Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E435D856607D11F0BB213CD4DAE4EC9C.roa
File: E435D856607D11F0BB213CD4DAE4EC9C.roa (raw, json)
Hash identifier: I+0vEVfwAG8MgthXcFbtHhzcE/lJmk0qS+oPA2Z/il0=
Subject key identifier: ED:19:E1:46:16:EC:20:3D:A9:FC:C0:C4:22:5D:E4:C0:06:92:9A:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0164D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E435D856607D11F0BB213CD4DAE4EC9C.roa
Signing time: Mon 14 Jul 2025 06:43:47 +0000
ROA not before: Mon 14 Jul 2025 06:43:42 +0000
ROA not after: Wed 13 Aug 2025 06:43:42 +0000
asID: 57043
IP address blocks: 156.229.120.0/24 maxlen: 24
156.229.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91352 (0x164d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 14 06:43:42 2025 GMT
Not After : Aug 13 06:43:42 2025 GMT
Subject: CN=6874a723-03fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:d6:92:cb:e9:95:46:a0:e0:44:6a:be:7e:
d3:e3:36:b2:7e:e9:fc:85:9d:35:92:c0:d6:6f:ce:
ab:50:d1:7b:0a:36:c6:a1:98:bd:6c:b9:51:6f:c2:
0a:9d:ba:e1:4e:73:5d:4b:57:78:f5:50:69:72:fe:
f5:dd:ec:58:88:32:75:34:c6:a9:63:23:3c:92:fd:
70:b9:72:74:80:55:db:aa:22:15:dd:92:93:6c:52:
3e:e2:53:67:8f:1a:17:2f:20:78:b3:fd:49:27:da:
8b:58:63:d9:4d:69:77:1e:49:f1:f3:2c:fd:20:db:
dd:15:85:91:24:51:8e:cc:3c:6d:d3:ee:c9:97:ec:
1c:ea:c3:ff:03:d5:76:a6:f4:1a:9a:dc:64:ef:09:
69:49:9d:7e:db:79:44:59:ec:c0:7c:4b:cd:45:9e:
bc:89:6a:e4:43:ae:a3:ea:d4:4e:9c:82:89:68:12:
79:10:71:10:b0:76:83:92:ca:59:59:ba:d0:8f:67:
08:5e:a2:3e:f8:02:65:44:b4:89:b2:4c:04:60:5c:
f8:45:3a:64:09:63:d7:41:1d:62:88:f8:49:67:d0:
a0:96:74:35:a5:c3:ae:9a:97:f7:5e:e5:a6:ef:37:
6b:6a:de:6f:36:e7:72:75:29:9d:28:97:08:56:9a:
f1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:19:E1:46:16:EC:20:3D:A9:FC:C0:C4:22:5D:E4:C0:06:92:9A:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E435D856607D11F0BB213CD4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.120.0/23
Signature Algorithm: sha256WithRSAEncryption
45:dd:dc:0a:68:e1:52:89:f4:ef:2e:fe:a8:b7:10:3a:00:04:
59:3d:b4:07:84:d2:39:e3:ef:09:fd:ec:ad:7b:46:00:c9:34:
99:f8:cb:71:27:fb:a3:58:8a:60:1c:10:37:f2:e8:0a:08:0d:
a1:70:b3:e7:8c:b8:12:68:93:07:e6:bc:1f:23:15:9f:1c:bd:
ba:61:73:da:88:cf:04:9f:ec:10:3f:e5:90:94:59:59:ff:c8:
11:fe:62:83:e7:c8:6f:3a:27:a2:aa:e5:63:21:48:ae:32:72:
25:a0:8f:7b:38:54:9e:c2:d8:9f:ff:ff:8a:2c:4b:c5:ec:33:
3d:d4:b5:b2:7c:0f:b7:03:28:0a:1c:d8:18:40:1c:f8:6c:45:
05:f3:04:a3:27:a7:7d:55:3c:83:84:f9:cd:31:70:f9:be:87:
5f:f5:38:f1:59:32:aa:f2:83:d8:9e:b7:96:b7:29:39:e6:f7:
83:27:55:7c:0a:64:5b:bb:ef:13:7f:13:d6:b2:d6:1e:37:a1:
c1:46:e0:f1:87:69:47:b5:db:f7:15:f7:5e:22:0c:0e:5a:8c:
c9:49:29:db:01:6d:c7:d7:52:61:ad:b0:bf:8d:76:8d:53:5d:
21:cd:87:54:cf:19:9f:7a:a2:68:e9:cc:5a:44:44:a0:c6:23:
33:92:05:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWTYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE0MDY0MzQyWhcNMjUwODEzMDY0MzQyWjAYMRYw
FAYDVQQDEw02ODc0YTcyMy0wM2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsC7WksvplUag4ERqvn7T4zayfun8hZ01ksDWb86rUNF7CjbGoZi9bLlR
b8IKnbrhTnNdS1d49VBpcv713exYiDJ1NMapYyM8kv1wuXJ0gFXbqiIV3ZKTbFI+
4lNnjxoXLyB4s/1JJ9qLWGPZTWl3Hknx8yz9INvdFYWRJFGOzDxt0+7Jl+wc6sP/
A9V2pvQamtxk7wlpSZ1+23lEWezAfEvNRZ68iWrkQ66j6tROnIKJaBJ5EHEQsHaD
kspZWbrQj2cIXqI++AJlRLSJskwEYFz4RTpkCWPXQR1iiPhJZ9CglnQ1pcOumpf3
XuWm7zdrat5vNudydSmdKJcIVprxkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO0Z
4UYW7CA9qfzAxCJd5MAGkprIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FNDM1RDg1NjYwN0QxMUYwQkIyMTNDRDREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOV4MA0GCSqGSIb3DQEBCwUA
A4IBAQBF3dwKaOFSifTvLv6otxA6AARZPbQHhNI54+8J/eyte0YAyTSZ+MtxJ/uj
WIpgHBA38ugKCA2hcLPnjLgSaJMH5rwfIxWfHL26YXPaiM8En+wQP+WQlFlZ/8gR
/mKD58hvOieiquVjIUiuMnIloI97OFSewtif//+KLEvF7DM91LWyfA+3AygKHNgY
QBz4bEUF8wSjJ6d9VTyDhPnNMXD5vodf9TjxWTKq8oPYnreWtyk55veDJ1V8CmRb
u+8TfxPWstYeN6HBRuDxh2lHtdv3FfdeIgwOWozJSSnbAW3H11JhrbC/jXaNU10h
zYdUzxmfeqJo6cxaRESgxiMzkgU1
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:35:43 2025 by rpki-client