Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C35439AA59A411F085526FE4DAE4EC9C.roa
File: C35439AA59A411F085526FE4DAE4EC9C.roa (raw, json)
Hash identifier: 5BdEyHBJ27OvA48ipJ5Z3WUDytIZWxnQBqXwfE0zW6Y=
Subject key identifier: 04:BA:5D:8A:87:36:75:87:3B:6C:D1:52:20:04:F0:84:93:EE:DB:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0161B5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C35439AA59A411F085526FE4DAE4EC9C.roa
Signing time: Sat 05 Jul 2025 13:34:24 +0000
ROA not before: Sat 05 Jul 2025 13:34:19 +0000
ROA not after: Sun 24 Aug 2025 13:34:19 +0000
asID: 395886
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Jul 2025 21:14:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90549 (0x161b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 5 13:34:19 2025 GMT
Not After : Aug 24 13:34:19 2025 GMT
Subject: CN=686929e0-9a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:27:ce:c7:50:7a:3c:e5:33:69:3e:21:a4:58:
ee:87:01:5b:8d:ce:c0:36:56:27:29:82:1c:81:68:
ff:8a:5e:72:6e:06:44:60:e4:91:e9:71:98:02:6c:
19:96:76:59:99:15:ab:dd:22:02:60:e6:3a:db:3c:
22:81:50:a7:5c:6a:b6:51:33:5b:f4:46:25:18:85:
04:35:67:89:fa:a6:a4:94:d6:f5:22:94:97:44:fa:
71:4f:1d:7d:40:37:41:e2:85:b4:d7:5a:39:ad:d8:
63:f7:35:6b:65:3a:80:8d:52:d0:e3:ea:4f:f3:e3:
dd:81:0a:74:a4:09:49:69:60:c5:fa:c1:96:7a:10:
39:45:36:bf:75:07:5a:22:ef:2c:f5:66:2a:0b:3b:
7e:1b:69:01:bc:5e:11:0d:bc:26:6f:b0:e2:97:ca:
f5:8e:b1:35:2e:22:d9:5b:ae:f4:59:1a:9f:fd:c5:
fd:67:6a:d8:73:2b:36:d0:79:de:b2:81:d3:07:69:
db:76:d8:e6:46:d5:e3:f5:8d:9c:ec:47:78:36:ab:
68:0f:56:2b:e0:cd:bf:c5:c9:44:e2:0a:60:0c:be:
c3:3f:4f:b5:6d:1a:a6:8e:f6:6d:45:dc:db:24:e0:
e9:3d:ce:00:27:8c:f8:b2:67:d7:d6:17:e9:23:32:
0d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BA:5D:8A:87:36:75:87:3B:6C:D1:52:20:04:F0:84:93:EE:DB:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C35439AA59A411F085526FE4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
26:47:0b:20:e7:c3:0d:51:37:35:8f:50:91:fa:b4:cd:7d:e5:
70:d7:5f:68:7d:a9:8d:58:7e:36:ea:05:3a:f2:67:0e:e1:17:
7e:9c:c4:69:3f:c3:ff:e4:b1:dc:eb:7c:36:68:b7:d3:5d:a7:
a8:06:fd:51:90:3f:e8:53:bb:da:67:97:3e:cc:09:b4:f4:0e:
42:dd:c4:33:0e:d7:32:69:10:cc:3a:56:32:76:72:eb:93:f9:
fd:33:1c:fe:cb:6f:c6:a8:ce:80:4b:83:4f:22:b7:88:3d:8c:
bf:54:8e:1d:87:ed:53:a3:eb:d0:75:05:07:a6:9d:94:f0:41:
2c:6e:06:2d:2a:73:14:2a:d9:43:94:ee:4e:c1:97:d9:80:54:
4e:da:f8:33:87:5b:24:dd:6e:6e:ad:cb:35:02:32:f9:47:6d:
20:87:d8:98:09:f6:05:bf:c3:49:80:5f:fa:15:92:ec:21:57:
3f:3c:4a:39:ee:4d:a2:65:06:5c:08:af:62:8c:8b:55:3b:05:
62:8f:81:9e:d4:a1:09:1b:00:2a:61:54:5b:1c:87:8c:8c:36:
32:ce:81:cf:32:3c:9a:e8:7b:a4:a7:00:67:37:25:2d:36:05:
10:c4:49:ca:e9:d9:21:6d:b8:04:69:ed:ef:a3:84:2c:2b:06:
83:d5:d7:66
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWG1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA1MTMzNDE5WhcNMjUwODI0MTMzNDE5WjAYMRYw
FAYDVQQDEw02ODY5MjllMC05YTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvifOx1B6POUzaT4hpFjuhwFbjc7ANlYnKYIcgWj/il5ybgZEYOSR6XGY
AmwZlnZZmRWr3SICYOY62zwigVCnXGq2UTNb9EYlGIUENWeJ+qaklNb1IpSXRPpx
Tx19QDdB4oW011o5rdhj9zVrZTqAjVLQ4+pP8+PdgQp0pAlJaWDF+sGWehA5RTa/
dQdaIu8s9WYqCzt+G2kBvF4RDbwmb7Dil8r1jrE1LiLZW670WRqf/cX9Z2rYcys2
0HnesoHTB2nbdtjmRtXj9Y2c7Ed4NqtoD1Yr4M2/xclE4gpgDL7DP0+1bRqmjvZt
RdzbJODpPc4AJ4z4smfX1hfpIzINlQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFAS6
XYqHNnWHO2zRUiAE8IST7tu1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMzU0MzlBQTU5QTQxMUYwODU1MjZGRTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBACZHCyDnww1RNzWPUJH6tM195XDXX2h9qY1YfjbqBTryZw7h
F36cxGk/w//ksdzrfDZot9Ndp6gG/VGQP+hTu9pnlz7MCbT0DkLdxDMO1zJpEMw6
VjJ2cuuT+f0zHP7Lb8aozoBLg08it4g9jL9Ujh2H7VOj69B1BQemnZTwQSxuBi0q
cxQq2UOU7k7Bl9mAVE7a+DOHWyTdbm6tyzUCMvlHbSCH2JgJ9gW/w0mAX/oVkuwh
Vz88SjnuTaJlBlwIr2KMi1U7BWKPgZ7UoQkbACphVFsch4yMNjLOgc8yPJroe6Sn
AGc3JS02BRDEScrp2SFtuARp7e+jhCwrBoPV12Y=
-----END CERTIFICATE-----
Generated at Sun Jul 6 02:38:52 2025 by rpki-client