Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5460156A7E6A11F096007EEADAE4EC9C.roa
File: 5460156A7E6A11F096007EEADAE4EC9C.roa (raw, json)
Hash identifier: YHv7tP4IST8n2VwsPRclPyE+oo0VnEEN5exk5wCN5bk=
Subject key identifier: 38:07:B0:83:64:F2:07:85:FE:16:43:1F:BC:D0:B0:21:1D:17:57:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016DC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5460156A7E6A11F096007EEADAE4EC9C.roa
Signing time: Thu 21 Aug 2025 08:39:20 +0000
ROA not before: Thu 21 Aug 2025 08:39:15 +0000
ROA not after: Sat 30 Aug 2025 08:39:15 +0000
asID: 61461
IP address blocks: 156.247.128.0/17 maxlen: 24
156.255.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93639 (0x16dc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 21 08:39:15 2025 GMT
Not After : Aug 30 08:39:15 2025 GMT
Subject: CN=68a6db38-c2bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:91:f6:f5:32:b5:30:c3:79:2e:aa:ca:cb:b7:
df:d9:8d:0a:4f:75:a2:97:60:ca:49:8d:3b:ad:eb:
9e:ce:65:aa:a7:be:92:ef:49:6a:d0:f7:6b:a4:e7:
1d:99:98:95:f2:f6:a7:aa:49:0a:7d:b3:7a:d4:16:
73:9b:8b:f0:93:62:d2:8e:e8:09:dd:11:b6:e9:16:
de:34:4a:06:03:3f:ca:b1:53:aa:02:fa:ee:5c:dd:
0c:d4:a1:03:91:6f:65:da:d7:fc:7a:6a:7c:0d:62:
88:6b:ef:dd:fd:35:27:f1:ea:86:ed:ff:75:1a:2a:
db:6c:32:72:a9:b1:8d:d2:84:07:ad:63:7f:3a:94:
a3:f4:2a:fa:1d:be:1f:90:7d:fe:41:f1:ef:8f:11:
e8:09:bb:96:24:45:0e:db:88:cb:f1:75:8d:8b:c4:
1b:80:cc:fd:07:a1:3e:3e:4f:a9:78:7a:33:a6:f5:
71:bd:8a:bd:1e:7b:f2:80:c9:c3:27:e8:e1:5b:55:
d8:be:42:8f:5c:cf:33:28:6b:2d:a2:50:fc:cd:a6:
97:2f:6d:58:a3:bd:81:f9:b2:04:ae:66:bc:90:17:
3e:d6:59:94:31:87:3f:c7:b2:ee:07:c8:e3:ba:73:
a4:48:2c:3f:8f:a7:34:62:41:61:de:85:9d:d9:9d:
55:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:07:B0:83:64:F2:07:85:FE:16:43:1F:BC:D0:B0:21:1D:17:57:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5460156A7E6A11F096007EEADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.128.0/17
156.255.128.0/17
Signature Algorithm: sha256WithRSAEncryption
87:58:23:85:d2:ac:7b:e6:05:93:97:88:cc:25:72:5b:9e:f9:
11:da:ad:07:98:5a:80:bc:52:b3:48:b6:99:c3:e1:b0:03:bb:
02:91:d5:7b:fc:dd:e3:aa:41:28:ac:a2:b6:0e:05:9a:4e:a3:
d0:27:ba:38:02:82:e3:8f:b0:9f:fd:af:05:8d:f5:04:87:79:
4c:13:ba:87:9b:bf:57:a3:3c:12:73:c5:d7:6c:c8:e8:22:30:
e0:ea:6f:6f:c7:94:01:1e:38:56:c8:89:dc:b9:8a:95:67:b3:
a0:dc:47:5f:96:de:9b:5a:4a:f7:78:a1:b1:3e:00:68:7f:fb:
2b:85:09:42:b2:f8:4f:3f:e3:d5:20:ef:10:4c:c2:17:3c:b0:
cf:d7:6f:d8:75:7b:d5:04:78:d2:55:b6:53:a9:2a:d7:da:14:
25:2b:13:27:13:6f:3e:5d:0a:c2:5b:49:2f:63:35:2d:5d:ab:
7e:c1:e1:14:97:12:af:32:87:26:72:58:a6:06:aa:c4:d5:8d:
54:a1:17:5c:82:74:ff:60:80:62:22:f7:7d:1a:9d:df:65:c7:
92:c8:20:fe:cd:21:d6:ba:90:eb:8e:06:4e:21:5d:4d:70:ad:
2f:a5:55:1f:42:79:6d:06:05:60:30:89:ab:04:17:61:cd:a7:
8e:60:c7:c7
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAW3HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIxMDgzOTE1WhcNMjUwODMwMDgzOTE1WjAYMRYw
FAYDVQQDEw02OGE2ZGIzOC1jMmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8pH29TK1MMN5LqrKy7ff2Y0KT3Wil2DKSY07reuezmWqp76S70lq0Pdr
pOcdmZiV8vanqkkKfbN61BZzm4vwk2LSjugJ3RG26RbeNEoGAz/KsVOqAvruXN0M
1KEDkW9l2tf8emp8DWKIa+/d/TUn8eqG7f91GirbbDJyqbGN0oQHrWN/OpSj9Cr6
Hb4fkH3+QfHvjxHoCbuWJEUO24jL8XWNi8QbgMz9B6E+Pk+peHozpvVxvYq9Hnvy
gMnDJ+jhW1XYvkKPXM8zKGstolD8zaaXL21Yo72B+bIErma8kBc+1lmUMYc/x7Lu
B8jjunOkSCw/j6c0YkFh3oWd2Z1VrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDgH
sINk8geF/hZDH7zQsCEdF1exMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81NDYwMTU2QTdFNkExMUYwOTYwMDdFRUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHnPeAAwQHnP+AMA0GCSqGSIb3
DQEBCwUAA4IBAQCHWCOF0qx75gWTl4jMJXJbnvkR2q0HmFqAvFKzSLaZw+GwA7sC
kdV7/N3jqkEorKK2DgWaTqPQJ7o4AoLjj7Cf/a8FjfUEh3lME7qHm79XozwSc8XX
bMjoIjDg6m9vx5QBHjhWyIncuYqVZ7Og3Edflt6bWkr3eKGxPgBof/srhQlCsvhP
P+PVIO8QTMIXPLDP12/YdXvVBHjSVbZTqSrX2hQlKxMnE28+XQrCW0kvYzUtXat+
weEUlxKvMocmclimBqrE1Y1UoRdcgnT/YIBiIvd9Gp3fZceSyCD+zSHWupDrjgZO
IV1NcK0vpVUfQnltBgVgMImrBBdhzaeOYMfH
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:20 2025 by rpki-client