Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49BAF9FE452611F0B9A754F3DAE4EC9C.roa
File: 49BAF9FE452611F0B9A754F3DAE4EC9C.roa (raw, json)
Hash identifier: iGjpu1HGoXoqsmPmvvKR3ievLvjhijXzp75w/Bq6BZ4=
Subject key identifier: A2:D2:1A:A8:F6:F7:52:1B:B1:80:2A:FF:E8:BC:A1:07:A2:64:22:4D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A93
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49BAF9FE452611F0B9A754F3DAE4EC9C.roa
Signing time: Mon 09 Jun 2025 11:38:43 +0000
ROA not before: Mon 09 Jun 2025 11:38:30 +0000
ROA not after: Tue 11 Nov 2025 11:38:30 +0000
asID: 55020
IP address blocks: 156.224.16.0/23 maxlen: 24
156.224.18.0/23 maxlen: 24
156.224.20.0/22 maxlen: 24
156.224.24.0/22 maxlen: 24
156.224.28.0/23 maxlen: 24
156.224.30.0/23 maxlen: 24
156.224.63.0/24 maxlen: 24
156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 19 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88723 (0x15a93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 9 11:38:30 2025 GMT
Not After : Nov 11 11:38:30 2025 GMT
Subject: CN=6846c7c2-f9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:06:61:0a:ea:3b:d6:36:69:83:68:d5:b5:d8:
31:f5:f6:0d:98:b1:8d:3f:08:79:cc:71:b1:38:78:
25:fb:87:0e:d2:3a:b2:f5:e4:8f:17:6d:7c:f5:a2:
fd:3f:91:e0:04:54:54:bf:a6:96:60:c1:65:26:a6:
36:64:d9:12:12:ab:e8:3c:a0:db:e1:ee:17:fa:3b:
99:71:50:66:79:c6:86:17:4f:b6:f3:69:f3:54:8b:
62:e3:df:ce:91:d3:53:24:56:e2:75:79:b7:f2:4c:
25:3f:4a:0e:ff:c6:8e:f3:28:47:b9:a2:f5:97:ad:
26:cf:0e:87:5e:53:ec:df:16:2d:c2:b6:f4:45:29:
61:b9:8c:66:67:ba:4d:67:49:a6:46:60:ae:4a:8e:
80:54:35:cc:ba:18:ed:61:b9:71:48:8b:15:70:5f:
84:a1:10:dc:83:dc:d2:2c:9d:f3:c1:bd:a9:15:78:
7b:72:5c:94:20:e3:4c:40:ac:4c:38:73:ab:7f:45:
26:9c:09:ea:cc:0d:cc:28:f1:e9:64:31:28:eb:59:
1f:36:52:29:94:77:1f:ea:28:86:7e:2a:00:09:aa:
0f:2f:34:66:7c:ab:a1:5a:ab:80:a8:7d:92:6b:04:
46:c3:f3:c0:ed:71:01:ca:41:79:eb:e0:b9:6b:bf:
ed:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D2:1A:A8:F6:F7:52:1B:B1:80:2A:FF:E8:BC:A1:07:A2:64:22:4D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49BAF9FE452611F0B9A754F3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.16.0/20
156.224.63.0/24
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
6f:bf:a0:48:6f:c5:00:71:3e:46:54:d3:71:e6:34:b5:f4:f8:
31:49:78:df:2e:37:42:cc:20:5c:58:1a:c6:b9:03:20:14:03:
92:e6:6e:0d:9f:f0:18:e4:d4:83:2a:5c:32:6c:b9:eb:e6:28:
b4:1d:39:84:8e:44:13:7c:1a:3e:0e:79:90:21:34:5e:a7:e1:
d4:0d:64:a1:3c:b4:39:aa:d7:4e:a5:70:64:8a:fa:b4:be:93:
89:7c:59:2a:dc:7d:e9:15:54:1d:28:9c:79:5f:1d:98:69:96:
29:8a:dc:e4:ca:42:7e:2b:0d:e8:76:be:b8:db:65:6a:da:0e:
4c:17:49:13:b9:45:25:f3:37:46:6d:ef:dc:31:25:7e:6d:dd:
14:c1:30:81:09:6e:bc:30:2d:45:fd:0c:cb:12:ff:e4:4b:9a:
59:f2:b1:51:97:08:24:1b:34:c7:16:45:bc:3a:dd:26:4c:d6:
05:26:b9:30:d5:e8:ac:32:54:bc:65:cd:1b:11:73:7a:7d:5a:
cb:fc:bb:e8:7f:c9:a7:8d:96:b3:15:82:76:25:8c:7c:9b:4d:
ba:5f:a3:f3:94:50:de:e3:10:fd:ec:c0:2d:48:a3:eb:8e:25:
a9:ad:2b:4e:7f:ca:35:d9:62:7d:3c:09:62:60:cd:16:79:f4:
1c:ec:11:f1
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAVqTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MTEzODMwWhcNMjUxMTExMTEzODMwWjAYMRYw
FAYDVQQDEw02ODQ2YzdjMi1mOWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnAZhCuo71jZpg2jVtdgx9fYNmLGNPwh5zHGxOHgl+4cO0jqy9eSPF218
9aL9P5HgBFRUv6aWYMFlJqY2ZNkSEqvoPKDb4e4X+juZcVBmecaGF0+282nzVIti
49/OkdNTJFbidXm38kwlP0oO/8aO8yhHuaL1l60mzw6HXlPs3xYtwrb0RSlhuYxm
Z7pNZ0mmRmCuSo6AVDXMuhjtYblxSIsVcF+EoRDcg9zSLJ3zwb2pFXh7clyUIONM
QKxMOHOrf0UmnAnqzA3MKPHpZDEo61kfNlIplHcf6iiGfioACaoPLzRmfKuhWquA
qH2SawRGw/PA7XEBykF56+C5a7/tUwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKLS
Gqj291IbsYAq/+i8oQeiZCJNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OUJBRjlGRTQ1MjYxMUYwQjlBNzU0RjNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEnOAQAwQAnOA/AwQEnOtgMA0G
CSqGSIb3DQEBCwUAA4IBAQBvv6BIb8UAcT5GVNNx5jS19PgxSXjfLjdCzCBcWBrG
uQMgFAOS5m4Nn/AY5NSDKlwybLnr5ii0HTmEjkQTfBo+DnmQITRep+HUDWShPLQ5
qtdOpXBkivq0vpOJfFkq3H3pFVQdKJx5Xx2YaZYpitzkykJ+Kw3odr6422Vq2g5M
F0kTuUUl8zdGbe/cMSV+bd0UwTCBCW68MC1F/QzLEv/kS5pZ8rFRlwgkGzTHFkW8
Ot0mTNYFJrkw1eisMlS8Zc0bEXN6fVrL/Lvof8mnjZazFYJ2JYx8m026X6PzlFDe
4xD97MAtSKPrjiWprStOf8o12WJ9PAliYM0WefQc7BHx
-----END CERTIFICATE-----
Generated at Tue Jun 17 10:55:09 2025 by rpki-client