Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D543BA20783311F083F3EED5DAE4EC9C.roa
File: D543BA20783311F083F3EED5DAE4EC9C.roa (raw, json)
Hash identifier: cTt3oW+u0AogK4NHxbR8DbQPZjDZ3LlY5SXwAtXNRP0=
Subject key identifier: 06:C6:21:79:D6:75:B3:6B:D0:E4:AE:D6:37:D3:7B:DF:EB:B4:C7:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016AC9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D543BA20783311F083F3EED5DAE4EC9C.roa
Signing time: Wed 13 Aug 2025 10:54:07 +0000
ROA not before: Wed 13 Aug 2025 10:54:02 +0000
ROA not after: Wed 05 Nov 2025 10:54:02 +0000
asID: 149440
IP address blocks: 156.227.0.0/24 maxlen: 24
156.236.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92873 (0x16ac9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 13 10:54:02 2025 GMT
Not After : Nov 5 10:54:02 2025 GMT
Subject: CN=689c6ecf-9055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ad:a7:c9:88:c2:dc:f1:e0:17:ca:1d:c9:03:
8b:d7:3b:55:2d:9e:49:ff:dd:be:d9:5e:e6:6a:f8:
c2:9f:a4:0d:bc:50:d1:22:3d:bd:e2:12:32:b9:15:
bb:26:b5:cb:0a:ac:35:22:eb:33:1e:9e:f8:a3:e4:
86:49:46:e7:9c:81:12:37:c8:97:5e:d9:04:9b:c3:
f7:6d:86:4a:d0:70:83:fa:92:c8:a9:47:69:86:23:
ef:16:2c:c7:c5:fc:ea:e6:8a:0e:d1:33:dd:1f:79:
2e:9c:9e:26:d8:45:08:1f:02:24:ad:d1:c0:5d:6c:
7b:03:1c:78:2b:4c:ad:1a:7d:9c:44:2e:1f:33:b3:
93:00:06:36:29:db:d8:71:ba:55:cf:c5:73:f5:be:
05:9f:7c:89:58:e3:8a:b2:31:c1:e3:00:3c:21:96:
11:3a:bf:93:b0:d4:26:e3:83:7e:4b:af:ea:08:21:
31:23:e4:87:43:ea:b7:a5:98:d1:47:b6:0b:37:7b:
20:cc:7a:1c:8d:73:e5:73:37:5c:57:69:90:a1:f8:
97:03:ae:31:49:54:b6:53:54:c7:ab:4c:6a:ec:e7:
e7:c8:74:c0:b3:3d:61:42:5c:55:d2:31:57:a1:d3:
70:46:5d:ed:96:b4:cf:75:a6:05:40:73:dc:83:d2:
a7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C6:21:79:D6:75:B3:6B:D0:E4:AE:D6:37:D3:7B:DF:EB:B4:C7:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D543BA20783311F083F3EED5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.0.0/24
156.236.76.0/24
Signature Algorithm: sha256WithRSAEncryption
49:98:dc:13:1b:92:77:cb:4c:d4:6e:39:2b:34:dd:1f:ba:c5:
8d:67:25:ea:1b:e2:b9:5b:20:7f:df:78:fc:09:84:6c:c1:a9:
fd:af:4a:11:ae:af:4a:e0:9e:42:78:c3:c5:a4:a5:b4:57:4f:
81:79:a7:40:f8:dd:68:dd:5e:4e:b9:ed:5d:53:2e:64:1a:35:
a9:41:51:fb:75:74:cd:e0:b8:b1:52:4e:31:75:47:22:33:bf:
67:41:89:26:12:8b:75:f7:91:9d:b5:86:f1:4f:30:6e:c3:48:
42:1d:0d:7d:c1:24:da:79:d3:29:d9:c9:00:61:14:8b:4c:a8:
26:42:2d:c3:34:80:36:1a:8a:d7:b4:0d:e7:41:0b:09:96:06:
11:f3:a9:aa:6f:2a:bb:37:55:5e:13:af:68:28:60:7d:aa:a5:
64:a1:ea:6a:a5:65:89:7d:42:d5:f0:fe:21:6b:9f:51:84:d0:
55:08:32:61:1f:c1:10:c9:2e:11:b7:94:07:7c:e4:e6:e0:1e:
41:12:06:00:5d:9c:e6:db:43:78:4d:7a:a7:c1:15:97:3a:8d:
1a:00:98:81:e1:16:45:24:34:67:57:f3:64:97:f1:b0:89:61:
2f:c7:ac:5f:8b:cf:61:a8:79:a2:9c:97:2e:e9:e6:61:5c:3a:
dd:97:79:44
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWrJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODEzMTA1NDAyWhcNMjUxMTA1MTA1NDAyWjAYMRYw
FAYDVQQDEw02ODljNmVjZi05MDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoK2nyYjC3PHgF8odyQOL1ztVLZ5J/92+2V7mavjCn6QNvFDRIj294hIy
uRW7JrXLCqw1IuszHp74o+SGSUbnnIESN8iXXtkEm8P3bYZK0HCD+pLIqUdphiPv
FizHxfzq5ooO0TPdH3kunJ4m2EUIHwIkrdHAXWx7Axx4K0ytGn2cRC4fM7OTAAY2
KdvYcbpVz8Vz9b4Fn3yJWOOKsjHB4wA8IZYROr+TsNQm44N+S6/qCCExI+SHQ+q3
pZjRR7YLN3sgzHocjXPlczdcV2mQofiXA64xSVS2U1THq0xq7OfnyHTAsz1hQlxV
0jFXodNwRl3tlrTPdaYFQHPcg9KnbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAbG
IXnWdbNr0OSu1jfTe9/rtMciMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENTQzQkEyMDc4MzMxMUYwODNGM0VFRDVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOMAAwQAnOxMMA0GCSqGSIb3
DQEBCwUAA4IBAQBJmNwTG5J3y0zUbjkrNN0fusWNZyXqG+K5WyB/33j8CYRswan9
r0oRrq9K4J5CeMPFpKW0V0+BeadA+N1o3V5Oue1dUy5kGjWpQVH7dXTN4LixUk4x
dUciM79nQYkmEot195GdtYbxTzBuw0hCHQ19wSTaedMp2ckAYRSLTKgmQi3DNIA2
GorXtA3nQQsJlgYR86mqbyq7N1VeE69oKGB9qqVkoepqpWWJfULV8P4ha59RhNBV
CDJhH8EQyS4Rt5QHfOTm4B5BEgYAXZzm20N4TXqnwRWXOo0aAJiB4RZFJDRnV/Nk
l/GwiWEvx6xfi89hqHminJcu6eZhXDrdl3lE
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:16:08 2025 by rpki-client