Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0463123A568111F082E156F0DAE4EC9C.roa
File: 0463123A568111F082E156F0DAE4EC9C.roa (raw, json)
Hash identifier: LkWDjwrmKcHcAr0qmAgjRcb0Zu4HBjhEYcnylnt3SuY=
Subject key identifier: DC:10:07:F9:C1:DB:83:67:85:88:A6:51:D9:93:01:B9:EE:51:6C:96
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015FF7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0463123A568111F082E156F0DAE4EC9C.roa
Signing time: Tue 01 Jul 2025 13:40:58 +0000
ROA not before: Tue 01 Jul 2025 13:40:52 +0000
ROA not after: Tue 28 Jul 2026 13:40:52 +0000
asID: 135293
IP address blocks: 156.227.2.0/24 maxlen: 24
156.227.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Jul 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90103 (0x15ff7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 1 13:40:52 2025 GMT
Not After : Jul 28 13:40:52 2026 GMT
Subject: CN=6863e56a-8699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a4:f9:c1:63:f1:0b:c6:35:9b:73:1e:f8:0a:
e9:1a:0d:d9:9c:c8:70:8f:02:cd:bd:26:e3:c1:75:
eb:26:df:0d:de:49:41:b0:e8:ab:90:91:fc:02:26:
83:d6:e4:72:b0:7f:d5:ab:d1:a9:8d:9b:f1:03:d7:
4f:c8:a1:c5:d3:99:6e:f1:53:e6:6a:02:43:95:d1:
1e:df:f0:29:77:56:d0:fb:33:da:95:61:72:6a:8c:
87:ab:11:41:f7:2b:de:0b:ef:6a:fe:f0:6b:62:d9:
53:b9:a5:55:bf:01:dd:7d:85:af:d3:af:1f:b3:72:
8a:3a:d8:9b:09:90:43:30:ff:93:6a:cb:64:ca:a5:
a3:63:a3:d9:09:8c:be:53:d6:61:59:a7:db:b6:1d:
e3:1f:41:3a:28:f2:ad:22:17:23:29:3f:7e:70:b8:
cf:87:a8:8d:a4:f8:d8:bd:b1:b3:17:e9:70:2e:7d:
98:e1:7d:db:07:3c:aa:7f:41:1c:7d:1c:79:52:61:
f1:ab:8f:ac:a4:a7:8e:24:1f:59:25:b8:e7:22:91:
85:ef:32:9d:98:f8:d2:a6:44:c9:e5:ec:90:ad:11:
d1:e7:d7:66:85:13:57:85:ba:c1:b8:f6:81:5f:42:
8a:67:b0:a4:fd:5b:97:bf:82:5e:18:9a:0a:fe:6a:
ff:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:10:07:F9:C1:DB:83:67:85:88:A6:51:D9:93:01:B9:EE:51:6C:96
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0463123A568111F082E156F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:07:91:f6:a8:d0:29:5f:cd:87:fe:99:85:14:0c:f6:81:f8:
5f:67:dd:ac:0b:ba:08:42:15:70:84:23:4f:4f:17:57:11:ae:
46:24:d7:88:68:33:dd:99:a9:f7:b2:ec:12:c4:6d:08:6e:74:
c2:f4:e4:6b:55:cd:96:61:07:4c:4f:b9:b8:fc:f7:07:b3:33:
53:ab:0f:b7:69:44:9f:7e:da:50:d6:05:60:72:dc:01:9a:67:
c2:c6:f5:63:b8:0c:5b:39:dc:5b:fc:ec:bd:4e:d7:23:46:ff:
df:3f:86:79:25:0b:9c:40:f8:88:8a:18:43:d9:42:2b:fd:53:
e1:d5:b8:74:14:b4:a2:65:c2:9c:36:43:b1:92:3c:a3:16:c9:
fb:66:4c:41:b2:11:87:f9:a3:db:ea:6b:94:8b:6f:22:bc:aa:
e8:90:e1:8d:b6:80:22:ed:93:9c:07:54:3c:f4:61:73:19:94:
80:3b:c3:d9:0d:ae:86:f5:d7:68:56:b9:ed:43:8b:7b:06:29:
c3:e6:9d:64:18:be:34:65:f1:7b:f6:52:0d:69:20:a2:3b:fa:
c3:73:7d:a9:33:c3:63:dd:85:75:44:d2:34:65:8d:9e:47:22:
df:f1:df:de:3c:b1:39:e1:05:80:0a:19:03:9c:58:bc:33:0d:
32:df:8e:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAV/3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAxMTM0MDUyWhcNMjYwNzI4MTM0MDUyWjAYMRYw
FAYDVQQDEw02ODYzZTU2YS04Njk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuKT5wWPxC8Y1m3Me+ArpGg3ZnMhwjwLNvSbjwXXrJt8N3klBsOirkJH8
AiaD1uRysH/Vq9GpjZvxA9dPyKHF05lu8VPmagJDldEe3/Apd1bQ+zPalWFyaoyH
qxFB9yveC+9q/vBrYtlTuaVVvwHdfYWv068fs3KKOtibCZBDMP+TastkyqWjY6PZ
CYy+U9ZhWafbth3jH0E6KPKtIhcjKT9+cLjPh6iNpPjYvbGzF+lwLn2Y4X3bBzyq
f0EcfRx5UmHxq4+spKeOJB9ZJbjnIpGF7zKdmPjSpkTJ5eyQrRHR59dmhRNXhbrB
uPaBX0KKZ7Ck/VuXv4JeGJoK/mr/BQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNwQ
B/nB24NnhYimUdmTAbnuUWyWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDYzMTIzQTU2ODExMUYwODJFMTU2RjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOMCMA0GCSqGSIb3DQEBCwUA
A4IBAQAKB5H2qNApX82H/pmFFAz2gfhfZ92sC7oIQhVwhCNPTxdXEa5GJNeIaDPd
man3suwSxG0IbnTC9ORrVc2WYQdMT7m4/PcHszNTqw+3aUSfftpQ1gVgctwBmmfC
xvVjuAxbOdxb/Oy9TtcjRv/fP4Z5JQucQPiIihhD2UIr/VPh1bh0FLSiZcKcNkOx
kjyjFsn7ZkxBshGH+aPb6muUi28ivKrokOGNtoAi7ZOcB1Q89GFzGZSAO8PZDa6G
9ddoVrntQ4t7BinD5p1kGL40ZfF79lINaSCiO/rDc32pM8Nj3YV1RNI0ZY2eRyLf
8d/ePLE54QWAChkDnFi8Mw0y346X
-----END CERTIFICATE-----
Generated at Thu Jul 3 16:46:57 2025 by rpki-client