Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F8028206FC311F0AC354ED0DAE4EC9C.roa
File: 8F8028206FC311F0AC354ED0DAE4EC9C.roa (raw, json)
Hash identifier: uATvze246i4mHpD6EGtJKnVfY+DdgzGZDAzaCy9CcQE=
Subject key identifier: 8F:76:D0:10:E9:8C:E6:CF:14:FB:82:E9:99:2C:B4:F5:C1:0E:C1:14
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0168BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F8028206FC311F0AC354ED0DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 17:10:17 +0000
ROA not before: Sat 02 Aug 2025 17:10:12 +0000
ROA not after: Wed 10 Sep 2025 17:10:12 +0000
asID: 40779
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92346 (0x168ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 2 17:10:12 2025 GMT
Not After : Sep 10 17:10:12 2025 GMT
Subject: CN=688e4679-679e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:25:f0:27:c7:c5:53:97:eb:86:a0:1b:98:
1b:a8:5f:22:12:f2:3f:34:67:ca:de:42:22:c5:54:
86:99:ad:54:46:4a:91:da:c4:58:97:62:1f:99:d4:
42:e2:b3:02:80:b5:cc:73:9b:d9:87:71:23:bd:32:
51:88:15:7b:8a:4c:f1:63:4c:0a:a3:7c:b7:71:85:
d0:22:c9:3e:19:cf:96:b4:df:28:a4:33:2e:d4:e9:
67:f1:32:1f:21:57:7c:01:4a:88:90:ef:e5:c1:f5:
bd:01:b6:51:56:9f:8d:8f:3b:a5:9c:e9:9c:06:73:
76:83:b5:5b:11:2b:f5:a9:90:c8:1e:cc:03:15:9c:
7d:f8:c7:45:d1:0f:49:9e:73:d6:06:75:89:13:f8:
87:39:56:d2:96:f5:6c:d0:4c:f2:ee:f6:9e:35:b4:
cd:c2:7a:53:57:c0:41:99:1f:07:66:7f:06:27:39:
25:d3:7e:bb:38:f4:f5:5a:80:40:14:f6:a5:22:86:
54:e4:c2:82:79:25:0a:13:3f:c7:89:b3:2d:45:3d:
6f:81:51:af:47:3d:93:3c:cf:66:29:3b:ea:85:f3:
89:59:37:f2:ce:00:b3:a3:63:2d:cf:7a:74:b2:a5:
05:3e:24:d9:c6:b0:16:28:09:91:a9:ca:c9:04:1f:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:76:D0:10:E9:8C:E6:CF:14:FB:82:E9:99:2C:B4:F5:C1:0E:C1:14
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8F8028206FC311F0AC354ED0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:88:72:12:55:a2:d8:3f:10:09:16:d5:cc:60:fd:17:b9:d9:
7f:38:0d:56:32:f5:d3:aa:7b:34:06:c4:f7:12:2d:7d:36:50:
5d:b1:f2:b6:75:ad:14:23:07:cf:cd:07:d8:1a:29:d5:f8:06:
c3:eb:2b:0e:7f:cb:bc:66:bf:91:69:da:31:e1:e9:41:b7:35:
67:5d:d7:48:5e:4d:81:fc:0a:7b:69:d3:e6:46:f1:42:ce:fa:
04:63:2c:c5:f7:5b:f6:2d:99:d6:de:00:8a:96:70:a6:2b:8f:
93:80:29:6f:7e:6f:61:2b:4e:61:55:85:66:fc:e2:f1:6a:42:
9e:7e:c2:36:74:61:b6:74:70:7e:c2:51:1f:e4:9f:82:23:1e:
6e:55:16:5f:b9:2a:96:cd:83:ce:54:85:e9:9c:fc:40:02:97:
3e:06:fb:07:af:6d:60:1e:bc:22:5f:b1:c8:e9:93:49:5a:48:
c1:4c:45:42:cb:4a:e8:7c:da:8c:1d:22:07:8a:80:ea:5d:63:
4d:b9:2e:a8:30:7f:de:79:75:fd:0f:d0:6c:5f:6f:3e:66:4c:
d3:33:27:ee:fc:2e:19:b5:18:58:1d:16:c1:20:01:f2:87:84:
03:8f:ed:40:c2:c0:1a:ef:8b:0c:3c:2d:d6:3a:b4:04:97:eb:
1e:2d:86:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWi6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODAyMTcxMDEyWhcNMjUwOTEwMTcxMDEyWjAYMRYw
FAYDVQQDEw02ODhlNDY3OS02NzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuUQl8CfHxVOX64agG5gbqF8iEvI/NGfK3kIixVSGma1URkqR2sRYl2If
mdRC4rMCgLXMc5vZh3EjvTJRiBV7ikzxY0wKo3y3cYXQIsk+Gc+WtN8opDMu1Oln
8TIfIVd8AUqIkO/lwfW9AbZRVp+NjzulnOmcBnN2g7VbESv1qZDIHswDFZx9+MdF
0Q9JnnPWBnWJE/iHOVbSlvVs0Ezy7vaeNbTNwnpTV8BBmR8HZn8GJzkl0367OPT1
WoBAFPalIoZU5MKCeSUKEz/HibMtRT1vgVGvRz2TPM9mKTvqhfOJWTfyzgCzo2Mt
z3p0sqUFPiTZxrAWKAmRqcrJBB8OQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI92
0BDpjObPFPuC6ZkstPXBDsEUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RjgwMjgyMDZGQzMxMUYwQUMzNTRFRDBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQBKiHISVaLYPxAJFtXMYP0Xudl/OA1WMvXTqns0BsT3Ei19NlBdsfK2da0U
IwfPzQfYGinV+AbD6ysOf8u8Zr+Radox4elBtzVnXddIXk2B/Ap7adPmRvFCzvoE
YyzF91v2LZnW3gCKlnCmK4+TgClvfm9hK05hVYVm/OLxakKefsI2dGG2dHB+wlEf
5J+CIx5uVRZfuSqWzYPOVIXpnPxAApc+BvsHr21gHrwiX7HI6ZNJWkjBTEVCy0ro
fNqMHSIHioDqXWNNuS6oMH/eeXX9D9BsX28+ZkzTMyfu/C4ZtRhYHRbBIAHyh4QD
j+1AwsAa74sMPC3WOrQEl+seLYaQ
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:05:31 2025 by rpki-client