
Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A3584A64CF911F08126327FDAE4EC9C.roa
File: 8A3584A64CF911F08126327FDAE4EC9C.roa (raw, json)
Hash identifier: coyPjGkRqxn2JC2Ial5VH2mQkbSwM+p+U1CuHy304wA=
Subject key identifier: 6F:17:46:3A:51:FD:19:BC:40:85:32:B5:D9:E5:19:58:FF:3B:08:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015D2E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A3584A64CF911F08126327FDAE4EC9C.roa
Signing time: Thu 19 Jun 2025 10:38:30 +0000
ROA not before: Thu 19 Jun 2025 10:38:25 +0000
ROA not after: Sat 26 Jul 2025 10:38:25 +0000
asID: 395793
IP address blocks: 156.228.62.0/24 maxlen: 24
156.228.210.0/24 maxlen: 24
156.228.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89390 (0x15d2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 19 10:38:25 2025 GMT
Not After : Jul 26 10:38:25 2025 GMT
Subject: CN=6853e8a6-91c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:02:17:1e:b3:91:ff:f0:a0:30:69:e6:1d:36:
31:e3:79:f6:7b:2b:64:4e:fb:ed:7e:65:cb:19:73:
6d:a2:e3:79:98:5f:66:ea:28:74:ba:21:b3:8b:ea:
fe:fd:c8:da:f1:76:44:b5:6b:b8:ca:f8:f6:4a:7e:
27:23:79:d7:cb:1f:d7:cd:5f:94:0a:94:a2:7f:67:
de:56:ef:77:3b:14:29:bc:ec:ac:5b:28:8f:eb:c3:
61:a9:a4:3e:3e:65:a3:cf:f2:bc:e8:33:53:8a:eb:
2f:cd:56:ed:36:26:6d:f4:f7:6c:9a:e9:88:9f:99:
aa:07:59:e6:d5:3d:c1:2f:ed:f1:c4:51:a4:8a:26:
45:60:03:b6:0e:97:f9:6c:2e:69:84:78:3e:e0:5b:
b7:79:4d:8d:35:d9:50:d4:cc:6e:74:bd:d8:3b:15:
03:f7:a4:58:e3:9f:41:83:ad:cc:9d:dc:b3:db:8c:
e9:f3:a7:93:2c:34:f0:1a:5c:8b:af:f9:7f:2b:5c:
e6:49:42:48:c9:c1:0d:30:b1:13:50:d7:a4:65:18:
24:44:ef:be:c9:56:d5:89:31:d6:b8:36:94:9d:7d:
ab:ba:7a:f3:52:ff:28:b4:cb:18:db:16:f5:57:50:
5b:1e:67:46:f9:60:53:93:4b:2a:ea:a3:7b:a1:f2:
a3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:17:46:3A:51:FD:19:BC:40:85:32:B5:D9:E5:19:58:FF:3B:08:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A3584A64CF911F08126327FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.62.0/24
156.228.210.0/23
Signature Algorithm: sha256WithRSAEncryption
64:35:73:01:79:57:d6:88:58:26:b1:30:2b:87:57:b6:7f:5d:
d7:23:51:70:9c:9a:4a:3a:97:81:cc:f0:2c:08:42:1d:cc:6b:
c9:9f:42:69:ea:5e:0a:f4:27:79:a7:66:68:7a:5d:2e:89:a5:
d6:63:82:ce:f7:bb:7b:cd:bb:26:00:4f:4d:7c:75:70:e9:57:
c5:22:11:a9:99:8e:49:06:ce:d4:19:11:ab:af:be:32:9d:67:
4e:de:b4:6e:f2:5c:df:a0:b1:21:42:23:30:c6:8f:d1:64:4a:
ce:18:e0:51:25:e5:ad:ed:8b:42:1f:83:b9:91:be:2c:ed:b3:
ad:57:b4:32:c3:7d:b6:44:4e:ff:60:62:ab:82:4e:bc:b9:7e:
39:0a:88:9a:30:82:84:aa:c7:02:63:30:ec:2c:ac:06:c8:e9:
ea:3c:17:81:da:23:ab:26:9f:2c:1e:46:1b:f8:c3:eb:ae:b0:
e2:1b:98:d8:3e:36:84:bd:c5:82:49:13:90:22:b1:32:dc:89:
fc:6a:9a:cc:0b:ea:9f:84:85:2e:e5:10:37:e0:c6:02:d8:af:
df:98:00:87:eb:6f:01:22:8c:17:53:95:01:18:56:fc:f4:95:
fe:99:fb:a0:50:80:cc:c1:b9:71:a4:e4:58:ea:77:d4:c3:fd:
59:ee:ef:61
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAV0uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE5MTAzODI1WhcNMjUwNzI2MTAzODI1WjAYMRYw
FAYDVQQDEw02ODUzZThhNi05MWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7QIXHrOR//CgMGnmHTYx43n2eytkTvvtfmXLGXNtouN5mF9m6ih0uiGz
i+r+/cja8XZEtWu4yvj2Sn4nI3nXyx/XzV+UCpSif2feVu93OxQpvOysWyiP68Nh
qaQ+PmWjz/K86DNTiusvzVbtNiZt9PdsmumIn5mqB1nm1T3BL+3xxFGkiiZFYAO2
Dpf5bC5phHg+4Fu3eU2NNdlQ1MxudL3YOxUD96RY459Bg63Mndyz24zp86eTLDTw
GlyLr/l/K1zmSUJIycENMLETUNekZRgkRO++yVbViTHWuDaUnX2runrzUv8otMsY
2xb1V1BbHmdG+WBTk0sq6qN7ofKjtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG8X
RjpR/Rm8QIUytdnlGVj/OwieMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QTM1ODRBNjRDRjkxMUYwODEyNjMyN0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOQ+AwQBnOTSMA0GCSqGSIb3
DQEBCwUAA4IBAQBkNXMBeVfWiFgmsTArh1e2f13XI1FwnJpKOpeBzPAsCEIdzGvJ
n0Jp6l4K9Cd5p2Zoel0uiaXWY4LO97t7zbsmAE9NfHVw6VfFIhGpmY5JBs7UGRGr
r74ynWdO3rRu8lzfoLEhQiMwxo/RZErOGOBRJeWt7YtCH4O5kb4s7bOtV7Qyw322
RE7/YGKrgk68uX45CoiaMIKEqscCYzDsLKwGyOnqPBeB2iOrJp8sHkYb+MPrrrDi
G5jYPjaEvcWCSROQIrEy3In8aprMC+qfhIUu5RA34MYC2K/fmACH628BIowXU5UB
GFb89JX+mfugUIDMwblxpORY6nfUw/1Z7u9h
-----END CERTIFICATE-----
Generated at Tue Jul 1 00:44:47 2025 by rpki-client