Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B89644A7C2111F0B7CE14F2DAE4EC9C.roa
File: 0B89644A7C2111F0B7CE14F2DAE4EC9C.roa (raw, json)
Hash identifier: 1sxAkUSRIDC7pQcnPowScFzDH8DaWZ8zzsBAgsKJcJ0=
Subject key identifier: 67:BC:C8:96:D2:2C:C5:42:1B:B3:51:77:43:27:7B:92:87:73:FE:F0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016BE3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B89644A7C2111F0B7CE14F2DAE4EC9C.roa
Signing time: Mon 18 Aug 2025 10:49:42 +0000
ROA not before: Mon 18 Aug 2025 10:49:37 +0000
ROA not after: Fri 03 Oct 2025 10:49:37 +0000
asID: 216047
IP address blocks: 156.234.118.0/24 maxlen: 32
156.234.123.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93155 (0x16be3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 18 10:49:37 2025 GMT
Not After : Oct 3 10:49:37 2025 GMT
Subject: CN=68a30546-ea4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:aa:c8:bc:13:8e:62:29:1d:0d:70:4f:1a:30:
92:5b:f4:a2:80:72:82:2d:61:21:e7:a7:e2:d3:a8:
8d:e8:26:23:e7:dc:5c:92:2a:84:0d:d7:81:97:33:
f8:97:bd:9c:c6:74:db:17:c8:13:70:5b:e8:e5:ea:
bd:c1:16:d6:ff:7c:3a:c7:20:f6:10:2c:ca:66:a4:
1e:28:8d:a6:f1:64:19:91:43:71:c5:3d:49:a7:b4:
50:53:b9:25:54:be:7b:cf:64:ac:19:65:1b:1c:d3:
b8:5f:a9:36:0a:c9:c5:bf:98:fb:44:b9:f3:c9:37:
4d:55:00:80:44:1a:2b:8c:49:c5:f1:d6:2d:d5:3c:
79:bc:f3:59:e0:8f:30:4c:18:17:10:ab:89:a9:cb:
18:dd:b5:b7:95:32:b2:bc:e2:24:a5:2a:dc:df:6d:
6f:42:00:02:bf:91:4c:05:26:8e:7b:dc:a7:bf:7c:
93:ff:2b:c0:9c:0a:f8:09:03:3a:35:cc:6f:82:99:
5c:31:e1:4e:84:e6:f4:42:0e:e1:67:d0:0b:6f:59:
b8:b9:11:b0:c2:2c:06:cd:1d:34:d7:f7:a2:c8:32:
8e:8b:a8:32:aa:01:ae:33:b4:3d:7d:60:e8:61:34:
25:64:d2:af:e7:22:72:2c:27:96:9e:12:f1:c6:d5:
3a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:BC:C8:96:D2:2C:C5:42:1B:B3:51:77:43:27:7B:92:87:73:FE:F0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B89644A7C2111F0B7CE14F2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.118.0/24
156.234.123.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:3e:81:72:e9:be:ff:ad:28:c5:b2:ec:d4:f0:1f:53:2b:60:
be:70:6d:12:1b:f8:49:af:f8:22:09:a6:b8:cf:52:2c:46:aa:
93:e5:49:fa:7c:87:2a:0c:b3:41:75:b8:ef:af:6f:27:e3:1f:
7a:a6:7b:46:29:34:97:da:1e:54:fc:a5:99:ab:a0:66:2f:8d:
70:7a:0a:18:98:a4:be:07:78:c2:98:ab:6d:2f:a3:b8:49:4c:
f7:28:e2:49:91:b7:a4:07:a1:f2:cc:34:21:0a:17:98:a0:99:
5d:fc:6f:79:6b:2f:30:0c:59:7c:e3:86:0f:ea:64:3e:c2:49:
b3:81:c4:bc:06:6c:c8:49:98:fb:28:7f:95:44:fa:81:35:a9:
74:59:2a:e9:18:53:c1:cf:e0:9f:71:9e:1c:b9:78:43:1e:aa:
71:28:98:12:cd:e5:ee:04:80:d0:a4:c5:38:0c:3c:e9:f8:3a:
f0:94:2a:d3:c3:0c:0b:e0:65:e0:7a:d2:3e:9a:29:45:dd:25:
da:48:7e:68:11:14:9c:2c:22:c7:63:87:f5:bd:a3:e5:f6:c1:
ab:a5:f0:b1:e8:d0:2d:04:b4:95:38:16:3d:9e:4a:0d:3d:f5:
bf:46:9b:83:aa:42:5e:bf:df:34:00:ca:d0:8d:5c:33:76:1c:
d7:77:30:99
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWvjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE4MTA0OTM3WhcNMjUxMDAzMTA0OTM3WjAYMRYw
FAYDVQQDEw02OGEzMDU0Ni1lYTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5qrIvBOOYikdDXBPGjCSW/SigHKCLWEh56fi06iN6CYj59xckiqEDdeB
lzP4l72cxnTbF8gTcFvo5eq9wRbW/3w6xyD2ECzKZqQeKI2m8WQZkUNxxT1Jp7RQ
U7klVL57z2SsGWUbHNO4X6k2CsnFv5j7RLnzyTdNVQCARBorjEnF8dYt1Tx5vPNZ
4I8wTBgXEKuJqcsY3bW3lTKyvOIkpSrc321vQgACv5FMBSaOe9ynv3yT/yvAnAr4
CQM6NcxvgplcMeFOhOb0Qg7hZ9ALb1m4uRGwwiwGzR001/eiyDKOi6gyqgGuM7Q9
fWDoYTQlZNKv5yJyLCeWnhLxxtU62wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGe8
yJbSLMVCG7NRd0Mne5KHc/7wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjg5NjQ0QTdDMjExMUYwQjdDRTE0RjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOp2AwQAnOp7MA0GCSqGSIb3
DQEBCwUAA4IBAQBNPoFy6b7/rSjFsuzU8B9TK2C+cG0SG/hJr/giCaa4z1IsRqqT
5Un6fIcqDLNBdbjvr28n4x96pntGKTSX2h5U/KWZq6BmL41wegoYmKS+B3jCmKtt
L6O4SUz3KOJJkbekB6HyzDQhCheYoJld/G95ay8wDFl844YP6mQ+wkmzgcS8BmzI
SZj7KH+VRPqBNal0WSrpGFPBz+CfcZ4cuXhDHqpxKJgSzeXuBIDQpMU4DDzp+Drw
lCrTwwwL4GXgetI+milF3SXaSH5oERScLCLHY4f1vaPl9sGrpfCx6NAtBLSVOBY9
nkoNPfW/RpuDqkJev980AMrQjVwzdhzXdzCZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:03:42 2025 by rpki-client