Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77F704FA316411F080E958EFDAE4EC9C.roa
File: 77F704FA316411F080E958EFDAE4EC9C.roa (raw, json)
Hash identifier: wpjBGQXlNbWz5ValprjV22MKfD6ovNRWnepB1xm9A5s=
Subject key identifier: BB:E2:97:32:6C:68:57:5E:62:32:6D:45:2C:C8:BE:8E:31:CA:B9:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015491
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77F704FA316411F080E958EFDAE4EC9C.roa
Signing time: Thu 15 May 2025 08:13:23 +0000
ROA not before: Thu 15 May 2025 08:13:18 +0000
ROA not after: Tue 24 Jun 2025 08:13:18 +0000
asID: 18013
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87185 (0x15491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 15 08:13:18 2025 GMT
Not After : Jun 24 08:13:18 2025 GMT
Subject: CN=6825a223-676f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f6:16:ed:3f:ec:4d:12:09:3b:ca:23:60:8f:
10:a6:93:5b:06:a4:8d:fb:a2:c8:52:8f:87:d6:79:
92:5a:de:0b:89:d7:0d:c1:23:5c:e2:51:54:31:76:
55:aa:35:c1:34:90:b0:20:54:ad:55:0a:08:58:39:
97:84:79:be:36:b9:97:ca:25:b3:53:c2:ec:62:1b:
50:7f:27:f3:0c:e5:fd:32:dc:18:c5:b5:f2:30:ce:
86:d7:2f:67:d0:8d:61:12:9d:d8:69:0c:3b:9b:be:
0d:b1:6b:13:ef:e5:36:d7:5b:68:3a:f8:c4:73:9d:
79:a9:15:d5:95:96:9f:dc:99:b1:f2:0d:b1:c8:dd:
d2:08:9a:08:13:c6:70:f3:2d:27:b0:fc:d2:bd:0a:
21:ea:bf:7a:65:ff:e0:7c:c1:58:7c:23:5e:13:70:
9f:4b:ae:57:f3:6a:4b:20:c8:98:91:53:74:ef:1b:
52:78:58:1c:a0:d8:81:d3:88:6e:27:19:78:a1:ab:
9c:d6:ef:90:c7:2e:aa:68:e1:65:b7:11:7d:a5:31:
a3:8d:9c:e0:30:8e:29:9b:f1:b1:10:64:7f:61:f4:
3f:72:b5:22:e5:c3:51:52:8c:a2:60:1a:37:d5:b1:
bb:3c:6d:c6:64:ec:ce:5c:be:5b:8f:b4:2c:83:5d:
a8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E2:97:32:6C:68:57:5E:62:32:6D:45:2C:C8:BE:8E:31:CA:B9:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/77F704FA316411F080E958EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
2c:2f:d3:68:d4:30:5b:e4:1f:14:78:93:f8:a3:06:68:b3:eb:
bf:57:e0:c6:3f:49:6d:9c:cd:61:68:52:d8:b5:a6:6e:40:91:
76:d1:de:dd:02:7c:96:2f:e8:4f:59:2e:32:f0:e5:58:8e:6e:
22:e8:5a:5b:ac:56:c2:d8:e0:1c:b3:ed:4a:1b:83:44:01:b5:
49:c7:b0:ea:0f:c2:b0:c1:ae:2f:a3:aa:bb:95:be:eb:2b:3e:
8d:19:f4:d0:8e:75:4a:50:5e:3f:8b:54:8e:da:11:db:61:4e:
07:e9:ed:e3:79:5d:7b:5f:f2:0f:70:f8:0f:26:ab:90:cf:5c:
e3:12:ed:65:c4:95:85:61:02:23:86:a5:54:4e:19:cb:b1:f0:
07:8e:c5:4e:1d:b1:60:f6:5b:75:4f:a4:e5:a2:38:7f:c1:aa:
1e:0e:db:c1:31:55:7c:2c:2a:ea:63:cd:f0:28:19:fa:d4:79:
74:04:eb:18:b7:31:cc:9f:be:fb:c0:85:f9:3a:ce:db:16:d2:
4d:1e:15:7b:ff:99:9e:bf:57:bb:90:4d:56:c4:6e:d2:82:fe:
50:78:03:ee:3d:c1:23:37:0a:45:4a:66:39:2d:8e:b0:28:48:
a3:61:54:35:08:73:82:1e:b8:0e:c8:d1:d4:cc:32:64:80:53:
0d:5a:d1:c6
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVSRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE1MDgxMzE4WhcNMjUwNjI0MDgxMzE4WjAYMRYw
FAYDVQQDEw02ODI1YTIyMy02NzZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8/YW7T/sTRIJO8ojYI8QppNbBqSN+6LIUo+H1nmSWt4LidcNwSNc4lFU
MXZVqjXBNJCwIFStVQoIWDmXhHm+NrmXyiWzU8LsYhtQfyfzDOX9MtwYxbXyMM6G
1y9n0I1hEp3YaQw7m74NsWsT7+U211toOvjEc515qRXVlZaf3Jmx8g2xyN3SCJoI
E8Zw8y0nsPzSvQoh6r96Zf/gfMFYfCNeE3CfS65X82pLIMiYkVN07xtSeFgcoNiB
04huJxl4oauc1u+Qxy6qaOFltxF9pTGjjZzgMI4pm/GxEGR/YfQ/crUi5cNRUoyi
YBo31bG7PG3GZOzOXL5bj7Qsg12oPwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLvi
lzJsaFdeYjJtRSzIvo4xyrm6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83N0Y3MDRGQTMxNjQxMUYwODBFOTU4RUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBACwv02jUMFvkHxR4k/ijBmiz679X4MY/SW2czWFoUti1pm5A
kXbR3t0CfJYv6E9ZLjLw5ViObiLoWlusVsLY4Byz7Uobg0QBtUnHsOoPwrDBri+j
qruVvusrPo0Z9NCOdUpQXj+LVI7aEdthTgfp7eN5XXtf8g9w+A8mq5DPXOMS7WXE
lYVhAiOGpVROGcux8AeOxU4dsWD2W3VPpOWiOH/Bqh4O28ExVXwsKupjzfAoGfrU
eXQE6xi3McyfvvvAhfk6ztsW0k0eFXv/mZ6/V7uQTVbEbtKC/lB4A+49wSM3CkVK
ZjktjrAoSKNhVDUIc4IeuA7I0dTMMmSAUw1a0cY=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:35:39 2025 by rpki-client