Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/425A087C79AF11F087BFFC83DAE4EC9C.roa
File: 425A087C79AF11F087BFFC83DAE4EC9C.roa (raw, json)
Hash identifier: JRPIHX6rq38qQPRDmuLsf6hrCxZL6U1pZQotTorSI/Q=
Subject key identifier: E4:0E:D6:D7:0B:00:4B:D0:C6:8F:DA:8A:8D:08:34:98:27:E2:99:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016B27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/425A087C79AF11F087BFFC83DAE4EC9C.roa
Signing time: Fri 15 Aug 2025 08:10:09 +0000
ROA not before: Fri 15 Aug 2025 08:10:04 +0000
ROA not after: Mon 25 Aug 2025 08:10:04 +0000
asID: 150706
IP address blocks: 156.236.96.0/22 maxlen: 24
156.236.108.0/22 maxlen: 24
156.236.112.0/21 maxlen: 24
156.236.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92967 (0x16b27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 15 08:10:04 2025 GMT
Not After : Aug 25 08:10:04 2025 GMT
Subject: CN=689eeb61-6728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:99:1b:3b:af:27:50:57:81:09:42:05:02:47:
bc:6a:7b:49:c6:26:09:a1:b5:44:21:76:b4:50:68:
09:f0:30:80:de:2d:fb:29:78:38:54:d3:e1:c1:94:
23:b7:80:c6:2f:af:5e:a3:a7:31:8f:5b:8c:f1:5c:
25:e6:f0:66:e0:d8:f4:7b:34:2d:b6:c5:34:1e:5f:
a6:a9:13:8f:1f:f8:f4:3d:33:4d:47:2b:c2:d4:de:
b5:d0:61:f7:ee:e2:1e:c2:33:0f:aa:8a:e1:fe:52:
3f:4e:f1:5e:07:c6:36:28:f4:f6:f7:98:06:59:21:
aa:5c:eb:dd:cd:86:d5:e1:a3:c3:07:a4:ee:90:5d:
67:9b:60:da:76:2e:e0:47:fa:b3:c8:c2:5b:2a:79:
80:9c:74:2b:87:97:aa:64:e0:2e:6c:81:32:66:ae:
e9:a3:0f:0a:de:ee:91:40:11:39:97:7d:c1:e8:03:
7f:13:e7:5a:6c:46:5d:59:a9:34:c0:85:80:6e:df:
e5:fe:32:6f:59:7f:24:85:1e:88:60:c3:ef:31:d5:
6e:9d:a0:39:93:e8:24:c2:2b:52:da:48:08:20:a7:
7a:d1:71:64:d4:35:d8:8f:6b:f2:cd:84:fe:0a:b3:
dc:00:e7:c3:81:98:aa:96:ea:60:39:43:5a:b7:5b:
08:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0E:D6:D7:0B:00:4B:D0:C6:8F:DA:8A:8D:08:34:98:27:E2:99:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/425A087C79AF11F087BFFC83DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.96.0/22
156.236.108.0-156.236.119.255
156.236.124.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:9f:73:ce:f4:e4:1f:48:97:45:7a:f3:2f:c8:15:4d:08:04:
74:90:d1:63:0f:f1:4e:bf:f2:7b:f9:bb:95:ed:93:31:b2:d4:
0f:ef:04:1e:69:8d:6d:bb:f5:d4:b7:c0:50:6e:15:0a:f1:01:
4a:c1:51:15:c9:15:f7:f5:1f:cf:e0:4a:f1:05:2e:97:4d:99:
7a:fc:b9:b0:a7:e3:d2:d4:4a:db:b1:34:82:df:8c:cb:76:64:
91:70:87:3b:a0:e6:4d:ba:db:a2:b8:b4:75:a1:12:a3:6e:30:
a5:2b:cd:c0:dd:0f:41:ad:ab:f2:95:69:f1:a8:31:19:fc:cf:
4b:8e:9d:37:29:3b:00:c3:3a:bc:63:17:6f:6c:92:fd:e6:8f:
f4:e1:37:93:69:91:56:02:19:92:22:d9:94:a0:ae:b3:0e:e2:
fd:d6:dd:cf:7a:1a:db:7c:1e:79:20:3c:17:6c:46:46:22:7a:
08:a5:28:27:33:b1:28:b4:8e:64:d1:12:99:54:24:f4:af:b7:
4d:d6:be:6b:d9:07:75:d4:fa:89:cd:f8:c3:2c:1b:e3:77:c9:
f5:d7:ef:83:93:0f:d2:a1:d8:de:e2:ab:69:6a:7f:c1:57:36:
64:e7:b7:92:40:28:80:47:d8:9d:be:5c:a0:61:60:eb:1a:88:
42:1e:4f:b7
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAWsnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE1MDgxMDA0WhcNMjUwODI1MDgxMDA0WjAYMRYw
FAYDVQQDEw02ODllZWI2MS02NzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0JkbO68nUFeBCUIFAke8antJxiYJobVEIXa0UGgJ8DCA3i37KXg4VNPh
wZQjt4DGL69eo6cxj1uM8Vwl5vBm4Nj0ezQttsU0Hl+mqROPH/j0PTNNRyvC1N61
0GH37uIewjMPqorh/lI/TvFeB8Y2KPT295gGWSGqXOvdzYbV4aPDB6TukF1nm2Da
di7gR/qzyMJbKnmAnHQrh5eqZOAubIEyZq7pow8K3u6RQBE5l33B6AN/E+dabEZd
Wak0wIWAbt/l/jJvWX8khR6IYMPvMdVunaA5k+gkwitS2kgIIKd60XFk1DXYj2vy
zYT+CrPcAOfDgZiqlupgOUNat1sIbwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOQO
1tcLAEvQxo/aio0INJgn4pkpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MjVBMDg3Qzc5QUYxMUYwODdCRkZDODNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCnOxgMAwDBAKc7GwDBAOc7HAD
BAKc7HwwDQYJKoZIhvcNAQELBQADggEBAB2fc8705B9Il0V68y/IFU0IBHSQ0WMP
8U6/8nv5u5XtkzGy1A/vBB5pjW279dS3wFBuFQrxAUrBURXJFff1H8/gSvEFLpdN
mXr8ubCn49LUStuxNILfjMt2ZJFwhzug5k2626K4tHWhEqNuMKUrzcDdD0Gtq/KV
afGoMRn8z0uOnTcpOwDDOrxjF29skv3mj/ThN5NpkVYCGZIi2ZSgrrMO4v3W3c96
Gtt8HnkgPBdsRkYiegilKCczsSi0jmTREplUJPSvt03WvmvZB3XU+onN+MMsG+N3
yfXX74OTD9Kh2N7iq2lqf8FXNmTnt5JAKIBH2J2+XKBhYOsaiEIeT7c=
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:00 2025 by rpki-client