Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A60E217A7EAD11F0A9A47FA1DAE4EC9C.roa
File: A60E217A7EAD11F0A9A47FA1DAE4EC9C.roa (raw, json)
Hash identifier: lwQ5OmIJ1zQ4eO/e55U0zwLpE0v9bPt/q/vwAAAKVus=
Subject key identifier: 26:15:68:23:70:B1:D0:EB:85:7A:2D:84:6B:29:BE:07:F7:12:36:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016E6E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A60E217A7EAD11F0A9A47FA1DAE4EC9C.roa
Signing time: Thu 21 Aug 2025 16:41:13 +0000
ROA not before: Thu 21 Aug 2025 16:41:08 +0000
ROA not after: Wed 21 Aug 2030 16:41:08 +0000
asID: 17561
IP address blocks: 156.233.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93806 (0x16e6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 21 16:41:08 2025 GMT
Not After : Aug 21 16:41:08 2030 GMT
Subject: CN=68a74c29-88c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e6:d3:3a:1d:ac:97:fd:e0:29:e0:51:1a:66:
45:48:1d:d8:6b:da:62:5d:00:54:cd:bd:ed:89:e7:
19:7c:75:98:74:9b:10:e5:6f:1c:e9:cf:6f:53:4c:
fe:ea:9b:1c:ce:a1:52:81:7c:d5:72:26:a9:00:72:
23:c0:9f:96:85:4b:df:3b:c6:7b:ed:c5:95:fe:3f:
42:2a:8c:e1:bd:54:6b:8a:46:fd:8b:b7:93:ad:c3:
90:da:fc:a8:87:7d:7b:df:3a:2d:b0:08:a5:6f:12:
6a:98:7c:56:d4:54:cd:78:ea:e9:e1:01:69:da:ff:
7a:42:e8:ca:f7:0c:65:07:e6:63:82:73:3e:66:07:
79:c1:cf:fc:22:78:f2:aa:9b:7a:9b:3b:d5:8a:ca:
33:3d:e5:6d:7b:f8:08:b3:f0:b2:41:95:de:8d:4d:
c8:43:83:9e:23:5b:34:7e:3c:6b:52:3a:cb:50:0c:
e3:80:4f:94:f9:30:6c:1d:d4:9f:53:30:65:0d:52:
17:39:50:b9:1e:9a:3d:85:33:ce:7d:d4:3a:14:eb:
32:b3:55:2e:c2:ad:fd:aa:60:bb:db:fa:f8:d8:39:
25:05:52:39:b0:00:3b:3a:c7:42:46:26:81:25:0e:
cf:5d:92:11:67:30:c7:5b:59:7c:7d:2f:40:74:33:
a8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:15:68:23:70:B1:D0:EB:85:7A:2D:84:6B:29:BE:07:F7:12:36:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A60E217A7EAD11F0A9A47FA1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.64.0/18
Signature Algorithm: sha256WithRSAEncryption
45:3a:28:68:ec:c9:0d:c2:85:25:25:c6:97:b7:9d:37:1f:02:
d6:df:89:4a:4d:bc:9f:3d:a2:85:11:32:f3:2c:3f:e1:a6:a3:
4d:68:06:2f:1b:d8:20:72:5f:26:9f:a3:2f:2f:e7:7e:e8:a7:
76:06:48:b9:13:79:92:f8:a3:02:64:38:d5:2c:6b:54:0a:27:
3d:3e:9f:4d:df:83:6d:69:bc:8c:c7:43:32:e4:57:dd:2e:a5:
ad:68:13:05:3f:8c:13:46:1d:3e:3d:6e:18:ea:b0:58:8a:de:
5c:60:54:e6:da:f6:69:8c:4b:cb:d3:78:0a:f6:d1:b3:d7:81:
ff:8d:9e:0a:27:e5:b3:da:81:d4:0b:28:43:0d:7b:87:7c:a4:
c3:ea:c9:b5:50:86:2d:f9:ff:77:96:f8:95:dc:bb:01:a6:f0:
9f:10:c9:ba:28:81:6c:c7:3d:dd:7f:2a:bb:2e:9a:e7:6d:bd:
fb:e9:0c:8f:2c:f8:12:f1:83:5f:cd:8d:c4:8f:04:e1:9c:c3:
d2:dc:5a:fa:9f:aa:1b:f7:d1:16:77:c7:34:1b:bc:f1:88:6d:
34:fd:66:05:34:ae:c6:71:14:82:b0:46:72:26:af:da:5c:95:
a6:60:d5:d8:04:72:ee:d0:07:6d:bd:f0:9f:b5:ec:65:6d:7c:
09:b5:04:80
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAW5uMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIxMTY0MTA4WhcNMzAwODIxMTY0MTA4WjAYMRYw
FAYDVQQDEw02OGE3NGMyOS04OGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtebTOh2sl/3gKeBRGmZFSB3Ya9piXQBUzb3tiecZfHWYdJsQ5W8c6c9v
U0z+6psczqFSgXzVciapAHIjwJ+WhUvfO8Z77cWV/j9CKozhvVRrikb9i7eTrcOQ
2vyoh3173zotsAilbxJqmHxW1FTNeOrp4QFp2v96QujK9wxlB+ZjgnM+Zgd5wc/8
Injyqpt6mzvVisozPeVte/gIs/CyQZXejU3IQ4OeI1s0fjxrUjrLUAzjgE+U+TBs
HdSfUzBlDVIXOVC5Hpo9hTPOfdQ6FOsys1Uuwq39qmC72/r42DklBVI5sAA7OsdC
RiaBJQ7PXZIRZzDHW1l8fS9AdDOoxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCYV
aCNwsdDrhXothGspvgf3EjbjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNjBFMjE3QTdFQUQxMUYwQTlBNDdGQTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnOlAMA0GCSqGSIb3DQEBCwUA
A4IBAQBFOiho7MkNwoUlJcaXt503HwLW34lKTbyfPaKFETLzLD/hpqNNaAYvG9gg
cl8mn6MvL+d+6Kd2Bki5E3mS+KMCZDjVLGtUCic9Pp9N34NtabyMx0My5FfdLqWt
aBMFP4wTRh0+PW4Y6rBYit5cYFTm2vZpjEvL03gK9tGz14H/jZ4KJ+Wz2oHUCyhD
DXuHfKTD6sm1UIYt+f93lviV3LsBpvCfEMm6KIFsxz3dfyq7Lprnbb376QyPLPgS
8YNfzY3EjwThnMPS3Fr6n6ob99EWd8c0G7zxiG00/WYFNK7GcRSCsEZyJq/aXJWm
YNXYBHLu0AdtvfCftexlbXwJtQSA
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:18:43 2025 by rpki-client