Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E03BD4F6452711F088169C7FDAE4EC9C.roa
File: E03BD4F6452711F088169C7FDAE4EC9C.roa (raw, json)
Hash identifier: LN3U/BFe0MYJE45CVyx/uFUEtuomNX7TYAYz3YJE8Wo=
Subject key identifier: F3:DE:5F:0F:98:F7:9F:31:BB:88:B3:B8:00:2E:8C:E6:FD:48:BC:F4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A97
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E03BD4F6452711F088169C7FDAE4EC9C.roa
Signing time: Mon 09 Jun 2025 11:50:02 +0000
ROA not before: Mon 09 Jun 2025 11:49:57 +0000
ROA not after: Tue 11 Nov 2025 11:49:57 +0000
asID: 54600
IP address blocks: 156.235.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88727 (0x15a97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 9 11:49:57 2025 GMT
Not After : Nov 11 11:49:57 2025 GMT
Subject: CN=6846ca6a-dbbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3d:7e:fe:5a:b0:9f:ca:6d:8f:30:60:69:3a:
c9:2e:4d:be:07:83:b8:2a:21:df:f3:56:19:75:2d:
ed:e4:3c:98:60:99:44:1f:6d:94:89:56:bf:9b:1b:
e9:9d:80:70:b3:41:e1:22:34:7e:28:40:74:e0:2d:
a0:af:8c:0b:0a:90:17:47:5f:9a:8b:14:11:c4:a8:
8d:83:c6:e6:e9:c6:15:fe:eb:4a:cc:71:a3:3d:4c:
be:18:9a:6c:cb:3a:0a:a4:03:3f:94:40:5e:d0:45:
23:eb:cb:ea:75:4f:39:99:2e:78:87:fb:8f:cd:b1:
18:1c:78:f3:2f:c4:98:65:e7:89:ef:05:33:2d:c1:
f5:3d:c2:6f:ab:45:11:d1:1a:06:fc:9b:d1:88:19:
1f:2a:af:84:49:5e:3e:ab:5d:0f:d6:f1:4e:26:e6:
ba:93:40:bf:46:75:ef:19:4e:13:88:e1:e5:28:1d:
85:c2:ba:ee:9e:87:f7:84:83:6f:cd:6e:2d:8f:4b:
ad:70:39:27:d4:22:0b:0d:32:5f:9d:46:8a:5c:b2:
9f:b4:a8:53:8a:26:01:62:3b:7a:e6:77:dd:78:ce:
8e:2e:de:4b:16:b2:be:56:0a:d0:60:0a:ce:26:71:
80:31:a0:fd:f3:74:5d:63:c0:4d:e0:04:3f:77:82:
e7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:DE:5F:0F:98:F7:9F:31:BB:88:B3:B8:00:2E:8C:E6:FD:48:BC:F4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E03BD4F6452711F088169C7FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:4d:c8:41:af:35:cb:a3:4e:a7:eb:ab:5c:87:01:8e:e0:a5:
ed:c8:80:83:ee:f7:75:e3:e4:eb:b9:c3:5f:34:29:07:66:f3:
a9:44:d4:5c:f4:8a:73:51:c4:9e:f2:07:cf:b6:93:fb:5a:71:
88:c6:9a:3c:64:c5:c1:8d:6f:c8:a4:76:ad:7f:d1:a2:cb:81:
ba:9d:cb:80:d3:37:30:59:48:23:29:50:aa:4e:6d:c7:3d:8c:
59:8a:6b:9c:a7:3b:6d:6e:4c:55:74:38:a5:bf:71:1f:c8:9e:
9e:53:80:76:d0:b5:0c:87:e3:6d:24:d5:fb:c7:cf:88:30:32:
94:fa:eb:67:ef:17:ae:93:5c:e4:ae:d1:54:f5:d2:59:f9:fc:
4b:c7:73:0a:ea:73:30:d1:f1:71:ed:8f:81:d5:36:be:a9:3e:
a1:68:ff:55:21:02:94:5c:5f:68:1f:79:54:a4:4c:a7:55:89:
4c:46:74:9b:e0:19:24:1d:49:99:02:dd:29:6b:88:96:64:e4:
0f:f6:db:23:6d:77:39:34:e8:fe:04:94:ed:81:cb:95:d6:3c:
a8:c7:92:07:fe:50:6c:ae:2d:a3:db:8b:c9:7e:5e:5b:ff:46:
db:51:26:5a:ee:11:ea:29:33:a5:01:6c:2d:db:df:69:3d:ab:
1a:54:c8:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVqXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MTE0OTU3WhcNMjUxMTExMTE0OTU3WjAYMRYw
FAYDVQQDEw02ODQ2Y2E2YS1kYmJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2T1+/lqwn8ptjzBgaTrJLk2+B4O4KiHf81YZdS3t5DyYYJlEH22UiVa/
mxvpnYBws0HhIjR+KEB04C2gr4wLCpAXR1+aixQRxKiNg8bm6cYV/utKzHGjPUy+
GJpsyzoKpAM/lEBe0EUj68vqdU85mS54h/uPzbEYHHjzL8SYZeeJ7wUzLcH1PcJv
q0UR0RoG/JvRiBkfKq+ESV4+q10P1vFOJua6k0C/RnXvGU4TiOHlKB2Fwrrunof3
hINvzW4tj0utcDkn1CILDTJfnUaKXLKftKhTiiYBYjt65nfdeM6OLt5LFrK+VgrQ
YArOJnGAMaD983RdY8BN4AQ/d4Ln8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPPe
Xw+Y958xu4izuAAujOb9SLz0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMDNCRDRGNjQ1MjcxMUYwODgxNjlDN0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQB6TchBrzXLo06n66tchwGO4KXtyICD7vd14+TrucNfNCkHZvOpRNRc9Ipz
UcSe8gfPtpP7WnGIxpo8ZMXBjW/IpHatf9Giy4G6ncuA0zcwWUgjKVCqTm3HPYxZ
imucpzttbkxVdDilv3EfyJ6eU4B20LUMh+NtJNX7x8+IMDKU+utn7xeuk1zkrtFU
9dJZ+fxLx3MK6nMw0fFx7Y+B1Ta+qT6haP9VIQKUXF9oH3lUpEynVYlMRnSb4Bkk
HUmZAt0pa4iWZOQP9tsjbXc5NOj+BJTtgcuV1jyox5IH/lBsri2j24vJfl5b/0bb
USZa7hHqKTOlAWwt299pPasaVMjN
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:23:44 2025 by rpki-client