Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BF2709E7EAE11F093ED82A5DAE4EC9C.roa
File: 1BF2709E7EAE11F093ED82A5DAE4EC9C.roa (raw, json)
Hash identifier: LaMCt/wZl6A4niMKi82Xf/pd2mOicf3+hTtHXr7Y1JU=
Subject key identifier: E6:48:42:AC:B8:EF:CC:64:AF:74:9D:FC:C5:13:48:6C:EC:75:E8:BD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016E70
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BF2709E7EAE11F093ED82A5DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 16:44:31 +0000
ROA not before: Thu 21 Aug 2025 16:44:26 +0000
ROA not after: Wed 21 Aug 2030 16:44:26 +0000
asID: 17561
IP address blocks: 156.243.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93808 (0x16e70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 21 16:44:26 2025 GMT
Not After : Aug 21 16:44:26 2030 GMT
Subject: CN=68a74cef-95d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:20:a1:70:2a:fa:94:6e:ba:00:74:af:32:0e:
40:4f:42:06:9f:a5:ad:97:a2:d5:df:6c:9c:95:ce:
50:5a:cf:1e:53:b5:14:44:5e:80:cd:4e:58:1e:98:
10:7f:6f:b3:53:9d:28:54:5a:6a:bb:59:90:28:38:
b2:9e:52:d6:7e:cf:79:cf:66:20:c2:29:60:62:1d:
94:34:c6:ae:45:d3:bc:a1:1a:ef:08:47:89:29:68:
6e:82:93:f4:1b:76:6d:b0:c7:ab:39:6e:f7:55:f3:
4a:3e:9a:fc:b1:ad:34:28:44:8a:f2:9d:f4:f7:e3:
e8:93:40:c1:4b:21:48:45:dc:18:79:05:08:d3:0f:
fc:93:75:f8:43:79:b3:f4:b9:ba:0d:7d:1b:de:13:
8a:bb:b5:5a:3c:16:49:b3:09:78:98:e1:0f:3e:22:
bd:52:9b:71:c2:f3:a0:b3:81:54:36:5a:94:17:76:
13:60:e8:ab:89:8b:ff:6e:9b:49:55:96:39:38:2b:
8e:b4:03:d0:9c:63:b5:4d:e3:c1:6d:38:cc:95:a2:
30:67:bf:2d:ef:a8:68:a1:88:f1:ea:25:9b:c3:4c:
2a:3e:e3:0d:53:5b:3a:b3:3f:6f:89:d6:ee:91:d0:
94:50:84:7d:c5:5a:ca:e7:b0:42:8d:8e:ca:7a:04:
ae:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:48:42:AC:B8:EF:CC:64:AF:74:9D:FC:C5:13:48:6C:EC:75:E8:BD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BF2709E7EAE11F093ED82A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b5:37:6c:d6:16:a1:37:4d:60:25:f4:38:21:c4:36:0a:77:93:
13:be:6d:38:19:f1:8e:28:72:b5:41:e4:05:41:f8:a4:47:55:
fc:0a:77:b6:79:6a:c8:62:d4:aa:15:87:a3:a5:e7:ea:b2:45:
e7:2c:31:2e:b6:41:c9:4d:78:0d:a2:eb:12:d6:71:e7:bf:fc:
73:db:ec:b2:cc:0a:54:b3:c4:d1:dd:7b:80:1d:5b:34:07:e6:
55:96:10:ec:3a:95:e6:f0:2c:ec:fc:59:32:75:f5:34:c3:c0:
8a:35:86:aa:ae:dc:19:c2:80:a2:af:49:99:5f:4f:37:d5:c0:
95:cb:41:41:07:e4:94:1e:60:fa:7a:91:c3:62:24:fb:4b:58:
dc:71:52:1b:1d:b6:4c:cc:8a:73:a5:bc:79:ff:2e:6b:4a:6a:
f9:9b:5c:bf:42:ac:28:e1:ac:5e:5f:67:a3:63:93:6a:23:3f:
85:88:6f:01:a4:00:ef:8c:3d:3f:c6:fc:dd:ba:93:81:27:ab:
e8:77:34:ad:65:15:8a:d4:b8:f4:f7:68:a0:bf:13:12:01:2d:
57:02:29:72:ee:a7:fe:91:ce:03:1d:fe:ba:29:54:75:f3:e6:
ac:d4:7b:a8:94:3d:bd:29:8e:48:8c:5e:8c:dd:24:18:84:d8:
01:ae:e3:de
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAW5wMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIxMTY0NDI2WhcNMzAwODIxMTY0NDI2WjAYMRYw
FAYDVQQDEw02OGE3NGNlZi05NWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoiChcCr6lG66AHSvMg5AT0IGn6Wtl6LV32yclc5QWs8eU7UURF6AzU5Y
HpgQf2+zU50oVFpqu1mQKDiynlLWfs95z2YgwilgYh2UNMauRdO8oRrvCEeJKWhu
gpP0G3ZtsMerOW73VfNKPpr8sa00KESK8p309+Pok0DBSyFIRdwYeQUI0w/8k3X4
Q3mz9Lm6DX0b3hOKu7VaPBZJswl4mOEPPiK9UptxwvOgs4FUNlqUF3YTYOiriYv/
bptJVZY5OCuOtAPQnGO1TePBbTjMlaIwZ78t76hooYjx6iWbw0wqPuMNU1s6sz9v
idbukdCUUIR9xVrK57BCjY7KegSu4QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOZI
Qqy478xkr3Sd/MUTSGzsdei9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQkYyNzA5RTdFQUUxMUYwOTNFRDgyQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPNAMA0GCSqGSIb3DQEBCwUA
A4IBAQC1N2zWFqE3TWAl9DghxDYKd5MTvm04GfGOKHK1QeQFQfikR1X8Cne2eWrI
YtSqFYejpefqskXnLDEutkHJTXgNousS1nHnv/xz2+yyzApUs8TR3XuAHVs0B+ZV
lhDsOpXm8Czs/FkydfU0w8CKNYaqrtwZwoCir0mZX0831cCVy0FBB+SUHmD6epHD
YiT7S1jccVIbHbZMzIpzpbx5/y5rSmr5m1y/Qqwo4axeX2ejY5NqIz+FiG8BpADv
jD0/xvzdupOBJ6vodzStZRWK1Lj092igvxMSAS1XAily7qf+kc4DHf66KVR18+as
1HuolD29KY5IjF6M3SQYhNgBruPe
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:04 2025 by rpki-client