:d5:4c:52:d5:
95:f0:b0:26:72:bb:d9:a6:84:38:41:3d:8c:53:19:
0c:ad:bd:81:32:f2:a8:15:87:df:a0:88:2d:36:e4:
f7:45:94:ca:d6:5e:85:dc:10:59:92:4a:87:7c:f5:
35:4d:9f:5a:02:b8:87:c7:8d:c7:48:a6:12:f8:64:
e8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:33:F0:E9:92:A4:A4:26:C0:2E:EA:B2:CA:46:D3:E5:42:3C:6D:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DFECF38E574E11F0A989DDA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
2d:18:51:5b:8f:c2:0d:5d:f5:ff:88:ef:12:3f:5f:e0:24:2f:
30:57:dd:88:e7:a7:34:bd:d6:53:11:75:68:fc:75:0a:a6:c3:
50:d9:da:0f:c3:00:d3:15:cd:ef:2d:0f:04:3d:b9:35:de:c5:
7b:af:dd:ee:22:57:3a:98:d3:b9:7d:aa:57:9b:10:09:fa:d5:
2b:2e:f7:62:e6:c8:76:01:af:6c:29:8e:08:3d:8c:44:d7:a0:
c1:ca:69:b5:0e:7e:71:a7:7a:09:e0:2c:61:5b:ac:26:2e:07:
4f:8d:4a:a8:9c:0d:68:e6:79:3a:4a:10:5a:11:ef:03:cd:e1:
63:3c:f7:cc:d0:44:cf:cd:43:89:e6:8f:87:ff:ae:81:3c:eb:
8a:22:44:2f:74:7d:dd:84:db:57:12:08:ea:6d:d0:b2:62:96:
b0:58:40:f4:ff:29:31:47:2e:bc:df:20:75:67:35:39:55:e3:
3d:e3:e1:2f:fb:52:f7:7e:f0:7f:83:2d:58:64:ea:9f:1d:32:
b9:97:a5:7b:ee:7b:d7:ee:e6:9a:60:4c:65:6b:49:25:b3:cd:
c8:29:06:21:75:23:90:f8:3b:ac:90:bc:8d:ac:07:0e:66:16:
13:a5:b7:a3:21:4c:52:97:66:23:38:b7:f8:da:9e:f1:96:aa:
7b:26:69:35
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWAiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAyMTQxNDI4WhcNMjUwODI0MTQxNDI4WjAYMRYw
FAYDVQQDEw02ODY1M2VjOS0xNzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqeQIkOMpgruOAJZczBr5LitEDCtvrEiwDf9NNLEEY1/Necev2W0CWg16
De+YlJ+ojLoFCFSkkumUL62C9q7JDnhi21Ed7Y4zKfPQVNQjQM0eG+HyFQcXVmcH
XUNW3M4JjKAIknODyDSWMMlfuo5cfIc9GH6LmOmT3+/GmUJw6YDGVMD6Ulw1KTHd
2x2nMWKVDvNndq25QAGtTXil/lgdtr8/+gJ81lSq4kVa7I2d4NhBRy+YdnktPFBw
dQNcwtVMUtWV8LAmcrvZpoQ4QT2MUxkMrb2BMvKoFYffoIgtNuT3RZTK1l6F3BBZ
kkqHfPU1TZ9aAriHx43HSKYS+GToewIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFE0z
8OmSpKQmwC7qsspG0+VCPG0iMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERkVDRjM4RTU3NEUxMUYwQTk4OUREQTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBAC0YUVuPwg1d9f+I7xI/X+AkLzBX3YjnpzS91lMRdWj8dQqm
w1DZ2g/DANMVze8tDwQ9uTXexXuv3e4iVzqY07l9qlebEAn61Ssu92LmyHYBr2wp
jgg9jETXoMHKabUOfnGnegngLGFbrCYuB0+NSqicDWjmeTpKEFoR7wPN4WM898zQ
RM/NQ4nmj4f/roE864oiRC90fd2E21cSCOpt0LJilrBYQPT/KTFHLrzfIHVnNTlV
4z3j4S/7Uvd+8H+DLVhk6p8dMrmXpXvue9fu5ppgTGVrSSWzzcgpBiF1I5D4O6yQ
vI2sBw5mFhOlt6MhTFKXZiM4t/janvGWqnsmaTU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:23:13 2025 by rpki-client