Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF2C5D146B9C11F0A3EEEBD0DAE4EC9C.roa
File: EF2C5D146B9C11F0A3EEEBD0DAE4EC9C.roa (raw, json)
Hash identifier: gJAx84o7K3EvcXY9gjUuTJZ1NkXNrcudcU7mUThEY5Y=
Subject key identifier: 88:E4:EA:F0:E8:C1:30:39:78:91:DE:87:53:9C:91:01:D4:8C:F7:0A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0167F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF2C5D146B9C11F0A3EEEBD0DAE4EC9C.roa
Signing time: Mon 28 Jul 2025 10:23:42 +0000
ROA not before: Mon 28 Jul 2025 10:23:38 +0000
ROA not after: Mon 01 Sep 2025 10:23:38 +0000
asID: 32043
IP address blocks: 156.228.48.0/22 maxlen: 24
156.228.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92146 (0x167f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 28 10:23:38 2025 GMT
Not After : Sep 1 10:23:38 2025 GMT
Subject: CN=68874fae-8735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fe:2d:3c:ec:0c:ef:ed:e7:12:61:86:6a:75:
94:d3:61:3b:b3:11:19:e5:a7:be:75:2d:7e:0e:60:
dd:30:35:f8:05:36:be:f0:18:75:1b:22:e1:80:74:
40:37:78:cf:9a:d8:ed:c8:37:47:75:b9:d8:94:43:
a4:26:c0:d9:14:30:76:ba:82:b2:79:32:0e:74:f1:
0c:bc:4b:b6:01:2a:96:25:98:ad:1b:ee:d1:b3:a4:
7c:f8:cd:28:ff:6d:50:50:b4:ea:e5:2d:5f:86:be:
c2:61:d9:dc:26:da:1c:a0:ad:c0:fb:5f:08:c5:d1:
c0:4d:2b:85:d3:6a:12:5a:1f:c2:7e:09:08:c4:64:
5f:c7:f5:fc:dd:a3:d9:07:d5:b4:be:17:2e:a0:f9:
87:5e:02:2a:a2:37:cf:c3:8f:ba:fe:5c:71:90:c1:
80:ce:c0:ca:ca:26:eb:a6:74:7b:b9:7b:7e:52:8a:
39:64:47:61:1a:e4:d7:21:db:84:0e:8a:2c:c9:3d:
30:62:c5:21:63:54:f6:30:49:a6:07:c3:6f:23:33:
6a:26:b2:13:d3:8e:14:bf:7d:12:5a:a1:70:3a:14:
7a:6e:88:10:0f:0e:a0:0a:e3:dc:2c:00:06:e0:01:
65:73:10:cb:82:dd:1f:e1:8a:4f:c3:ea:0a:2b:55:
65:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E4:EA:F0:E8:C1:30:39:78:91:DE:87:53:9C:91:01:D4:8C:F7:0A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/EF2C5D146B9C11F0A3EEEBD0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.48.0/21
Signature Algorithm: sha256WithRSAEncryption
08:65:f7:81:74:59:a3:02:af:f8:d4:29:42:77:db:21:35:35:
f1:37:2a:68:62:0c:d2:d5:13:af:6c:b3:66:54:f1:2b:a6:1a:
0a:3d:92:00:6b:8b:22:7d:4c:86:79:e7:53:78:cc:31:3d:13:
e4:fc:58:45:df:d5:6f:11:66:1e:9b:fb:cc:4c:58:b1:91:36:
23:30:d5:fb:2b:ce:58:f9:83:cd:92:9c:fe:a2:aa:4d:8c:19:
d5:34:3d:dd:d1:15:c7:30:0e:da:0d:56:a0:12:88:75:60:15:
84:20:a0:f1:1a:8c:e3:e3:b1:93:75:2a:66:86:58:95:a0:90:
af:3b:8c:39:55:d9:25:d9:15:52:29:e4:20:3a:1e:ad:2d:44:
84:2f:9b:24:02:34:72:98:b1:22:c4:83:b7:ec:f1:58:d4:db:
91:fa:74:1f:d8:bf:92:c2:d8:ed:7d:9f:0c:9b:a2:c8:7d:d2:
d6:14:14:d4:6b:54:6a:49:c4:c1:43:29:84:41:f0:1b:62:bb:
23:ef:44:e3:9b:2e:ae:af:fa:b6:7e:ca:f4:ed:92:fd:4d:2c:
3b:89:25:ae:b9:49:80:b8:e5:ca:f2:c9:44:11:58:72:29:7c:
17:8f:e3:a2:61:de:13:f8:06:ad:2d:b4:b3:8b:f9:1c:04:6d:
fb:be:cb:f7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWfyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI4MTAyMzM4WhcNMjUwOTAxMTAyMzM4WjAYMRYw
FAYDVQQDEw02ODg3NGZhZS04NzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyf4tPOwM7+3nEmGGanWU02E7sxEZ5ae+dS1+DmDdMDX4BTa+8Bh1GyLh
gHRAN3jPmtjtyDdHdbnYlEOkJsDZFDB2uoKyeTIOdPEMvEu2ASqWJZitG+7Rs6R8
+M0o/21QULTq5S1fhr7CYdncJtocoK3A+18IxdHATSuF02oSWh/CfgkIxGRfx/X8
3aPZB9W0vhcuoPmHXgIqojfPw4+6/lxxkMGAzsDKyibrpnR7uXt+Uoo5ZEdhGuTX
IduEDoosyT0wYsUhY1T2MEmmB8NvIzNqJrIT044Uv30SWqFwOhR6bogQDw6gCuPc
LAAG4AFlcxDLgt0f4YpPw+oKK1VldwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIjk
6vDowTA5eJHeh1OckQHUjPcKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FRjJDNUQxNDZCOUMxMUYwQTNFRUVCRDBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOQwMA0GCSqGSIb3DQEBCwUA
A4IBAQAIZfeBdFmjAq/41ClCd9shNTXxNypoYgzS1ROvbLNmVPErphoKPZIAa4si
fUyGeedTeMwxPRPk/FhF39VvEWYem/vMTFixkTYjMNX7K85Y+YPNkpz+oqpNjBnV
ND3d0RXHMA7aDVagEoh1YBWEIKDxGozj47GTdSpmhliVoJCvO4w5Vdkl2RVSKeQg
Oh6tLUSEL5skAjRymLEixIO37PFY1NuR+nQf2L+SwtjtfZ8Mm6LIfdLWFBTUa1Rq
ScTBQymEQfAbYrsj70Tjmy6ur/q2fsr07ZL9TSw7iSWuuUmAuOXK8slEEVhyKXwX
j+OiYd4T+AatLbSzi/kcBG37vsv3
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:44:11 2025 by rpki-client