Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/300CFD507E8711F08C2A82A6DAE4EC9C.roa
File: 300CFD507E8711F08C2A82A6DAE4EC9C.roa (raw, json)
Hash identifier: 1rA/8NG9VFwo9/I2UoO+OPwQF2ttElDmRdbZ4JO2XIk=
Subject key identifier: 32:C9:16:A9:CC:23:14:A6:B3:C9:F0:F5:B4:05:F6:1E:9B:4C:89:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016E2D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/300CFD507E8711F08C2A82A6DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 12:05:54 +0000
ROA not before: Thu 21 Aug 2025 12:05:50 +0000
ROA not after: Fri 26 Sep 2025 12:05:50 +0000
asID: 395793
IP address blocks: 156.228.62.0/24 maxlen: 24
156.228.210.0/24 maxlen: 24
156.228.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93741 (0x16e2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 21 12:05:50 2025 GMT
Not After : Sep 26 12:05:50 2025 GMT
Subject: CN=68a70ba2-d54a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:96:d9:59:6b:91:c7:fb:fc:3c:8a:86:84:73:
05:a8:4f:9b:89:c0:7f:12:1b:9b:9d:42:c9:d3:25:
86:40:d1:3e:ae:39:8a:c1:c2:11:8d:a1:e5:2d:f0:
cb:4a:d7:11:85:73:87:2e:4e:ac:5d:86:eb:fe:a1:
30:25:64:e0:f4:fa:66:54:dc:f4:2f:61:76:59:66:
4b:8f:42:0e:14:db:8a:30:d0:30:7f:9b:67:f1:c8:
93:3c:b1:23:26:08:18:2d:5d:2c:a2:7f:9c:c5:a0:
31:2a:ff:81:72:11:75:c7:3d:9c:73:ce:6e:40:20:
3d:0a:f2:4e:e7:1f:74:7a:c4:98:6e:cf:4f:f0:bf:
55:3c:bd:79:27:1b:73:dc:92:f3:e5:8f:49:c8:d2:
18:97:74:52:f7:f3:75:63:77:49:84:57:90:d1:97:
36:8e:29:32:9e:1f:0e:fc:b8:3b:5d:c6:d2:54:4d:
78:3a:27:90:28:dd:dc:50:05:73:03:6e:f5:67:27:
09:da:4f:c2:49:6c:54:84:9b:e3:ee:48:03:b0:e0:
cc:80:0e:28:1c:93:9e:de:87:a6:00:da:0a:9f:4e:
ed:8f:d4:32:34:84:7c:09:1c:74:83:1c:4a:cb:e4:
aa:b4:e0:06:55:e4:da:32:b5:04:d3:5a:09:39:e8:
b7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C9:16:A9:CC:23:14:A6:B3:C9:F0:F5:B4:05:F6:1E:9B:4C:89:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/300CFD507E8711F08C2A82A6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.62.0/24
156.228.210.0/23
Signature Algorithm: sha256WithRSAEncryption
60:d5:16:b8:f1:e2:2d:15:49:02:39:dd:c3:73:e6:0f:28:db:
e6:c3:8b:1a:a3:b5:8e:eb:c7:cf:6d:e9:73:d8:68:b9:f7:62:
dc:9d:61:3d:80:9d:05:2c:3c:e3:61:b0:77:6c:32:4a:59:23:
b8:b8:5a:02:fb:5f:ef:dc:f8:95:7b:df:52:70:1f:21:77:71:
d0:02:83:1f:05:c1:20:a8:3c:3a:08:cb:74:32:47:0a:d4:1f:
3f:9d:10:a5:ef:e3:e2:ba:ba:c9:b0:2d:22:5c:1f:12:09:d1:
1d:c6:18:48:6d:fb:22:c3:23:cd:5a:61:a5:30:9f:50:86:6e:
a7:c4:7d:94:34:2b:32:6b:0a:65:b3:fb:f8:cc:84:25:5f:f9:
ba:37:bd:eb:ec:1d:0c:83:b9:49:a2:ec:b1:cc:cc:43:b1:ba:
fc:2d:56:72:e2:b2:ca:a0:92:d8:85:31:a2:74:42:3d:b3:d9:
c3:ab:cc:c7:f9:11:1c:e6:3c:62:ee:be:19:c2:a9:1b:8a:f2:
4d:12:82:d5:94:40:83:b1:8b:5c:e1:92:f6:d8:a8:ad:51:58:
7f:3c:34:6e:f5:63:09:d3:4d:23:1b:12:4a:35:86:e4:c1:ff:
2e:95:8b:17:85:be:f7:5e:c2:2c:fe:5a:28:e6:d9:3f:33:40:
61:ed:d4:e4
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAW4tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIxMTIwNTUwWhcNMjUwOTI2MTIwNTUwWjAYMRYw
FAYDVQQDEw02OGE3MGJhMi1kNTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz5bZWWuRx/v8PIqGhHMFqE+bicB/EhubnULJ0yWGQNE+rjmKwcIRjaHl
LfDLStcRhXOHLk6sXYbr/qEwJWTg9PpmVNz0L2F2WWZLj0IOFNuKMNAwf5tn8ciT
PLEjJggYLV0son+cxaAxKv+BchF1xz2cc85uQCA9CvJO5x90esSYbs9P8L9VPL15
Jxtz3JLz5Y9JyNIYl3RS9/N1Y3dJhFeQ0Zc2jikynh8O/Lg7XcbSVE14OieQKN3c
UAVzA271ZycJ2k/CSWxUhJvj7kgDsODMgA4oHJOe3oemANoKn07tj9QyNIR8CRx0
gxxKy+SqtOAGVeTaMrUE01oJOei3EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLJ
FqnMIxSms8nw9bQF9h6bTImQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMDBDRkQ1MDdFODcxMUYwOEMyQTgyQTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOQ+AwQBnOTSMA0GCSqGSIb3
DQEBCwUAA4IBAQBg1Ra48eItFUkCOd3Dc+YPKNvmw4sao7WO68fPbelz2Gi592Lc
nWE9gJ0FLDzjYbB3bDJKWSO4uFoC+1/v3PiVe99ScB8hd3HQAoMfBcEgqDw6CMt0
MkcK1B8/nRCl7+PiurrJsC0iXB8SCdEdxhhIbfsiwyPNWmGlMJ9Qhm6nxH2UNCsy
awpls/v4zIQlX/m6N73r7B0Mg7lJouyxzMxDsbr8LVZy4rLKoJLYhTGidEI9s9nD
q8zH+REc5jxi7r4ZwqkbivJNEoLVlECDsYtc4ZL22KitUVh/PDRu9WMJ000jGxJK
NYbkwf8ulYsXhb73XsIs/loo5tk/M0Bh7dTk
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:50 2025 by rpki-client