Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/C838A4D646CD11F0B8C628B5DAE4EC9C.roa
File: C838A4D646CD11F0B8C628B5DAE4EC9C.roa (raw, json)
Hash identifier: RTdZvWYUXJmf/Li5OHmQzr8WCYMhMf0ZpwZGPZXQQ+o=
Subject key identifier: 76:C0:BE:74:D0:B3:DE:0D:91:74:A4:07:7C:A5:5D:13:1E:2F:7E:BD
Certificate issuer: /CN=F364379DAR/serialNumber=FAC0EA242A80AB5B5969BFA61DD5D994B2156EB5
Certificate serial: 035A
Authority key identifier: FA:C0:EA:24:2A:80:AB:5B:59:69:BF:A6:1D:D5:D9:94:B2:15:6E:B5
Authority info access: rsync://rpki.afrinic.net/repository/arin/-sDqJCqAq1tZab-mHdXZlLIVbrU.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/C838A4D646CD11F0B8C628B5DAE4EC9C.roa
Signing time: Wed 11 Jun 2025 14:10:09 +0000
ROA not before: Wed 11 Jun 2025 14:09:46 +0000
ROA not after: Sun 11 Nov 2035 14:09:46 +0000
asID: 37014
IP address blocks: 156.38.4.0/22 maxlen: 22
156.38.4.0/24 maxlen: 24
156.38.5.0/24 maxlen: 24
156.38.6.0/24 maxlen: 24
156.38.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/-sDqJCqAq1tZab-mHdXZlLIVbrU.crl
rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/-sDqJCqAq1tZab-mHdXZlLIVbrU.mft
rsync://rpki.afrinic.net/repository/arin/-sDqJCqAq1tZab-mHdXZlLIVbrU.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858 (0x35a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F364379DAR, serialNumber=FAC0EA242A80AB5B5969BFA61DD5D994B2156EB5
Validity
Not Before: Jun 11 14:09:46 2025 GMT
Not After : Nov 11 14:09:46 2035 GMT
Subject: CN=68498e41-e312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:63:54:2f:bb:fc:fe:11:58:a9:d7:ae:03:2c:
64:09:b9:3c:aa:f7:0b:f1:39:56:e1:f4:8e:9a:f6:
e4:d8:db:43:7e:22:10:c2:45:10:28:c2:01:bc:4b:
b6:89:48:25:08:f6:03:7d:50:da:d0:de:27:d1:e6:
81:01:ad:69:1f:38:a3:82:5b:42:96:67:75:5d:c7:
93:c2:23:74:37:08:ba:00:69:58:2f:7a:bd:2b:40:
f5:12:e7:dd:20:3c:e2:ca:f3:5d:4f:f1:cc:5f:92:
7b:17:1e:54:3a:9f:1a:f6:48:32:99:cc:e1:36:a9:
6c:78:a5:79:16:0e:2e:f8:3d:7d:d6:f0:33:9b:e9:
3b:11:31:78:6b:6b:9e:53:1c:9a:c2:f5:0f:66:4d:
6a:1d:78:a0:80:d7:c6:16:c0:5d:72:60:60:69:12:
b0:ac:01:4b:50:80:ba:47:0b:14:af:80:6d:d3:32:
02:e8:37:32:81:41:64:cb:58:70:ee:1c:80:cf:23:
05:95:5e:9f:74:2a:7f:80:6b:21:e0:ad:e2:53:0d:
76:f5:43:80:8b:8c:78:a1:f1:02:3f:69:18:07:b8:
67:13:05:bb:4a:08:7a:eb:9a:0f:e1:f4:d8:6b:a3:
89:19:f7:0a:e5:02:2c:47:0a:ec:7d:08:ab:16:f0:
fc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C0:BE:74:D0:B3:DE:0D:91:74:A4:07:7C:A5:5D:13:1E:2F:7E:BD
X509v3 Authority Key Identifier:
keyid:FA:C0:EA:24:2A:80:AB:5B:59:69:BF:A6:1D:D5:D9:94:B2:15:6E:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/-sDqJCqAq1tZab-mHdXZlLIVbrU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/-sDqJCqAq1tZab-mHdXZlLIVbrU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364379D/502A97D4BF3D11EDB8DB40F1F1222468/C838A4D646CD11F0B8C628B5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.38.4.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:e8:68:29:d9:91:43:18:00:46:f7:44:aa:20:ed:43:50:56:
0f:6c:dd:89:6d:53:d2:6a:8f:11:01:64:46:a2:f5:c0:06:27:
ec:4b:32:7d:aa:bd:f8:f8:5e:71:a3:54:a7:1e:e5:6f:1c:b1:
b8:a1:11:85:b4:a0:bf:81:89:ad:d7:33:c9:a8:15:00:f6:24:
86:be:b8:c6:8a:2b:ce:57:cb:89:f5:67:09:e1:19:01:d5:3e:
f0:d7:6d:f2:37:20:37:91:0e:37:3b:2d:cc:f4:06:df:d2:df:
22:a1:83:3e:8e:2c:03:59:5a:a7:95:c1:6d:7f:4e:fd:ed:b9:
01:7f:ca:e2:52:ef:2b:96:28:0c:e0:a9:28:31:b1:f9:60:6d:
9f:ef:bf:0d:83:bb:22:68:52:76:2e:94:e3:12:f5:3f:53:b5:
a8:73:b7:5d:88:31:f1:e0:e4:af:f3:cc:5c:6e:6d:33:0d:74:
6f:44:e2:a5:c4:60:47:69:f4:cf:c2:2d:ec:e8:fc:1c:cf:11:
dd:f3:44:67:08:7d:14:98:6d:f3:0f:4b:89:a2:22:5b:4f:d6:
de:dd:61:e9:d0:78:9b:96:cf:24:28:5a:73:52:41:e4:65:a3:
26:62:38:d1:5b:27:fa:60:3d:92:de:42:a6:82:8f:cc:2a:ea:
93:fe:63:ac
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA1owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDM3OURBUjExMC8GA1UEBRMoRkFDMEVBMjQyQTgwQUI1QjU5NjlCRkE2MURENUQ5
OTRCMjE1NkVCNTAeFw0yNTA2MTExNDA5NDZaFw0zNTExMTExNDA5NDZaMBgxFjAU
BgNVBAMTDTY4NDk4ZTQxLWUzMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5Y1Qvu/z+EVip164DLGQJuTyq9wvxOVbh9I6a9uTY20N+IhDCRRAowgG8
S7aJSCUI9gN9UNrQ3ifR5oEBrWkfOKOCW0KWZ3Vdx5PCI3Q3CLoAaVgver0rQPUS
590gPOLK811P8cxfknsXHlQ6nxr2SDKZzOE2qWx4pXkWDi74PX3W8DOb6TsRMXhr
a55THJrC9Q9mTWodeKCA18YWwF1yYGBpErCsAUtQgLpHCxSvgG3TMgLoNzKBQWTL
WHDuHIDPIwWVXp90Kn+AayHgreJTDXb1Q4CLjHih8QI/aRgHuGcTBbtKCHrrmg/h
9Nhro4kZ9wrlAixHCux9CKsW8Pw1AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUdsC+
dNCz3g2RdKQHfKVdEx4vfr0wHwYDVR0jBBgwFoAU+sDqJCqAq1tZab+mHdXZlLIV
brUwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQzNzlELzUwMkE5N0Q0QkYzRDExRURCOERCNDBGMUYxMjIyNDY4Ly1zRHFK
Q3FBcTF0WmFiLW1IZFhabExJVmJyVS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
Ly1zRHFKQ3FBcTF0WmFiLW1IZFhabExJVmJyVS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjQzNzlELzUwMkE5N0Q0QkYzRDExRURCOERCNDBGMUYxMjIy
NDY4L0M4MzhBNEQ2NDZDRDExRjBCOEM2MjhCNURBRTRFQzlDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKcJgQwDQYJKoZIhvcNAQELBQAD
ggEBAH3oaCnZkUMYAEb3RKog7UNQVg9s3YltU9JqjxEBZEai9cAGJ+xLMn2qvfj4
XnGjVKce5W8csbihEYW0oL+Bia3XM8moFQD2JIa+uMaKK85Xy4n1ZwnhGQHVPvDX
bfI3IDeRDjc7Lcz0Bt/S3yKhgz6OLANZWqeVwW1/Tv3tuQF/yuJS7yuWKAzgqSgx
sflgbZ/vvw2DuyJoUnYulOMS9T9Ttahzt12IMfHg5K/zzFxubTMNdG9E4qXEYEdp
9M/CLezo/BzPEd3zRGcIfRSYbfMPS4miIltP1t7dYenQeJuWzyQoWnNSQeRloyZi
ONFbJ/pgPZLeQqaCj8wq6pP+Y6w=
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:24:11 2025 by rpki-client