Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77ED90F824C311F0BD70A0F0DAE4EC9C.roa
File: 77ED90F824C311F0BD70A0F0DAE4EC9C.roa (raw, json)
Hash identifier: CrIAJQd1nYaGCyOxE4TGn2GFcEgMd/GFUewYhMRSW30=
Subject key identifier: 6D:8A:B7:18:C4:AF:27:6D:A4:3E:B2:84:11:8B:64:1D:AE:3E:09:CA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015003
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77ED90F824C311F0BD70A0F0DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 06:30:40 +0000
ROA not before: Tue 29 Apr 2025 06:30:36 +0000
ROA not after: Sun 21 Jun 2026 06:30:36 +0000
asID: 137263
IP address blocks: 156.236.16.0/24 maxlen: 24
156.245.2.0/24 maxlen: 24
156.250.2.0/24 maxlen: 24
156.253.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86019 (0x15003)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 06:30:36 2025 GMT
Not After : Jun 21 06:30:36 2026 GMT
Subject: CN=68107210-63e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:80:3c:ae:32:a3:97:be:f9:ab:66:24:02:
05:60:7d:3e:a8:00:43:db:69:77:c2:32:8d:5d:7d:
ef:7e:7b:ee:d7:e2:44:f4:91:e4:24:f1:16:72:88:
ae:8f:cf:a5:5e:16:83:2e:27:3d:b3:d6:de:9e:7c:
e7:71:9e:ec:2c:f6:47:21:3d:d9:da:e8:98:81:4e:
3e:34:1d:39:bb:e3:e0:dd:59:db:64:68:1b:83:ab:
93:cf:35:86:2d:5a:09:3a:ce:fe:56:05:87:ae:01:
7b:00:76:02:3d:57:5c:9a:7c:50:e8:3c:42:ee:85:
13:bb:a2:ed:9c:76:21:f8:0f:30:6d:da:47:d2:9a:
dd:31:d8:ef:f1:77:9a:70:81:bd:7d:aa:05:0d:f2:
5f:3b:b2:86:49:dc:34:d7:1a:e8:52:04:4e:96:39:
dd:fe:4e:91:ee:72:84:28:32:c4:52:ea:39:46:a8:
34:fc:c0:3e:6a:9f:dd:98:c7:df:bb:e8:03:80:32:
40:24:23:c6:c0:d8:42:c6:13:ac:5a:db:e4:24:f8:
f4:76:cd:fa:ca:e6:f8:32:a2:5b:bb:67:31:ac:ea:
4b:4c:42:41:db:3a:df:a1:da:b7:69:93:64:62:fd:
d3:7f:9e:d8:f4:6c:a3:c8:02:74:05:fd:79:0f:94:
68:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8A:B7:18:C4:AF:27:6D:A4:3E:B2:84:11:8B:64:1D:AE:3E:09:CA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77ED90F824C311F0BD70A0F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.16.0/24
156.245.2.0/24
156.250.2.0/24
156.253.4.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:73:06:ac:c6:68:80:d0:94:65:6d:0b:98:5c:cc:77:74:62:
ca:ba:7f:ad:aa:6e:c5:ab:13:9f:a0:5c:ec:63:0f:35:2a:fd:
a2:75:d8:42:95:0e:0f:51:60:21:4d:70:55:74:7f:88:fb:06:
df:3e:86:66:6a:fb:5d:ba:9e:cc:96:d5:97:36:16:91:a7:c8:
29:a3:50:d6:80:ac:5d:fe:25:b2:a8:02:ec:d2:d1:89:50:69:
3d:f5:a8:cb:e0:52:de:fc:48:12:6e:c1:9d:21:81:c5:ae:52:
44:83:e0:cd:12:ec:ca:91:f5:90:d6:60:2c:25:92:96:d8:b0:
29:e4:dd:65:3f:18:34:a4:2d:6f:80:7f:87:ad:79:4b:11:f8:
e1:d9:0e:77:87:f1:4e:bb:30:88:45:16:d0:3f:6b:fd:69:7d:
6d:61:89:ff:69:64:af:e0:ae:c8:d6:06:2f:df:0b:3f:7c:ea:
91:3a:7f:0d:a9:02:12:09:ed:af:95:63:a4:25:db:0c:c5:76:
58:40:9c:df:53:4f:26:cb:42:5a:da:bb:0d:e5:ed:58:82:3a:
38:c8:b3:b2:84:64:5e:cd:be:4f:7b:02:d4:5a:72:d7:5b:15:
0c:cb:45:b2:c7:bf:d7:c2:93:69:e0:61:28:b7:74:f9:49:dd:
cd:67:2e:8f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAVADMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDYzMDM2WhcNMjYwNjIxMDYzMDM2WjAYMRYw
FAYDVQQDEw02ODEwNzIxMC02M2UwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo16APK4yo5e++atmJAIFYH0+qABD22l3wjKNXX3vfnvu1+JE9JHkJPEW
coiuj8+lXhaDLic9s9bennzncZ7sLPZHIT3Z2uiYgU4+NB05u+Pg3VnbZGgbg6uT
zzWGLVoJOs7+VgWHrgF7AHYCPVdcmnxQ6DxC7oUTu6LtnHYh+A8wbdpH0prdMdjv
8XeacIG9faoFDfJfO7KGSdw01xroUgROljnd/k6R7nKEKDLEUuo5Rqg0/MA+ap/d
mMffu+gDgDJAJCPGwNhCxhOsWtvkJPj0ds36yub4MqJbu2cxrOpLTEJB2zrfodq3
aZNkYv3Tf57Y9GyjyAJ0Bf15D5RoBwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFG2K
txjErydtpD6yhBGLZB2uPgnKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83N0VEOTBGODI0QzMxMUYwQkQ3MEEwRjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnOwQAwQAnPUCAwQAnPoCAwQA
nP0EMA0GCSqGSIb3DQEBCwUAA4IBAQCfcwasxmiA0JRlbQuYXMx3dGLKun+tqm7F
qxOfoFzsYw81Kv2iddhClQ4PUWAhTXBVdH+I+wbfPoZmavtdup7MltWXNhaRp8gp
o1DWgKxd/iWyqALs0tGJUGk99ajL4FLe/EgSbsGdIYHFrlJEg+DNEuzKkfWQ1mAs
JZKW2LAp5N1lPxg0pC1vgH+HrXlLEfjh2Q53h/FOuzCIRRbQP2v9aX1tYYn/aWSv
4K7I1gYv3ws/fOqROn8NqQISCe2vlWOkJdsMxXZYQJzfU08my0Ja2rsN5e1Ygjo4
yLOyhGRezb5PewLUWnLXWxUMy0Wyx7/XwpNp4GEot3T5Sd3NZy6P
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:43:11 2025 by rpki-client