Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64DBC108952D11F08B5B8C9ADAE4EC9C.roa
File: 64DBC108952D11F08B5B8C9ADAE4EC9C.roa (raw, json)
Hash identifier: FC/2eDfZlu5xpQg6KaEbmgDQEnevVC8hn18DwUuyHoE=
Subject key identifier: 70:80:3A:B0:EA:2B:29:8F:80:B5:E7:7E:74:6A:AA:50:AA:62:5B:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017C58
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64DBC108952D11F08B5B8C9ADAE4EC9C.roa
Signing time: Fri 19 Sep 2025 07:51:05 +0000
ROA not before: Fri 19 Sep 2025 07:51:00 +0000
ROA not after: Sun 26 Oct 2025 07:51:00 +0000
asID: 395793
IP address blocks: 156.228.62.0/24 maxlen: 24
156.228.210.0/24 maxlen: 24
156.228.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97368 (0x17c58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 19 07:51:00 2025 GMT
Not After : Oct 26 07:51:00 2025 GMT
Subject: CN=68cd0b69-ab64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8a:77:54:34:5e:9f:d5:74:d8:ef:e9:95:cf:
eb:5b:22:aa:f6:b7:81:a5:23:5a:f5:39:ba:75:45:
5d:a6:d0:0f:b5:55:ef:41:c3:bd:71:72:b9:d7:dc:
54:ae:41:83:10:ad:11:42:bd:bf:42:3c:de:59:bd:
23:0d:27:07:30:70:b7:5b:da:92:24:b5:cf:87:5b:
b7:dc:96:40:82:38:7a:4e:22:58:52:9c:d0:80:cb:
fc:96:02:b8:0b:42:8e:df:15:67:63:ef:2b:4f:ff:
d9:86:65:05:e7:43:85:b3:c6:67:3e:d6:db:cb:9c:
7b:2e:8e:f3:d2:c0:74:dd:99:b6:c5:5b:2a:b1:66:
06:34:9e:6e:e8:2e:10:d8:47:81:24:7a:1c:2c:54:
7e:05:f0:c0:a4:94:b9:29:e7:2f:26:d8:3b:4e:1b:
a3:51:d3:51:3c:ce:c9:e7:a0:3a:ba:d7:fc:09:ea:
0f:45:5e:55:12:c9:3c:d4:4f:1e:b5:48:5c:ec:8f:
d2:52:09:8c:48:b3:f6:86:74:f0:ea:ac:84:61:e9:
8c:21:ab:4e:2a:50:d0:6d:8f:cb:90:50:45:86:f4:
57:d8:35:b5:be:e3:99:e0:aa:76:82:b8:d9:15:c0:
5a:74:ef:74:8d:05:2c:6d:29:07:d3:30:d1:99:bf:
61:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:80:3A:B0:EA:2B:29:8F:80:B5:E7:7E:74:6A:AA:50:AA:62:5B:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/64DBC108952D11F08B5B8C9ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.62.0/24
156.228.210.0/23
Signature Algorithm: sha256WithRSAEncryption
19:4c:93:4b:d9:11:17:ee:09:7d:e8:16:7d:f3:15:36:af:57:
83:e7:d6:1c:dd:43:ea:cd:d0:dd:ee:72:7a:36:75:b2:42:34:
46:ee:01:c5:c3:2d:2c:1b:8c:be:25:89:4f:4c:b9:9c:cc:d3:
6f:59:b0:6a:3b:2b:ab:b7:11:61:42:bf:83:22:62:61:4b:9a:
c3:e6:07:a7:a1:95:b7:d7:2d:c7:32:6a:bf:1a:41:08:b0:12:
a5:f6:a3:69:de:5e:b6:fc:1d:9c:37:17:90:0a:06:28:7b:72:
b3:97:7a:59:ae:6f:9f:f2:1e:55:9e:50:96:7b:77:9c:49:fd:
70:c4:b6:d7:52:69:67:b8:3f:7c:d8:cb:ea:5a:e6:df:23:a1:
64:52:b7:bd:cc:75:45:21:15:61:a5:dc:ae:67:f5:f4:dc:e4:
c0:93:d1:f7:e4:03:8b:c9:e8:53:6b:e4:66:1f:01:64:4b:a9:
56:e0:bf:66:69:a5:72:ca:29:dc:e8:cb:88:66:af:d1:35:2d:
88:1d:e0:65:cd:23:ab:29:83:dd:8f:98:c7:16:9f:dc:38:21:
b0:92:f1:f0:fd:45:51:71:d8:85:54:a9:7b:38:af:6e:a8:14:
59:27:2f:59:6f:34:66:4f:79:d4:52:f0:62:80:fc:e9:2a:53:
35:b5:4b:5e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXxYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE5MDc1MTAwWhcNMjUxMDI2MDc1MTAwWjAYMRYw
FAYDVQQDEw02OGNkMGI2OS1hYjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2op3VDRen9V02O/plc/rWyKq9reBpSNa9Tm6dUVdptAPtVXvQcO9cXK5
19xUrkGDEK0RQr2/QjzeWb0jDScHMHC3W9qSJLXPh1u33JZAgjh6TiJYUpzQgMv8
lgK4C0KO3xVnY+8rT//ZhmUF50OFs8ZnPtbby5x7Lo7z0sB03Zm2xVsqsWYGNJ5u
6C4Q2EeBJHocLFR+BfDApJS5KecvJtg7ThujUdNRPM7J56A6utf8CeoPRV5VEsk8
1E8etUhc7I/SUgmMSLP2hnTw6qyEYemMIatOKlDQbY/LkFBFhvRX2DW1vuOZ4Kp2
grjZFcBadO90jQUsbSkH0zDRmb9hRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHCA
OrDqKymPgLXnfnRqqlCqYlsQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NERCQzEwODk1MkQxMUYwOEI1QjhDOUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOQ+AwQBnOTSMA0GCSqGSIb3
DQEBCwUAA4IBAQAZTJNL2REX7gl96BZ98xU2r1eD59Yc3UPqzdDd7nJ6NnWyQjRG
7gHFwy0sG4y+JYlPTLmczNNvWbBqOyurtxFhQr+DImJhS5rD5genoZW31y3HMmq/
GkEIsBKl9qNp3l62/B2cNxeQCgYoe3Kzl3pZrm+f8h5VnlCWe3ecSf1wxLbXUmln
uD982MvqWubfI6FkUre9zHVFIRVhpdyuZ/X03OTAk9H35AOLyehTa+RmHwFkS6lW
4L9maaVyyinc6MuIZq/RNS2IHeBlzSOrKYPdj5jHFp/cOCGwkvHw/UVRcdiFVKl7
OK9uqBRZJy9ZbzRmT3nUUvBigPzpKlM1tUte
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:19 2025 by rpki-client