Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/707A67DE7E7C11F09AF836E1DAE4EC9C.roa
File: 707A67DE7E7C11F09AF836E1DAE4EC9C.roa (raw, json)
Hash identifier: cfqaEyP9Ty9EanDp8ebR5ovd5wugw7fxh9url8+iFhw=
Subject key identifier: 5A:5F:83:A0:0A:46:D7:C9:BC:46:0D:A0:23:73:19:81:40:54:6C:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016E0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/707A67DE7E7C11F09AF836E1DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 10:48:58 +0000
ROA not before: Thu 21 Aug 2025 10:48:50 +0000
ROA not after: Sat 04 Oct 2025 10:48:50 +0000
asID: 203020
IP address blocks: 156.233.12.0/22 maxlen: 24
156.233.36.0/22 maxlen: 24
156.233.76.0/22 maxlen: 24
156.233.112.0/22 maxlen: 24
156.241.32.0/21 maxlen: 24
156.252.224.0/22 maxlen: 24
156.252.228.0/22 maxlen: 24
156.252.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93711 (0x16e0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 21 10:48:50 2025 GMT
Not After : Oct 4 10:48:50 2025 GMT
Subject: CN=68a6f99a-07c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5b:14:4a:a4:b0:e2:76:79:00:0d:89:32:45:
8a:15:a1:93:49:47:56:ae:68:81:d4:e5:44:04:d8:
8a:90:1e:3f:21:16:a6:fe:b5:98:fa:7c:68:a2:85:
3e:ee:3b:50:dc:09:8d:02:89:aa:3b:6e:aa:6e:76:
68:85:c9:28:cf:82:36:75:7d:1b:bd:91:8b:dd:56:
08:d4:d5:36:3b:73:2c:ce:8c:94:a5:24:e5:e0:92:
d0:e5:4b:17:d2:0a:1d:41:54:10:03:7c:1e:57:91:
f9:de:66:e4:68:21:be:51:95:9c:7e:77:61:56:48:
60:bd:1d:6b:f3:cc:fe:76:bb:fd:d2:a0:45:d7:cf:
ae:54:d2:39:6f:b3:a3:45:59:e4:9c:47:6a:47:5f:
e0:ba:a4:e1:a1:c0:a9:69:72:4c:eb:f1:cc:3e:be:
4f:76:bd:a7:03:b1:8a:8c:da:b6:cd:a0:2c:78:b5:
27:54:6e:5f:65:d3:0f:0b:13:ab:ed:33:16:ac:58:
1e:f3:6f:38:b5:1d:c2:4b:52:89:c5:92:98:7d:19:
ac:c4:0a:8b:d8:97:45:bd:c6:ca:56:af:6f:96:13:
3c:e9:64:68:1e:05:ee:14:49:e3:d7:86:36:05:d8:
f3:07:19:ba:c8:a9:cc:d6:92:76:97:d8:2e:62:71:
b8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5F:83:A0:0A:46:D7:C9:BC:46:0D:A0:23:73:19:81:40:54:6C:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/707A67DE7E7C11F09AF836E1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.12.0/22
156.233.36.0/22
156.233.76.0/22
156.233.112.0/22
156.241.32.0/21
156.252.224.0/20
Signature Algorithm: sha256WithRSAEncryption
52:8b:77:4c:75:5d:e1:ea:71:5b:a4:5e:07:00:c2:9c:1a:a8:
4f:18:35:4b:f9:16:c5:71:2c:88:e7:04:9e:69:a5:f0:59:66:
54:81:d5:a4:68:65:b5:c3:37:ce:d9:17:3e:3c:f2:86:bd:1e:
24:1a:a1:ff:42:ed:9b:85:a2:86:12:0a:b4:13:9e:69:68:f5:
3e:de:45:f2:f2:82:e9:80:04:1e:79:09:75:71:d1:8a:fb:12:
99:5c:3e:fc:c8:72:4c:f3:b0:34:ad:a0:f2:19:88:1e:f7:9f:
45:d5:5b:c9:e5:f0:14:94:eb:75:72:d7:d2:37:2c:0c:01:a5:
b7:ab:e3:09:ac:a4:87:15:7d:90:6d:62:66:07:ff:b1:b5:ad:
c0:ef:9a:bd:84:e6:7e:f8:cd:da:24:8e:3a:26:5c:b9:3e:3d:
3e:2a:07:9e:02:4e:55:f5:5b:60:88:75:64:e4:03:f2:ca:6f:
18:a4:8f:55:c3:12:be:d8:f4:60:60:73:3c:89:4a:6d:83:6b:
f5:45:d7:fb:b1:a0:25:fb:41:7a:44:67:92:59:db:7c:7d:37:
9b:73:0d:66:77:e8:7b:4a:b8:0d:2f:21:55:94:27:a5:1d:9b:
ce:20:5d:29:d1:68:bf:8d:38:98:48:09:8f:09:a0:5c:18:08:
62:7d:fd:23
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIDAW4PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIxMTA0ODUwWhcNMjUxMDA0MTA0ODUwWjAYMRYw
FAYDVQQDEw02OGE2Zjk5YS0wN2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq1sUSqSw4nZ5AA2JMkWKFaGTSUdWrmiB1OVEBNiKkB4/IRam/rWY+nxo
ooU+7jtQ3AmNAomqO26qbnZohckoz4I2dX0bvZGL3VYI1NU2O3MszoyUpSTl4JLQ
5UsX0godQVQQA3weV5H53mbkaCG+UZWcfndhVkhgvR1r88z+drv90qBF18+uVNI5
b7OjRVnknEdqR1/guqThocCpaXJM6/HMPr5Pdr2nA7GKjNq2zaAseLUnVG5fZdMP
CxOr7TMWrFge8284tR3CS1KJxZKYfRmsxAqL2JdFvcbKVq9vlhM86WRoHgXuFEnj
14Y2BdjzBxm6yKnM1pJ2l9guYnG4qwIDAQABo4ICwDCCArwwHQYDVR0OBBYEFFpf
g6AKRtfJvEYNoCNzGYFAVGyqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MDdBNjdERTdFN0MxMUYwOUFGODM2RTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCnOkMAwQCnOkkAwQCnOlMAwQC
nOlwAwQDnPEgAwQEnPzgMA0GCSqGSIb3DQEBCwUAA4IBAQBSi3dMdV3h6nFbpF4H
AMKcGqhPGDVL+RbFcSyI5wSeaaXwWWZUgdWkaGW1wzfO2Rc+PPKGvR4kGqH/Qu2b
haKGEgq0E55paPU+3kXy8oLpgAQeeQl1cdGK+xKZXD78yHJM87A0raDyGYge959F
1VvJ5fAUlOt1ctfSNywMAaW3q+MJrKSHFX2QbWJmB/+xta3A75q9hOZ++M3aJI46
Jly5Pj0+KgeeAk5V9VtgiHVk5APyym8YpI9VwxK+2PRgYHM8iUptg2v1Rdf7saAl
+0F6RGeSWdt8fTebcw1md+h7SrgNLyFVlCelHZvOIF0p0Wi/jTiYSAmPCaBcGAhi
ff0j
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:10:23 2025 by rpki-client