Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/752A2CB858F411F083C5D9E4DAE4EC9C.roa
File: 752A2CB858F411F083C5D9E4DAE4EC9C.roa (raw, json)
Hash identifier: FWbUbC6FLwkQ0jF2zEpx8U2sDPtEXVbjFuLBAk/S3q0=
Subject key identifier: FF:E3:74:AD:C3:49:5D:6F:BC:95:2B:07:A4:3F:C8:25:C6:CB:45:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016128
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/752A2CB858F411F083C5D9E4DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 16:32:21 +0000
ROA not before: Fri 04 Jul 2025 16:32:16 +0000
ROA not after: Fri 17 Jul 2026 16:32:16 +0000
asID: 54600
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
156.245.64.0/18 maxlen: 24
156.252.96.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90408 (0x16128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 16:32:16 2025 GMT
Not After : Jul 17 16:32:16 2026 GMT
Subject: CN=68680215-dc5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fe:7b:e3:61:c2:8c:04:85:33:e4:a9:bc:4c:
2b:8b:86:bd:e5:40:51:23:64:2a:f2:1a:21:74:44:
46:eb:4c:fd:26:50:fa:47:73:97:eb:02:2b:14:16:
5d:b1:6b:46:65:3e:16:aa:36:02:20:b8:b6:08:d7:
b0:e1:95:3d:a6:14:b2:99:f6:35:e9:01:e7:0a:c9:
11:4f:89:4a:8f:bf:03:2d:de:9c:18:9f:49:dd:eb:
b4:ee:90:9f:78:ca:22:7f:66:b7:6b:c8:99:dd:ef:
d2:31:85:2a:d1:db:82:52:e0:d4:04:85:a3:cd:58:
1f:03:97:76:33:96:86:1c:78:ad:34:d6:81:d5:e5:
03:7d:29:c9:f4:48:f8:10:3d:50:20:67:97:22:a3:
e7:e1:11:25:6b:59:50:07:c7:ff:2c:81:5b:a7:0c:
10:7a:3a:c4:a7:80:de:a6:b1:19:15:2c:2f:de:9b:
9c:03:cf:0e:8d:d7:0a:f8:64:66:61:35:ed:94:57:
c9:b3:c8:48:99:1a:0b:23:0e:fd:1a:2d:d0:5b:37:
fc:d9:b2:7c:e3:6e:7d:3a:37:1d:c6:57:00:bf:56:
94:a3:a1:68:a6:0a:cb:16:49:84:1f:2f:6b:f7:b8:
84:0d:92:b0:58:82:e2:d5:54:b9:a8:30:d4:1e:06:
54:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E3:74:AD:C3:49:5D:6F:BC:95:2B:07:A4:3F:C8:25:C6:CB:45:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/752A2CB858F411F083C5D9E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.229.176.0-156.229.223.255
156.239.24.0-156.239.53.255
156.245.64.0/18
156.252.96.0/19
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
8e:c0:0d:1d:8b:af:4a:b3:70:47:6b:5f:c2:c1:d1:46:cc:12:
f8:19:56:06:05:19:90:45:e6:b1:9c:6f:6f:51:3a:2a:3c:51:
40:6c:4d:44:3e:4a:48:d7:9d:92:8e:b2:a5:e4:e9:ba:07:fe:
c7:dc:af:76:aa:c0:d0:b3:70:98:7c:fe:c6:7b:18:01:ef:5f:
a8:44:58:d3:9a:23:99:fd:71:9e:f3:bd:8f:4e:3d:e5:48:73:
c1:77:d7:2f:f9:12:d8:fd:ee:54:58:2f:c4:3c:b0:95:49:c3:
44:ef:24:fc:e1:85:aa:89:8a:1d:1e:3f:12:8a:8f:35:b2:ca:
21:50:c8:e6:4d:a7:4b:74:f5:7d:ab:a6:8e:01:76:a7:d5:43:
8a:6d:54:c2:5b:ed:2c:c2:2c:0b:b7:e8:54:00:ea:c1:74:5f:
f5:3e:83:11:d4:b7:20:20:ec:4c:90:94:01:e2:f2:59:1f:58:
2d:ee:1f:5b:3d:58:92:92:53:03:6c:ed:6a:5f:4c:fa:fd:ec:
be:47:68:20:83:c8:2c:7d:13:16:c9:c0:da:46:26:4e:ec:b3:
4f:5c:a9:a2:b3:98:5b:3c:05:88:cc:55:59:a3:95:46:01:e2:
54:01:64:e7:17:e6:c8:24:29:68:14:0e:8d:8f:c4:f6:37:04:
26:ad:e1:9b
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIDAWEoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MTYzMjE2WhcNMjYwNzE3MTYzMjE2WjAYMRYw
FAYDVQQDEw02ODY4MDIxNS1kYzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/5742HCjASFM+SpvEwri4a95UBRI2Qq8hohdERG60z9JlD6R3OX6wIr
FBZdsWtGZT4WqjYCILi2CNew4ZU9phSymfY16QHnCskRT4lKj78DLd6cGJ9J3eu0
7pCfeMoif2a3a8iZ3e/SMYUq0duCUuDUBIWjzVgfA5d2M5aGHHitNNaB1eUDfSnJ
9Ej4ED1QIGeXIqPn4REla1lQB8f/LIFbpwwQejrEp4DeprEZFSwv3pucA88OjdcK
+GRmYTXtlFfJs8hImRoLIw79Gi3QWzf82bJ84259OjcdxlcAv1aUo6FopgrLFkmE
Hy9r97iEDZKwWILi1VS5qDDUHgZUbwIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFP/j
dK3DSV1vvJUrB6Q/yCXGy0WxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NTJBMkNCODU4RjQxMUYwODNDNUQ5RTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQFnOOgMAwDBASc5bADBAWc5cAw
DAMEA5zvGAMEAZzvNAMEBpz1QAMEBZz8YDAMAwQEnPyQAwQEnPygMA0GCSqGSIb3
DQEBCwUAA4IBAQCOwA0di69Ks3BHa1/CwdFGzBL4GVYGBRmQReaxnG9vUToqPFFA
bE1EPkpI152SjrKl5Om6B/7H3K92qsDQs3CYfP7GexgB71+oRFjTmiOZ/XGe872P
Tj3lSHPBd9cv+RLY/e5UWC/EPLCVScNE7yT84YWqiYodHj8Sio81ssohUMjmTadL
dPV9q6aOAXan1UOKbVTCW+0swiwLt+hUAOrBdF/1PoMR1LcgIOxMkJQB4vJZH1gt
7h9bPViSklMDbO1qX0z6/ey+R2ggg8gsfRMWycDaRiZO7LNPXKmis5hbPAWIzFVZ
o5VGAeJUAWTnF+bIJCloFA6Nj8T2NwQmreGb
-----END CERTIFICATE-----
Generated at Mon Jul 7 01:49:21 2025 by rpki-client