Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BD64C4A7ACD11F0B9E6DDBCDAE4EC9C.roa
File: 2BD64C4A7ACD11F0B9E6DDBCDAE4EC9C.roa (raw, json)
Hash identifier: MV+A5+SqxaiCc+gM8YiFEGXdx4qbAZdNqteljTklB5k=
Subject key identifier: BE:97:CF:D6:28:28:60:FC:11:53:5C:F1:3D:E1:F9:26:65:79:26:87
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016B8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BD64C4A7ACD11F0B9E6DDBCDAE4EC9C.roa
Signing time: Sat 16 Aug 2025 18:16:47 +0000
ROA not before: Sat 16 Aug 2025 18:16:43 +0000
ROA not after: Sat 04 Oct 2025 18:16:43 +0000
asID: 134823
IP address blocks: 156.234.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93069 (0x16b8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 16 18:16:43 2025 GMT
Not After : Oct 4 18:16:43 2025 GMT
Subject: CN=68a0cb0f-dde3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:2a:f3:e8:ef:ac:6e:92:f0:18:cb:3e:04:
27:0b:c1:04:ce:48:1f:62:10:25:54:e7:fd:ee:14:
44:b7:c0:92:82:f7:ce:fd:b9:8a:d5:db:cb:9b:05:
b7:54:9a:a8:05:6a:ae:c8:64:72:56:2d:8c:f2:5b:
6d:46:52:d2:8b:df:98:ee:f9:da:ef:04:0b:f3:80:
70:9e:a4:86:04:4d:72:88:bb:23:d0:41:5f:4e:a4:
92:f1:78:26:56:ae:f7:3f:91:a4:38:0d:c8:03:11:
97:9e:d4:ec:1c:e9:be:c2:cc:91:04:5f:4a:2c:b8:
5b:22:59:15:7d:d4:d0:19:83:44:79:47:e7:74:46:
a4:90:ea:f9:2e:30:df:97:e8:ae:fe:29:b9:07:a4:
9d:f5:17:a4:c5:b5:41:6e:25:5d:98:cb:6b:0c:58:
52:a1:da:70:a3:3c:ec:e7:fe:13:8e:27:dc:78:1d:
41:d5:25:cf:13:a6:7d:55:f6:0a:47:44:17:b1:f3:
39:a1:8e:a9:8c:7f:17:cf:e7:bc:50:05:01:cb:84:
92:06:0c:81:ad:1d:4d:8a:86:db:1a:f3:e8:15:32:
1d:67:79:11:42:ba:c2:08:a5:8b:24:5a:48:e0:7b:
1a:60:3c:32:b2:26:80:26:cc:16:e2:80:76:51:12:
7e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:97:CF:D6:28:28:60:FC:11:53:5C:F1:3D:E1:F9:26:65:79:26:87
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2BD64C4A7ACD11F0B9E6DDBCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.228.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:c8:21:fa:50:35:32:ea:5d:f3:17:b9:2a:c8:c1:b8:a9:62:
e8:a4:aa:2a:64:9f:1f:b7:c2:d2:da:5f:de:96:7e:16:ce:bb:
b7:6b:bc:dc:64:15:6b:1b:e7:62:ca:b1:b4:f6:82:9e:4f:07:
a7:51:41:f3:14:c3:57:d2:48:7a:cf:54:5e:be:98:f9:1b:dc:
92:de:d4:e6:0c:46:36:fc:3b:c1:03:07:bf:11:87:e4:b5:3d:
4b:3a:ee:ed:17:0f:fc:47:57:7e:80:9a:a1:d2:b0:f9:50:f9:
7e:2b:f8:7d:39:44:1f:96:8a:d3:b1:ae:4c:fe:7d:eb:81:5c:
72:c4:18:4b:b8:12:f8:aa:45:73:e1:6c:ff:28:e7:6a:4b:2b:
55:ae:5d:1f:42:eb:ea:3b:ff:5e:6c:c3:3d:ee:f1:de:05:83:
48:23:c6:9c:93:48:7c:9d:55:d4:24:34:a4:a7:c5:0e:03:3a:
5a:6d:2d:45:e7:fe:f5:5f:3b:f6:c5:6d:0a:21:1d:70:a1:fe:
c7:7d:03:e5:16:ca:33:f4:7c:55:14:77:7a:de:54:ef:ce:b1:
4c:09:30:36:58:55:3f:81:51:08:0b:ad:1e:f9:9f:49:d8:57:
af:ed:ef:00:c6:6a:47:30:55:50:11:1b:bc:0f:f6:ca:60:ff:
bc:a6:9a:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWuNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE2MTgxNjQzWhcNMjUxMDA0MTgxNjQzWjAYMRYw
FAYDVQQDEw02OGEwY2IwZi1kZGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArSEq8+jvrG6S8BjLPgQnC8EEzkgfYhAlVOf97hREt8CSgvfO/bmK1dvL
mwW3VJqoBWquyGRyVi2M8lttRlLSi9+Y7vna7wQL84BwnqSGBE1yiLsj0EFfTqSS
8XgmVq73P5GkOA3IAxGXntTsHOm+wsyRBF9KLLhbIlkVfdTQGYNEeUfndEakkOr5
LjDfl+iu/im5B6Sd9RekxbVBbiVdmMtrDFhSodpwozzs5/4TjifceB1B1SXPE6Z9
VfYKR0QXsfM5oY6pjH8Xz+e8UAUBy4SSBgyBrR1NiobbGvPoFTIdZ3kRQrrCCKWL
JFpI4HsaYDwysiaAJswW4oB2URJ+jQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL6X
z9YoKGD8EVNc8T3h+SZleSaHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQkQ2NEM0QTdBQ0QxMUYwQjlFNkREQkNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOrkMA0GCSqGSIb3DQEBCwUA
A4IBAQC7yCH6UDUy6l3zF7kqyMG4qWLopKoqZJ8ft8LS2l/eln4Wzru3a7zcZBVr
G+diyrG09oKeTwenUUHzFMNX0kh6z1Revpj5G9yS3tTmDEY2/DvBAwe/EYfktT1L
Ou7tFw/8R1d+gJqh0rD5UPl+K/h9OUQflorTsa5M/n3rgVxyxBhLuBL4qkVz4Wz/
KOdqSytVrl0fQuvqO/9ebMM97vHeBYNII8ack0h8nVXUJDSkp8UOAzpabS1F5/71
Xzv2xW0KIR1wof7HfQPlFsoz9HxVFHd63lTvzrFMCTA2WFU/gVEIC60e+Z9J2Fev
7e8AxmpHMFVQERu8D/bKYP+8pprK
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:31:12 2025 by rpki-client