Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23966FC879B611F0970064AFDAE4EC9C.roa
File: 23966FC879B611F0970064AFDAE4EC9C.roa (raw, json)
Hash identifier: RDlT3OalOKCkRiLHE7EMPBgUn323JdXlLxEWzylqVN8=
Subject key identifier: 42:DC:BB:81:14:B0:FD:77:D3:02:8B:24:EB:85:9D:41:52:F2:77:D4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016B34
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23966FC879B611F0970064AFDAE4EC9C.roa
Signing time: Fri 15 Aug 2025 08:59:24 +0000
ROA not before: Fri 15 Aug 2025 08:59:18 +0000
ROA not after: Mon 24 Aug 2026 08:59:18 +0000
asID: 152179
IP address blocks: 156.241.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92980 (0x16b34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 15 08:59:18 2025 GMT
Not After : Aug 24 08:59:18 2026 GMT
Subject: CN=689ef6ec-81b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:87:bd:6a:e8:c4:a2:08:4e:05:98:6d:93:6d:
6e:92:7c:27:2b:65:a3:13:a4:15:d2:29:02:ab:fd:
f8:66:94:63:4a:cd:51:52:b2:b1:9e:c6:58:93:29:
cb:db:f3:4b:7b:50:be:3b:f7:74:38:2e:a3:27:86:
b3:84:85:78:eb:de:9d:f0:6e:45:d6:78:43:d5:83:
45:6b:04:ce:66:94:ba:fb:9c:75:ab:b6:cb:38:57:
8b:ca:a2:d2:1f:bc:20:1c:60:ad:b6:88:13:23:31:
fd:07:61:27:ab:14:d9:ba:5d:e1:30:81:fd:60:a9:
1b:02:e7:64:c7:0c:bd:4f:3b:00:33:a0:e1:2b:bd:
68:f5:15:ea:46:c9:f3:05:fa:f7:b1:d5:66:8e:00:
cc:7e:01:45:cf:d2:8d:d2:6b:1a:f6:05:cf:2e:c4:
22:35:37:1d:92:80:51:e5:36:16:a7:fc:72:e4:8f:
ef:31:14:80:b6:3a:81:c4:8e:a0:12:e2:8d:86:75:
2b:97:09:60:81:c6:68:d9:1e:2f:c3:0b:3c:fb:af:
65:a5:3b:47:42:b7:05:9a:af:e3:98:05:60:0b:98:
87:0f:2d:4f:35:ec:78:cc:91:2c:9f:88:f3:36:16:
c7:ef:45:69:eb:52:72:c8:66:fb:ca:af:cb:fd:32:
2f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:DC:BB:81:14:B0:FD:77:D3:02:8B:24:EB:85:9D:41:52:F2:77:D4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23966FC879B611F0970064AFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.3.0/24
Signature Algorithm: sha256WithRSAEncryption
53:c8:3e:00:f7:a8:7f:65:46:10:56:c7:80:4d:7a:8c:7a:69:
76:a9:09:e3:9b:c7:8c:3f:72:93:ad:b7:a2:4f:01:aa:ee:52:
e3:0c:b5:13:95:d7:d9:51:7f:ac:ef:e6:63:5a:0c:d3:41:d1:
e1:7b:44:a6:87:5a:89:61:8c:1a:2b:3d:ef:55:77:d6:13:cc:
fb:e3:01:38:60:07:28:dd:27:c4:65:69:ef:0b:0a:95:fa:7c:
48:05:af:88:ca:f3:81:9f:31:d5:42:e0:68:68:59:98:79:c0:
62:77:35:b1:cb:d3:0a:12:f9:92:b2:5b:fe:3e:74:79:cb:89:
17:99:fb:51:07:d6:f7:ca:87:aa:3e:ba:9e:e9:d7:dd:fd:b8:
25:c7:6a:71:f0:fe:ac:d4:ea:ef:38:f3:7e:ed:04:0a:9b:b3:
15:48:dd:38:52:64:bb:d0:74:98:50:60:c8:c2:8e:21:f2:3b:
48:ee:c8:df:9c:cc:e8:66:26:8d:fb:0e:1c:d2:4e:2c:11:c0:
e5:0a:d3:fb:77:9d:05:67:d9:83:ad:80:11:d0:46:d5:24:b4:
e1:ea:f2:2e:06:c4:2a:77:58:c8:27:a2:95:29:93:70:04:75:
6d:a9:fb:50:4c:0c:da:90:d0:ae:6a:58:89:d9:9c:5e:73:53:
f5:2c:be:c5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWs0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE1MDg1OTE4WhcNMjYwODI0MDg1OTE4WjAYMRYw
FAYDVQQDEw02ODllZjZlYy04MWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr4e9aujEoghOBZhtk21uknwnK2WjE6QV0ikCq/34ZpRjSs1RUrKxnsZY
kynL2/NLe1C+O/d0OC6jJ4azhIV4696d8G5F1nhD1YNFawTOZpS6+5x1q7bLOFeL
yqLSH7wgHGCttogTIzH9B2EnqxTZul3hMIH9YKkbAudkxwy9TzsAM6DhK71o9RXq
RsnzBfr3sdVmjgDMfgFFz9KN0msa9gXPLsQiNTcdkoBR5TYWp/xy5I/vMRSAtjqB
xI6gEuKNhnUrlwlggcZo2R4vwws8+69lpTtHQrcFmq/jmAVgC5iHDy1PNex4zJEs
n4jzNhbH70Vp61JyyGb7yq/L/TIvtQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFELc
u4EUsP130wKLJOuFnUFS8nfUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzk2NkZDODc5QjYxMUYwOTcwMDY0QUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEDMA0GCSqGSIb3DQEBCwUA
A4IBAQBTyD4A96h/ZUYQVseATXqMeml2qQnjm8eMP3KTrbeiTwGq7lLjDLUTldfZ
UX+s7+ZjWgzTQdHhe0Smh1qJYYwaKz3vVXfWE8z74wE4YAco3SfEZWnvCwqV+nxI
Ba+IyvOBnzHVQuBoaFmYecBidzWxy9MKEvmSslv+PnR5y4kXmftRB9b3yoeqPrqe
6dfd/bglx2px8P6s1OrvOPN+7QQKm7MVSN04UmS70HSYUGDIwo4h8jtI7sjfnMzo
ZiaN+w4c0k4sEcDlCtP7d50FZ9mDrYAR0EbVJLTh6vIuBsQqd1jIJ6KVKZNwBHVt
qftQTAzakNCualiJ2Zxec1P1LL7F
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:05:32 2025 by rpki-client