Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCA422543E3511F090E340D6DAE4EC9C.roa
File: FCA422543E3511F090E340D6DAE4EC9C.roa (raw, json)
Hash identifier: TZFl7RD49JKfHwiUW/PXTR96xPjdaU4dc3kzng5iP/I=
Subject key identifier: 5A:57:3B:68:84:9A:8F:0F:89:07:96:D9:56:22:FD:4F:25:E3:48:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015938
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCA422543E3511F090E340D6DAE4EC9C.roa
Signing time: Sat 31 May 2025 15:43:24 +0000
ROA not before: Sat 31 May 2025 15:43:19 +0000
ROA not after: Thu 10 Jul 2025 15:43:19 +0000
asID: 8796
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88376 (0x15938)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 31 15:43:19 2025 GMT
Not After : Jul 10 15:43:19 2025 GMT
Subject: CN=683b239c-f7c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:06:27:cb:63:6f:a8:9a:09:d0:c4:66:85:02:
fa:fb:81:b1:5b:de:9d:96:3a:14:c7:c1:68:e6:dc:
c1:a8:ef:e4:73:c6:39:96:dd:c4:9a:0e:32:4d:a7:
14:6c:55:2d:88:f1:0a:99:f5:00:b7:49:50:ef:b1:
2d:23:21:1d:13:ba:00:19:21:53:cc:5f:0e:2e:3f:
2c:20:04:eb:27:8c:0d:68:c9:65:9c:f5:3e:13:38:
9e:37:fd:64:d0:13:07:ff:32:2c:df:ce:76:79:ea:
87:8b:a7:20:a8:2c:89:b1:d8:b1:fb:e1:dd:0f:53:
93:2e:7a:5a:7c:e5:77:5c:f3:08:d4:2b:9b:cb:2c:
9b:c9:1b:7d:33:fa:7a:78:71:25:76:6f:33:0c:01:
6d:e6:eb:34:10:c0:79:3c:c9:f1:17:75:77:29:86:
50:8a:68:fd:7a:41:e5:17:ca:f3:b7:13:c8:48:be:
76:e4:91:4e:eb:90:4f:35:33:6a:6f:02:8e:5e:2d:
25:fe:6d:0b:ec:d6:0b:80:0d:40:5e:49:a6:b2:87:
7a:87:64:5d:87:29:6b:5c:1a:97:9a:cb:e2:7e:99:
59:48:f7:81:a6:bd:ab:1a:e3:e4:1d:40:c7:e8:be:
6c:cd:50:00:94:4e:7b:54:c3:c7:07:ee:85:c8:bc:
91:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:57:3B:68:84:9A:8F:0F:89:07:96:D9:56:22:FD:4F:25:E3:48:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FCA422543E3511F090E340D6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:6c:1d:e0:93:26:8a:8f:ff:78:4b:43:c9:dd:3d:ce:1e:84:
ba:a3:7e:c4:49:ae:01:35:90:84:62:96:f0:df:2d:67:2b:71:
8f:84:92:31:6c:39:9b:69:ed:b4:b5:46:96:ab:84:96:59:ee:
c9:cd:7d:c4:a5:97:fe:91:23:ee:9b:55:1e:f0:da:92:cb:66:
3d:7e:de:e0:55:00:3d:e0:0e:c3:85:ea:ba:c6:ec:8d:b0:e1:
b6:c1:19:a4:13:fe:10:77:ed:9b:fa:c8:71:0a:c7:63:b1:60:
d6:1d:c2:7b:d4:a4:b0:96:89:11:50:9c:47:d2:07:8c:1a:92:
7b:07:f3:d9:fd:c5:a5:a6:e1:d4:2e:72:01:d0:bc:5b:c7:ee:
1d:4b:a9:3a:58:c1:39:b4:a6:f0:3f:7a:28:09:b1:fe:9e:8b:
37:2e:9b:7e:69:dc:cf:6b:2c:18:96:2f:84:31:37:e4:00:58:
70:03:09:13:21:05:ca:9c:fa:1c:b6:d9:27:c4:43:d7:fb:6b:
6e:02:ea:eb:80:22:95:cc:ce:87:84:ac:f7:ab:fd:84:49:7a:
49:db:2c:17:91:b5:c1:28:e6:45:1b:53:9d:c1:41:4d:b6:00:
b4:98:44:c4:3e:4e:fa:b9:53:4a:b0:c6:d9:77:b5:4c:e7:93:
0f:66:c9:08
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVk4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTMxMTU0MzE5WhcNMjUwNzEwMTU0MzE5WjAYMRYw
FAYDVQQDEw02ODNiMjM5Yy1mN2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxgYny2NvqJoJ0MRmhQL6+4GxW96dljoUx8Fo5tzBqO/kc8Y5lt3Emg4y
TacUbFUtiPEKmfUAt0lQ77EtIyEdE7oAGSFTzF8OLj8sIATrJ4wNaMllnPU+Ezie
N/1k0BMH/zIs3852eeqHi6cgqCyJsdix++HdD1OTLnpafOV3XPMI1CubyyybyRt9
M/p6eHEldm8zDAFt5us0EMB5PMnxF3V3KYZQimj9ekHlF8rztxPISL525JFO65BP
NTNqbwKOXi0l/m0L7NYLgA1AXkmmsod6h2RdhylrXBqXmsvifplZSPeBpr2rGuPk
HUDH6L5szVAAlE57VMPHB+6FyLyReQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFpX
O2iEmo8PiQeW2VYi/U8l40gmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQ0E0MjI1NDNFMzUxMUYwOTBFMzQwRDZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQAObB3gkyaKj/94S0PJ3T3OHoS6o37ESa4BNZCEYpbw3y1nK3GPhJIxbDmb
ae20tUaWq4SWWe7JzX3EpZf+kSPum1Ue8NqSy2Y9ft7gVQA94A7Dheq6xuyNsOG2
wRmkE/4Qd+2b+shxCsdjsWDWHcJ71KSwlokRUJxH0geMGpJ7B/PZ/cWlpuHULnIB
0Lxbx+4dS6k6WME5tKbwP3ooCbH+nos3Lpt+adzPaywYli+EMTfkAFhwAwkTIQXK
nPocttknxEPX+2tuAurrgCKVzM6HhKz3q/2ESXpJ2ywXkbXBKOZFG1OdwUFNtgC0
mETEPk76uVNKsMbZd7VM55MPZskI
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:37:55 2025 by rpki-client