Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B20D478A79B711F0AA1B94B8DAE4EC9C.roa
File: B20D478A79B711F0AA1B94B8DAE4EC9C.roa (raw, json)
Hash identifier: 054POfUapu7uMvabuaMHxli5kZi0FLHFPZIUY+lKYLI=
Subject key identifier: 6F:05:E6:11:A0:35:08:A3:25:7F:35:9B:5D:E4:00:D7:B0:D7:6F:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016B38
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B20D478A79B711F0AA1B94B8DAE4EC9C.roa
Signing time: Fri 15 Aug 2025 09:10:32 +0000
ROA not before: Fri 15 Aug 2025 09:10:28 +0000
ROA not after: Sat 20 Sep 2025 09:10:28 +0000
asID: 20326
IP address blocks: 156.233.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92984 (0x16b38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 15 09:10:28 2025 GMT
Not After : Sep 20 09:10:28 2025 GMT
Subject: CN=689ef988-b92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0e:2e:40:c7:a3:7a:88:5e:7f:a2:38:27:a5:
98:f6:0d:58:14:b6:7f:de:36:fc:37:e6:ed:e4:ad:
11:52:ab:62:23:84:59:a9:59:d2:cc:8a:08:36:f2:
d7:be:e1:7a:94:68:c2:88:98:63:9b:51:6b:94:05:
36:d6:6a:fa:6c:1e:4e:a5:41:89:e0:e1:c7:16:90:
f6:85:8a:c5:f2:41:13:58:42:50:e5:b7:50:e9:c5:
67:c4:64:f3:de:db:8e:a2:f7:b7:a7:73:ff:54:45:
26:50:d7:2a:43:0a:b9:28:6d:d5:84:d4:79:8e:34:
9a:dd:3b:04:ff:4a:96:22:0d:50:c2:c8:08:88:63:
d5:dd:72:ab:95:99:ea:a7:00:eb:c2:21:c8:3f:68:
b8:a7:d5:b7:04:2a:8e:a7:54:d9:49:86:3f:73:e8:
f6:3b:b0:fb:6f:d8:a7:4f:83:22:48:3c:65:fa:5f:
8b:78:77:3e:35:1d:a6:3b:c7:8a:31:00:ba:1e:e2:
ac:ec:d5:9f:e6:be:98:4e:17:78:d1:99:28:13:da:
10:55:32:68:3f:a8:a2:bb:7b:d0:dc:3b:5c:6b:fe:
da:f7:10:69:e1:0e:7d:7b:1e:5a:d1:cb:9e:75:20:
cb:83:4f:c2:60:c8:d0:fb:32:22:f4:b7:f4:0c:57:
2d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:05:E6:11:A0:35:08:A3:25:7F:35:9B:5D:E4:00:D7:B0:D7:6F:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B20D478A79B711F0AA1B94B8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.10.0/23
Signature Algorithm: sha256WithRSAEncryption
05:94:31:14:64:25:5b:2c:f3:cd:ca:4a:58:58:d6:d2:be:ed:
97:d3:df:70:6d:ca:8d:b9:12:54:d4:af:2e:83:21:be:65:cc:
e6:df:30:fb:da:fd:c2:f7:28:e8:07:ac:6a:f2:f4:42:af:ef:
45:8e:cd:05:a6:85:94:ae:0f:36:bf:ea:2f:2c:48:54:d9:a8:
de:4a:08:47:45:c2:e7:83:54:3d:a4:e7:fc:aa:04:2e:33:2a:
cf:73:1a:97:83:92:ec:a0:27:f4:ee:43:9a:3f:3f:11:88:85:
4e:7d:88:6e:d1:a0:94:45:36:15:36:ac:a3:a9:49:e1:af:f1:
8c:3f:75:57:6f:3b:2a:4e:d5:28:ee:3b:ae:7a:3a:59:8c:91:
7a:5b:35:cb:bc:8f:49:10:97:a9:b9:5e:43:1d:5f:05:67:8d:
e9:8f:47:ed:fe:15:97:76:80:17:03:1c:3c:e9:66:04:e0:5b:
dc:0e:52:78:a3:7d:0d:b2:ca:ec:d2:5e:41:ba:d2:f5:bc:ca:
15:72:ba:84:c6:a4:ca:68:5f:bc:ad:17:e3:f8:a4:fa:84:b5:
7d:86:44:fa:de:e7:a2:53:85:b7:4e:c4:a1:bf:f6:ba:52:ac:
6b:5b:82:b9:14:8d:f2:cd:3d:78:3c:7c:be:d9:b1:9c:ed:3b:
85:67:a8:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWs4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODE1MDkxMDI4WhcNMjUwOTIwMDkxMDI4WjAYMRYw
FAYDVQQDEw02ODllZjk4OC1iOTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoA4uQMejeohef6I4J6WY9g1YFLZ/3jb8N+bt5K0RUqtiI4RZqVnSzIoI
NvLXvuF6lGjCiJhjm1FrlAU21mr6bB5OpUGJ4OHHFpD2hYrF8kETWEJQ5bdQ6cVn
xGTz3tuOove3p3P/VEUmUNcqQwq5KG3VhNR5jjSa3TsE/0qWIg1QwsgIiGPV3XKr
lZnqpwDrwiHIP2i4p9W3BCqOp1TZSYY/c+j2O7D7b9inT4MiSDxl+l+LeHc+NR2m
O8eKMQC6HuKs7NWf5r6YThd40ZkoE9oQVTJoP6iiu3vQ3Dtca/7a9xBp4Q59ex5a
0cuedSDLg0/CYMjQ+zIi9Lf0DFctuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG8F
5hGgNQijJX81m13kANew12/rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMjBENDc4QTc5QjcxMUYwQUExQjk0QjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOkKMA0GCSqGSIb3DQEBCwUA
A4IBAQAFlDEUZCVbLPPNykpYWNbSvu2X099wbcqNuRJU1K8ugyG+Zczm3zD72v3C
9yjoB6xq8vRCr+9Fjs0FpoWUrg82v+ovLEhU2ajeSghHRcLng1Q9pOf8qgQuMyrP
cxqXg5LsoCf07kOaPz8RiIVOfYhu0aCURTYVNqyjqUnhr/GMP3VXbzsqTtUo7juu
ejpZjJF6WzXLvI9JEJepuV5DHV8FZ43pj0ft/hWXdoAXAxw86WYE4FvcDlJ4o30N
ssrs0l5ButL1vMoVcrqExqTKaF+8rRfj+KT6hLV9hkT63ueiU4W3TsShv/a6Uqxr
W4K5FI3yzT14PHy+2bGc7TuFZ6hG
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:00:05 2025 by rpki-client