Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E32919505C0411F090C3DDDBDAE4EC9C.roa
File: E32919505C0411F090C3DDDBDAE4EC9C.roa (raw, json)
Hash identifier: hWZWot7HL6DkgoXNDWaImAxP03OOI5euAhqU8/13qWI=
Subject key identifier: 2E:52:2E:AA:8D:FA:F6:D1:F8:28:AD:9F:51:6F:78:CA:42:94:D2:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016374
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E32919505C0411F090C3DDDBDAE4EC9C.roa
Signing time: Tue 08 Jul 2025 14:07:31 +0000
ROA not before: Tue 08 Jul 2025 14:07:26 +0000
ROA not after: Thu 08 Jan 2026 14:07:26 +0000
asID: 24435
IP address blocks: 156.238.82.0/24 maxlen: 24
156.238.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90996 (0x16374)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 8 14:07:26 2025 GMT
Not After : Jan 8 14:07:26 2026 GMT
Subject: CN=686d2623-56cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:57:40:0e:d5:32:53:2e:5f:75:76:fa:7a:89:
5b:b1:3b:18:ca:16:ac:5a:fb:97:58:31:e9:bb:47:
bf:3f:da:56:12:5a:98:e8:1a:16:0f:8f:1a:5c:9b:
b8:36:23:23:fb:b2:ef:6d:b4:64:46:7c:ac:cb:8c:
47:ae:83:82:59:74:59:22:86:f7:4f:71:eb:7e:0c:
4f:b2:fa:32:9d:8f:42:ac:19:76:e8:31:d6:e6:e7:
c6:a1:a0:52:36:02:29:0d:a3:46:e7:0e:d9:41:f4:
82:1c:94:a3:89:b4:65:07:3f:7e:2c:cd:9e:41:e9:
91:0a:5a:be:36:ad:ed:9b:62:6b:e5:f9:57:4f:90:
11:ce:b8:6f:0d:9a:18:b2:bd:5f:83:ef:1c:0f:59:
3b:48:2b:d3:0a:d2:1e:74:b8:cb:01:10:95:81:0c:
d6:8c:fd:3d:bd:0f:42:02:bf:31:8c:d6:e7:e5:fd:
a3:dd:72:6a:82:64:b4:1d:09:e1:12:90:f0:6a:ea:
4c:09:e6:e8:3f:82:4a:98:1c:24:4c:b0:2f:ec:be:
d0:10:79:8d:ec:db:d4:d3:da:f9:62:8d:25:2a:66:
f0:e4:cb:78:ae:b7:09:15:6f:a8:d6:c9:cc:41:34:
00:f2:d2:f0:d5:a8:fe:a9:a8:c9:3d:b4:9f:d4:5d:
70:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:52:2E:AA:8D:FA:F6:D1:F8:28:AD:9F:51:6F:78:CA:42:94:D2:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E32919505C0411F090C3DDDBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.82.0/23
Signature Algorithm: sha256WithRSAEncryption
79:97:63:44:0e:87:1d:ab:b8:f1:67:af:af:34:11:3f:e2:8b:
b7:1f:d0:14:33:c6:8b:f4:e1:5b:47:1f:73:af:93:f2:96:0e:
34:28:ee:c9:01:80:4e:67:4a:68:21:5e:5b:32:5e:07:33:e4:
26:f2:31:ef:fb:d5:1a:b7:44:59:fc:2b:a1:8d:86:d9:01:0e:
53:12:1b:c1:cd:75:32:69:26:ef:aa:23:57:70:0d:64:d6:69:
7c:82:13:77:38:b5:43:8b:d6:fc:52:71:ad:b2:f8:8e:c2:e0:
de:81:02:90:e7:f7:f1:7a:b6:c7:5d:e7:0e:ae:2f:37:73:b7:
82:f7:48:d9:f4:30:22:60:aa:4d:4a:de:3e:8c:c5:9e:68:5f:
be:43:a8:18:72:2c:9d:b1:0b:4b:e2:2c:15:d0:2a:ff:d2:d1:
ce:31:43:07:0d:ba:28:de:bc:42:8a:5f:dd:b3:d5:e7:40:ce:
bd:39:8f:b6:ba:9e:55:c1:7f:cc:25:1f:ff:c5:a0:ae:29:bf:
03:23:09:6d:64:ca:e5:1b:49:e7:b0:11:09:2e:e3:ef:ff:ee:
14:8e:aa:51:da:02:98:6a:f3:c1:24:66:9a:6a:11:b1:84:0b:
53:c2:9c:88:fb:c3:88:22:5e:60:dd:6d:49:6d:4c:ba:36:37:
82:c1:d4:bb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWN0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA4MTQwNzI2WhcNMjYwMTA4MTQwNzI2WjAYMRYw
FAYDVQQDEw02ODZkMjYyMy01NmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3ldADtUyUy5fdXb6eolbsTsYyhasWvuXWDHpu0e/P9pWElqY6BoWD48a
XJu4NiMj+7LvbbRkRnysy4xHroOCWXRZIob3T3HrfgxPsvoynY9CrBl26DHW5ufG
oaBSNgIpDaNG5w7ZQfSCHJSjibRlBz9+LM2eQemRClq+Nq3tm2Jr5flXT5ARzrhv
DZoYsr1fg+8cD1k7SCvTCtIedLjLARCVgQzWjP09vQ9CAr8xjNbn5f2j3XJqgmS0
HQnhEpDwaupMCeboP4JKmBwkTLAv7L7QEHmN7NvU09r5Yo0lKmbw5Mt4rrcJFW+o
1snMQTQA8tLw1aj+qajJPbSf1F1wfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC5S
LqqN+vbR+Citn1FveMpClNJSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMzI5MTk1MDVDMDQxMUYwOTBDM0REREJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO5SMA0GCSqGSIb3DQEBCwUA
A4IBAQB5l2NEDocdq7jxZ6+vNBE/4ou3H9AUM8aL9OFbRx9zr5Pylg40KO7JAYBO
Z0poIV5bMl4HM+Qm8jHv+9Uat0RZ/CuhjYbZAQ5TEhvBzXUyaSbvqiNXcA1k1ml8
ghN3OLVDi9b8UnGtsviOwuDegQKQ5/fxerbHXecOri83c7eC90jZ9DAiYKpNSt4+
jMWeaF++Q6gYciydsQtL4iwV0Cr/0tHOMUMHDboo3rxCil/ds9XnQM69OY+2up5V
wX/MJR//xaCuKb8DIwltZMrlG0nnsBEJLuPv/+4UjqpR2gKYavPBJGaaahGxhAtT
wpyI+8OIIl5g3W1JbUy6NjeCwdS7
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:13 2025 by rpki-client