Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94AE10925AAF11F0820D9BA4DAE4EC9C.roa
File: 94AE10925AAF11F0820D9BA4DAE4EC9C.roa (raw, json)
Hash identifier: TelF6EWo0msSDujTiSLewM0xFfSbhsb+7lTTP6GHC5Y=
Subject key identifier: 36:0D:A5:13:C1:19:D7:A5:2C:DC:E4:D1:1F:72:50:8E:F1:71:23:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01628D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94AE10925AAF11F0820D9BA4DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 21:24:21 +0000
ROA not before: Sun 06 Jul 2025 21:24:16 +0000
ROA not after: Fri 17 Jul 2026 21:24:16 +0000
asID: 54600
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
156.245.64.0/18 maxlen: 24
156.252.96.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Jul 2025 23:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90765 (0x1628d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 21:24:16 2025 GMT
Not After : Jul 17 21:24:16 2026 GMT
Subject: CN=686ae985-b16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7a:ea:b6:34:64:11:fa:e3:92:20:dc:17:6e:
f6:44:36:03:22:11:63:5b:31:9c:8e:94:75:72:b2:
9c:1a:4e:b7:d6:87:c8:dd:a0:a9:1b:25:d1:e8:de:
01:c4:8f:9d:c1:79:27:97:c2:bb:f5:26:60:7d:a7:
1c:21:96:e9:4b:53:12:ec:29:65:76:fa:48:49:bc:
ce:74:64:8a:a1:ed:c0:40:ad:92:42:a8:43:cd:ff:
4b:64:98:3d:ce:23:91:dd:1c:bf:90:f3:71:95:1b:
b6:6a:4d:47:c5:9c:86:9c:95:e8:b0:95:86:d0:9c:
54:30:be:63:b0:79:dc:3c:f5:10:74:aa:5a:14:5f:
e7:88:3e:de:2d:a2:f0:80:a4:11:0c:93:af:b2:6a:
ac:77:c1:e4:64:0b:f7:f3:d5:73:0c:dd:0b:da:a2:
8e:b5:b7:06:83:af:10:dc:11:62:34:a4:7e:b1:c7:
01:43:c5:10:e8:45:11:a7:34:6b:53:d7:96:33:cb:
58:a7:43:a6:1e:5b:a7:a9:5d:35:90:14:26:e9:cb:
de:92:74:ae:7f:6b:4e:4c:52:1f:6f:39:1d:7d:47:
a7:aa:78:af:c4:10:db:6c:e7:99:f6:09:e7:74:01:
11:ac:0e:e6:8e:b9:7a:c6:cd:1e:77:4f:8b:f5:73:
2f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:0D:A5:13:C1:19:D7:A5:2C:DC:E4:D1:1F:72:50:8E:F1:71:23:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/94AE10925AAF11F0820D9BA4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.229.176.0-156.229.223.255
156.239.24.0-156.239.53.255
156.245.64.0/18
156.252.96.0/19
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
3e:f3:6f:24:22:04:32:b3:9b:a0:e1:dd:b1:f7:1b:3f:c2:e8:
cb:89:1b:fd:7c:18:20:d5:5e:28:14:fd:82:6c:c9:d2:04:3e:
fa:f7:dd:c1:06:42:55:2c:01:a8:6b:52:bb:27:f5:30:15:aa:
9b:8f:ad:6f:36:44:44:f1:06:96:7a:d5:50:13:7e:b6:18:8d:
27:7c:80:ef:7f:3e:6a:43:74:32:65:22:35:df:ed:72:cf:2c:
89:e8:90:35:93:8e:54:f2:7e:55:4d:70:4d:53:38:8a:47:ad:
19:c5:a7:b9:d1:d9:94:89:86:7b:81:67:a0:9b:b0:3f:08:65:
1f:39:98:c5:ae:9b:fa:bf:e0:20:cc:f4:bc:d1:e9:cd:23:b0:
61:4e:4f:c6:9b:42:ad:78:1a:45:27:51:ec:0a:8d:9f:28:06:
6c:4e:e0:02:37:73:06:fe:16:08:46:a0:38:ac:97:a0:e2:52:
c9:4f:e4:1d:1b:c3:2b:ec:fe:81:35:88:68:ff:75:84:f2:fc:
4a:d3:b5:e8:26:8d:97:41:5f:96:8d:9f:dc:f4:8f:47:83:3c:
fe:c0:b3:f0:10:78:0d:69:12:a8:21:3f:c8:1b:73:ba:0e:ed:
20:84:6c:ef:39:a3:bb:c9:d6:e7:4f:c9:e1:f0:e3:29:61:85:
55:77:12:8b
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIDAWKNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MjEyNDE2WhcNMjYwNzE3MjEyNDE2WjAYMRYw
FAYDVQQDEw02ODZhZTk4NS1iMTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwXrqtjRkEfrjkiDcF272RDYDIhFjWzGcjpR1crKcGk631ofI3aCpGyXR
6N4BxI+dwXknl8K79SZgfaccIZbpS1MS7ClldvpISbzOdGSKoe3AQK2SQqhDzf9L
ZJg9ziOR3Ry/kPNxlRu2ak1HxZyGnJXosJWG0JxUML5jsHncPPUQdKpaFF/niD7e
LaLwgKQRDJOvsmqsd8HkZAv389VzDN0L2qKOtbcGg68Q3BFiNKR+sccBQ8UQ6EUR
pzRrU9eWM8tYp0OmHlunqV01kBQm6cveknSuf2tOTFIfbzkdfUenqnivxBDbbOeZ
9gnndAERrA7mjrl6xs0ed0+L9XMvJQIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFDYN
pRPBGdelLNzk0R9yUI7xcSPZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NEFFMTA5MjVBQUYxMUYwODIwRDlCQTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQFnOOgMAwDBASc5bADBAWc5cAw
DAMEA5zvGAMEAZzvNAMEBpz1QAMEBZz8YDAMAwQEnPyQAwQEnPygMA0GCSqGSIb3
DQEBCwUAA4IBAQA+828kIgQys5ug4d2x9xs/wujLiRv9fBgg1V4oFP2CbMnSBD76
993BBkJVLAGoa1K7J/UwFaqbj61vNkRE8QaWetVQE362GI0nfIDvfz5qQ3QyZSI1
3+1yzyyJ6JA1k45U8n5VTXBNUziKR60Zxae50dmUiYZ7gWegm7A/CGUfOZjFrpv6
v+AgzPS80enNI7BhTk/Gm0KteBpFJ1HsCo2fKAZsTuACN3MG/hYIRqA4rJeg4lLJ
T+QdG8Mr7P6BNYho/3WE8vxK07XoJo2XQV+WjZ/c9I9Hgzz+wLPwEHgNaRKoIT/I
G3O6Du0ghGzvOaO7ydbnT8nh8OMpYYVVdxKL
-----END CERTIFICATE-----
Generated at Mon Jul 7 02:05:11 2025 by rpki-client