Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/76681E163D6311F09FB18580DAE4EC9C.roa
File: 76681E163D6311F09FB18580DAE4EC9C.roa (raw, json)
Hash identifier: QIQyPNytNGEPLVeK3rft3Ikxp/jJvjycF9rmR9uYJ5M=
Subject key identifier: EE:F4:AE:94:C9:6F:B5:48:D1:A3:07:82:9A:4D:FD:BF:EC:74:20:D2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158ED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/76681E163D6311F09FB18580DAE4EC9C.roa
Signing time: Fri 30 May 2025 14:36:25 +0000
ROA not before: Fri 30 May 2025 14:36:20 +0000
ROA not after: Mon 09 Jun 2025 14:36:20 +0000
asID: 40065
IP address blocks: 156.224.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88301 (0x158ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 30 14:36:20 2025 GMT
Not After : Jun 9 14:36:20 2025 GMT
Subject: CN=6839c269-90af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a2:eb:08:07:e6:e3:3a:37:ed:59:52:b9:f5:
26:c6:33:c4:ec:18:0d:0a:84:90:dd:26:ec:ad:16:
6d:3d:1c:1d:d0:13:5b:63:7c:20:6a:ee:9a:71:81:
72:2e:eb:bf:7f:b4:c5:ff:63:8f:0d:bf:42:0b:c5:
0d:d7:40:1c:31:9c:1e:fd:9f:cc:98:0e:af:08:26:
33:ca:88:82:e6:56:da:b4:39:90:fa:07:cd:33:51:
65:59:11:14:87:e6:91:0e:af:78:05:f8:0b:5e:be:
f3:ab:8c:34:cd:81:22:e4:13:47:0e:b0:8e:1e:6c:
48:93:a6:cc:71:5e:43:3c:38:cb:42:62:38:12:f9:
f5:aa:60:23:2d:50:0c:b1:d7:74:03:0d:5d:a7:2f:
73:09:d8:e3:0e:ab:61:75:98:00:82:24:05:56:f2:
fe:bf:d8:ea:83:33:7a:0f:13:ec:35:f6:20:37:07:
fd:29:76:75:23:96:1e:bd:3d:0a:8f:4a:ad:99:a0:
54:69:d4:55:df:64:ad:a8:78:9d:15:db:0c:9b:fa:
27:22:4f:4f:cc:98:c3:ee:75:4e:bd:9b:a9:c9:73:
85:70:77:29:0e:70:f0:bd:7a:16:57:fd:38:65:e5:
08:31:69:ee:b5:a0:89:a0:c2:85:ca:ee:fa:19:4d:
0e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:F4:AE:94:C9:6F:B5:48:D1:A3:07:82:9A:4D:FD:BF:EC:74:20:D2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/76681E163D6311F09FB18580DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:d0:f9:4f:0b:17:f1:6d:fe:bc:57:38:ec:7a:47:7f:26:b0:
32:01:bb:58:fb:96:f0:38:ca:b4:10:51:36:25:5b:75:cc:21:
05:47:27:92:ef:ea:c9:d4:a2:4f:d9:91:3a:09:32:8c:cf:42:
c2:50:3f:a3:48:27:e9:63:cc:c5:da:3f:56:d3:6e:f0:77:b2:
02:dc:94:5b:66:d2:40:89:59:fe:e1:48:c0:32:d7:81:55:02:
1d:db:4f:d7:4c:d0:76:2f:bd:9d:33:90:ab:ab:d4:5a:3b:4b:
5c:42:12:e1:a5:a5:47:3a:6f:02:ab:6a:68:84:e9:ed:b8:2e:
93:86:29:f1:3b:a3:e0:9e:bc:7b:56:04:65:93:b5:ec:27:70:
6e:aa:c3:84:47:53:07:bb:c7:c2:3b:91:de:13:c4:bd:0b:16:
52:8c:56:10:10:f7:93:5f:f1:4c:e0:88:76:5c:5f:3f:4e:8c:
94:ae:8c:d0:cd:85:58:ad:d7:2c:33:f5:a1:31:7d:da:22:cd:
dd:1b:a2:c4:e0:02:83:1c:b9:b6:58:b2:16:ce:f7:22:bd:40:
77:86:d8:cf:88:d0:41:87:24:aa:18:90:99:0e:3a:af:7b:f0:
15:81:cc:67:eb:8f:b5:0f:7b:f8:6e:e4:a1:e9:0a:6e:8c:34:
d7:4f:ba:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVjtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMwMTQzNjIwWhcNMjUwNjA5MTQzNjIwWjAYMRYw
FAYDVQQDEw02ODM5YzI2OS05MGFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw6LrCAfm4zo37VlSufUmxjPE7BgNCoSQ3SbsrRZtPRwd0BNbY3wgau6a
cYFyLuu/f7TF/2OPDb9CC8UN10AcMZwe/Z/MmA6vCCYzyoiC5lbatDmQ+gfNM1Fl
WREUh+aRDq94BfgLXr7zq4w0zYEi5BNHDrCOHmxIk6bMcV5DPDjLQmI4Evn1qmAj
LVAMsdd0Aw1dpy9zCdjjDqthdZgAgiQFVvL+v9jqgzN6DxPsNfYgNwf9KXZ1I5Ye
vT0Kj0qtmaBUadRV32StqHidFdsMm/onIk9PzJjD7nVOvZupyXOFcHcpDnDwvXoW
V/04ZeUIMWnutaCJoMKFyu76GU0OtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO70
rpTJb7VI0aMHgppN/b/sdCDSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NjY4MUUxNjNENjMxMUYwOUZCMTg1ODBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOAQMA0GCSqGSIb3DQEBCwUA
A4IBAQCp0PlPCxfxbf68Vzjsekd/JrAyAbtY+5bwOMq0EFE2JVt1zCEFRyeS7+rJ
1KJP2ZE6CTKMz0LCUD+jSCfpY8zF2j9W027wd7IC3JRbZtJAiVn+4UjAMteBVQId
20/XTNB2L72dM5Crq9RaO0tcQhLhpaVHOm8Cq2pohOntuC6ThinxO6Pgnrx7VgRl
k7XsJ3BuqsOER1MHu8fCO5HeE8S9CxZSjFYQEPeTX/FM4Ih2XF8/ToyUrozQzYVY
rdcsM/WhMX3aIs3dG6LE4AKDHLm2WLIWzvcivUB3htjPiNBBhySqGJCZDjqve/AV
gcxn64+1D3v4buSh6QpujDTXT7ps
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:51:06 2025 by rpki-client