Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99939A5C43A111F086226C95DAE4EC9C.roa
File: 99939A5C43A111F086226C95DAE4EC9C.roa (raw, json)
Hash identifier: 9DyYCfNWcY+mMZzlipi8TjFm+iu9wIYBgXHb3CFvaqY=
Subject key identifier: 0D:2A:59:EA:A6:3A:E0:D6:75:BA:97:60:70:A1:5E:A9:2C:F3:D1:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99939A5C43A111F086226C95DAE4EC9C.roa
Signing time: Sat 07 Jun 2025 13:16:20 +0000
ROA not before: Sat 07 Jun 2025 13:16:15 +0000
ROA not after: Sun 13 Jul 2025 13:16:15 +0000
asID: 20473
IP address blocks: 156.231.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88669 (0x15a5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 7 13:16:15 2025 GMT
Not After : Jul 13 13:16:15 2025 GMT
Subject: CN=68443ba4-8339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ed:07:ba:90:0a:10:41:cd:4e:cf:47:5d:06:
a8:11:8f:ef:a4:24:bd:1f:c0:5a:3d:fa:02:6c:dc:
13:4d:11:1c:ab:ee:e1:e6:69:4a:23:54:00:56:88:
db:88:aa:8a:10:98:0c:a5:c2:a5:b4:a5:95:5d:65:
01:8f:c7:59:f1:fb:48:ec:88:1e:ef:b8:3b:9f:eb:
8c:92:90:88:cc:21:4f:98:b2:d4:16:09:2b:cd:a8:
b3:a6:47:62:7c:1f:89:d4:f8:fe:be:fd:c0:32:55:
7a:0b:90:24:b3:e8:d5:17:92:d5:7f:48:23:42:ba:
a5:54:a3:1e:48:1d:2c:59:91:b6:9f:d5:f4:03:be:
ca:6a:7b:db:a9:b5:79:70:22:74:f7:fa:4c:9b:bf:
41:c8:e5:17:b4:e9:b1:86:b6:7f:1c:5d:7a:91:e2:
a6:46:f9:78:ba:b8:d9:2b:a5:a2:d1:c1:7b:c5:a9:
1d:32:2a:11:2f:2a:03:6c:54:31:e8:20:11:33:31:
ae:eb:7e:bd:5a:47:f0:9e:9d:6f:7e:69:89:41:a5:
ae:23:8b:0c:1c:e5:58:f7:08:38:41:36:ee:98:63:
fc:22:c6:0c:f9:01:d0:43:f0:d9:e8:ef:23:88:47:
61:e5:e8:06:b5:9d:d8:db:5b:c4:82:95:fa:63:a9:
6a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2A:59:EA:A6:3A:E0:D6:75:BA:97:60:70:A1:5E:A9:2C:F3:D1:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/99939A5C43A111F086226C95DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:57:f5:42:88:a6:08:42:59:cd:03:b4:65:e0:f4:59:52:73:
55:a4:c1:91:85:92:4e:41:a1:ca:d3:b0:c9:f8:f5:9e:40:d9:
a4:cd:40:fb:43:83:75:1a:5d:9a:63:0b:e5:81:a2:7d:78:2b:
19:a1:ab:56:16:2e:79:07:8c:e2:c3:f8:a2:80:32:4d:d4:69:
0d:23:09:9c:41:16:b3:20:d9:4c:07:0c:2f:09:4a:41:8a:20:
6c:47:f2:c8:67:e8:ed:2b:eb:51:49:33:b7:be:cb:ea:42:1e:
7c:bf:db:fe:4e:8a:32:0e:b3:31:b1:a2:06:bd:00:b2:f5:0c:
06:2d:a3:9e:04:1c:d8:4d:9a:55:b0:82:88:ab:ac:a0:eb:91:
a6:b0:e0:3e:18:96:94:25:01:08:38:a9:33:d1:65:a5:61:da:
73:1e:57:ea:a1:4f:aa:1c:e1:bf:85:1c:05:c2:4f:d0:77:c1:
13:1d:42:80:bc:83:69:5c:4c:4e:de:14:58:6f:f0:d2:e6:f1:
12:77:f1:f7:c2:ed:83:bf:83:45:cf:bb:32:c1:10:4d:15:b3:
84:09:ae:82:b1:c0:4b:a1:d8:a3:58:4a:4e:47:8c:9c:3f:87:
a0:13:86:4c:6e:69:26:2b:f3:59:2f:d2:45:95:65:05:31:f1:
04:86:b9:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVpdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA3MTMxNjE1WhcNMjUwNzEzMTMxNjE1WjAYMRYw
FAYDVQQDEw02ODQ0M2JhNC04MzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApe0HupAKEEHNTs9HXQaoEY/vpCS9H8BaPfoCbNwTTREcq+7h5mlKI1QA
VojbiKqKEJgMpcKltKWVXWUBj8dZ8ftI7Ige77g7n+uMkpCIzCFPmLLUFgkrzaiz
pkdifB+J1Pj+vv3AMlV6C5Aks+jVF5LVf0gjQrqlVKMeSB0sWZG2n9X0A77Kanvb
qbV5cCJ09/pMm79ByOUXtOmxhrZ/HF16keKmRvl4urjZK6Wi0cF7xakdMioRLyoD
bFQx6CARMzGu6369Wkfwnp1vfmmJQaWuI4sMHOVY9wg4QTbumGP8IsYM+QHQQ/DZ
6O8jiEdh5egGtZ3Y21vEgpX6Y6lq3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA0q
WeqmOuDWdbqXYHChXqks89GMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85OTkzOUE1QzQzQTExMUYwODYyMjZDOTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOcKMA0GCSqGSIb3DQEBCwUA
A4IBAQClV/VCiKYIQlnNA7Rl4PRZUnNVpMGRhZJOQaHK07DJ+PWeQNmkzUD7Q4N1
Gl2aYwvlgaJ9eCsZoatWFi55B4ziw/iigDJN1GkNIwmcQRazINlMBwwvCUpBiiBs
R/LIZ+jtK+tRSTO3vsvqQh58v9v+TooyDrMxsaIGvQCy9QwGLaOeBBzYTZpVsIKI
q6yg65GmsOA+GJaUJQEIOKkz0WWlYdpzHlfqoU+qHOG/hRwFwk/Qd8ETHUKAvINp
XExO3hRYb/DS5vESd/H3wu2Dv4NFz7sywRBNFbOECa6CscBLodijWEpOR4ycP4eg
E4ZMbmkmK/NZL9JFlWUFMfEEhrln
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:50:32 2025 by rpki-client