Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8211E25679AE11F083FA327FDAE4EC9C.roa
File: 8211E25679AE11F083FA327FDAE4EC9C.roa (raw, json)
Hash identifier: fllP7OllhaOy2W5Ch/TlcBgo6BKUWW6DMR+Fn/hNMRk=
Subject key identifier: 85:C1:B4:BB:86:11:25:EA:42:F2:9C:6C:CB:E4:F0:DB:DF:BD:9D:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016B25
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8211E25679AE11F083FA327FDAE4EC9C.roa
Signing time: Fri 15 Aug 2025 08:04:47 +0000
ROA not before: Fri 15 Aug 2025 08:04:42 +0000
ROA not after: Tue 16 Sep 2025 08:04:42 +0000
asID: 137443
IP address blocks: 156.255.2.0/24 maxlen: 24
156.255.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92965 (0x16b25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 15 08:04:42 2025 GMT
Not After : Sep 16 08:04:42 2025 GMT
Subject: CN=689eea1e-39dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:39:60:a9:94:43:2e:bb:69:f8:66:47:be:54:
29:45:3d:74:eb:6e:64:db:df:6a:f3:69:2a:83:48:
25:e3:94:7d:1d:6c:f1:a7:8a:0a:17:70:90:72:37:
76:c0:25:37:3b:62:46:e0:56:53:c0:ab:88:9c:5c:
71:74:fd:a6:88:ec:09:19:50:14:1a:8a:33:db:7e:
87:23:03:6f:db:82:68:51:be:35:e1:14:77:59:f4:
4a:a3:f7:47:22:cd:47:9e:c2:f7:61:77:04:64:08:
d4:b9:df:ef:fd:53:73:45:ea:19:23:80:43:c8:dc:
d6:f2:21:e1:0d:78:71:a2:6d:3f:7a:e1:24:63:a1:
59:a1:86:35:7e:a6:45:ff:cb:a0:34:03:03:7e:76:
c8:a8:b5:f4:c8:49:f4:4f:5a:e9:22:6a:b1:ec:ce:
82:d6:b2:01:93:b9:18:0e:ef:44:ac:f4:68:0b:03:
11:ed:16:8a:65:4f:ba:40:f0:a2:7b:8c:2f:6e:65:
c5:60:37:57:05:9f:a2:84:5f:90:db:ba:bc:9e:55:
22:8e:5a:0e:24:25:2f:db:a1:20:29:bc:42:d3:5c:
d9:f0:c2:ad:63:94:4b:76:fc:70:c2:fd:74:45:8b:
5f:a9:5e:30:8e:67:8e:3a:73:56:c4:b6:a3:b5:b7:
c7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:C1:B4:BB:86:11:25:EA:42:F2:9C:6C:CB:E4:F0:DB:DF:BD:9D:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8211E25679AE11F083FA327FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.2.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:c8:03:9e:fc:af:c1:f8:ad:9e:c9:0e:b7:4f:ba:78:4c:b6:
4b:a7:75:79:01:94:e4:d7:5a:c6:0c:26:8a:d3:a5:57:79:09:
0f:68:92:97:e8:79:ab:17:f2:87:27:5f:fe:00:87:54:10:4d:
dc:0e:94:99:e6:b9:c8:1d:7c:0f:59:47:e2:32:bd:24:c5:93:
d9:d0:d2:45:da:ae:54:77:95:a2:ba:fd:ee:11:f7:8f:7a:5f:
eb:ac:4b:4f:d1:a8:4c:d1:96:91:62:75:a3:18:57:3d:42:50:
d3:5b:33:77:12:46:f1:cc:a3:61:aa:8a:26:ce:79:b5:5a:40:
ed:7e:34:d3:c0:80:cc:11:14:f2:3e:1d:bf:52:c3:24:1d:7e:
6e:b1:5b:3a:30:21:b0:fa:f6:7b:0a:2e:23:ec:15:d2:fe:b8:
53:4c:52:14:80:a5:e3:47:21:a7:27:90:7d:1a:50:ab:f9:61:
45:37:8f:2c:46:13:39:ac:ea:af:92:5c:62:a1:db:d1:17:df:
45:e9:f2:0c:48:c5:6d:02:43:39:f9:eb:12:7f:1e:5d:f1:ae:
a2:b2:99:b5:25:dd:a7:15:7a:7c:68:f1:c9:e4:f7:56:1f:b7:
f4:fa:1b:6e:c4:3c:da:fd:b3:5b:23:ee:f7:68:52:59:91:95:
81:23:6a:61
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWslMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE1MDgwNDQyWhcNMjUwOTE2MDgwNDQyWjAYMRYw
FAYDVQQDEw02ODllZWExZS0zOWRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+DlgqZRDLrtp+GZHvlQpRT10625k299q82kqg0gl45R9HWzxp4oKF3CQ
cjd2wCU3O2JG4FZTwKuInFxxdP2miOwJGVAUGooz236HIwNv24JoUb414RR3WfRK
o/dHIs1HnsL3YXcEZAjUud/v/VNzReoZI4BDyNzW8iHhDXhxom0/euEkY6FZoYY1
fqZF/8ugNAMDfnbIqLX0yEn0T1rpImqx7M6C1rIBk7kYDu9ErPRoCwMR7RaKZU+6
QPCie4wvbmXFYDdXBZ+ihF+Q27q8nlUijloOJCUv26EgKbxC01zZ8MKtY5RLdvxw
wv10RYtfqV4wjmeOOnNWxLajtbfHTwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIXB
tLuGESXqQvKcbMvk8NvfvZ3cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjExRTI1Njc5QUUxMUYwODNGQTMyN0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP8CMA0GCSqGSIb3DQEBCwUA
A4IBAQBLyAOe/K/B+K2eyQ63T7p4TLZLp3V5AZTk11rGDCaK06VXeQkPaJKX6Hmr
F/KHJ1/+AIdUEE3cDpSZ5rnIHXwPWUfiMr0kxZPZ0NJF2q5Ud5Wiuv3uEfePel/r
rEtP0ahM0ZaRYnWjGFc9QlDTWzN3EkbxzKNhqoomznm1WkDtfjTTwIDMERTyPh2/
UsMkHX5usVs6MCGw+vZ7Ci4j7BXS/rhTTFIUgKXjRyGnJ5B9GlCr+WFFN48sRhM5
rOqvklxiodvRF99F6fIMSMVtAkM5+esSfx5d8a6ispm1Jd2nFXp8aPHJ5PdWH7f0
+htuxDza/bNbI+73aFJZkZWBI2ph
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:27:36 2025 by rpki-client