Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF116B227F4211F0B95CFE7BDAE4EC9C.roa
File: DF116B227F4211F0B95CFE7BDAE4EC9C.roa (raw, json)
Hash identifier: wwIwps3gqmBjAo5NOTZa6xJPtXJMlro02YHKUQZYCYU=
Subject key identifier: 4F:37:6C:54:FE:C4:68:4B:3D:D2:29:3E:54:B8:12:95:C1:32:79:DF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016EAC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF116B227F4211F0B95CFE7BDAE4EC9C.roa
Signing time: Fri 22 Aug 2025 10:29:24 +0000
ROA not before: Fri 22 Aug 2025 10:29:19 +0000
ROA not after: Mon 02 Feb 2026 10:29:19 +0000
asID: 328608
IP address blocks: 156.227.208.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93868 (0x16eac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 22 10:29:19 2025 GMT
Not After : Feb 2 10:29:19 2026 GMT
Subject: CN=68a84684-fd47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f3:a9:1f:aa:5d:fa:1c:e0:d0:94:25:50:d2:
42:60:61:5d:4b:43:b1:7d:b8:52:79:0e:09:ce:a5:
84:0a:8f:97:cb:66:37:c6:ec:33:7a:ce:5d:6e:0b:
03:26:f2:27:25:91:cb:5d:ca:b8:98:e0:b6:ca:cc:
4a:96:29:a3:83:f5:cf:e4:12:e7:8c:46:bf:26:c8:
19:4a:2a:b9:46:17:65:06:7e:f4:37:07:6c:0b:b5:
72:8a:3d:69:fb:28:b7:6c:66:a7:f8:f0:d3:f9:a0:
f7:78:21:92:aa:e7:f1:41:4b:0b:4e:90:ea:3d:e9:
19:0e:a8:cc:ba:21:33:59:1a:d6:13:62:8a:e7:d3:
37:fd:c5:e3:7b:0b:d2:09:9c:21:c7:c0:97:99:62:
d6:9c:a0:26:cb:26:0b:80:d0:38:be:65:00:b9:02:
e9:5c:d7:ef:a7:26:20:2e:81:b8:75:a1:0c:ea:f0:
67:2d:b0:01:a9:75:e1:25:de:62:9b:ad:f0:b7:cd:
fc:72:bb:75:0f:6a:55:cf:09:7d:1a:38:45:f1:98:
87:a5:b7:9a:05:11:5e:b5:f9:f2:1b:d1:fc:47:cf:
95:ab:2a:fc:7d:60:49:09:1a:15:9a:6c:e2:e0:04:
6f:7f:a1:b7:0e:b2:86:af:2e:ee:b0:54:a0:3d:5f:
a5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:37:6C:54:FE:C4:68:4B:3D:D2:29:3E:54:B8:12:95:C1:32:79:DF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF116B227F4211F0B95CFE7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.208.0/21
Signature Algorithm: sha256WithRSAEncryption
99:c4:7d:bd:52:ae:fb:73:10:cf:3d:6a:f9:80:e3:92:ec:d2:
05:1f:ed:17:2e:f5:8d:c1:44:01:70:33:62:2e:1b:da:e8:76:
3f:6d:68:51:9a:48:41:27:88:c2:88:11:1d:7f:89:9d:0b:39:
30:13:da:c3:c3:e4:c4:fd:e2:83:41:0e:30:82:3a:1e:e3:53:
9f:bb:60:4d:df:9d:1e:5c:60:3f:b2:b7:69:f2:11:75:51:f8:
11:92:96:ff:48:52:f7:67:a1:d3:22:8d:98:4b:18:d7:eb:e7:
a3:88:32:8b:e6:e7:aa:b9:e2:cf:10:fa:1d:16:f7:3e:df:0d:
f8:b9:ee:a3:23:08:4a:a1:4e:8a:f4:39:9d:32:08:5c:6c:df:
38:54:ec:fa:e8:05:d2:87:ac:ae:71:2b:e7:49:39:ab:16:d7:
42:03:5d:d4:a1:e5:77:35:d4:15:d6:80:ee:3d:a0:e5:39:d1:
08:e1:88:44:1c:ba:dc:ef:48:85:b3:4e:17:c0:1c:a3:dc:79:
a5:b1:c1:08:4c:81:a4:ce:f8:4f:9b:07:7b:7d:75:8e:75:ed:
58:56:28:32:62:61:33:76:1b:fc:c4:6d:8b:2d:1d:51:f9:95:
82:67:4d:d9:ea:9a:12:53:c4:3f:9f:b2:e0:b7:fe:1d:75:4f:
03:ac:fe:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAW6sMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIyMTAyOTE5WhcNMjYwMjAyMTAyOTE5WjAYMRYw
FAYDVQQDEw02OGE4NDY4NC1mZDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0fOpH6pd+hzg0JQlUNJCYGFdS0OxfbhSeQ4JzqWECo+Xy2Y3xuwzes5d
bgsDJvInJZHLXcq4mOC2ysxKlimjg/XP5BLnjEa/JsgZSiq5RhdlBn70NwdsC7Vy
ij1p+yi3bGan+PDT+aD3eCGSqufxQUsLTpDqPekZDqjMuiEzWRrWE2KK59M3/cXj
ewvSCZwhx8CXmWLWnKAmyyYLgNA4vmUAuQLpXNfvpyYgLoG4daEM6vBnLbABqXXh
Jd5im63wt838crt1D2pVzwl9GjhF8ZiHpbeaBRFetfnyG9H8R8+Vqyr8fWBJCRoV
mmzi4ARvf6G3DrKGry7usFSgPV+lHQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE83
bFT+xGhLPdIpPlS4EpXBMnnfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjExNkIyMjdGNDIxMUYwQjk1Q0ZFN0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOPQMA0GCSqGSIb3DQEBCwUA
A4IBAQCZxH29Uq77cxDPPWr5gOOS7NIFH+0XLvWNwUQBcDNiLhva6HY/bWhRmkhB
J4jCiBEdf4mdCzkwE9rDw+TE/eKDQQ4wgjoe41Ofu2BN350eXGA/srdp8hF1UfgR
kpb/SFL3Z6HTIo2YSxjX6+ejiDKL5uequeLPEPodFvc+3w34ue6jIwhKoU6K9Dmd
MghcbN84VOz66AXSh6yucSvnSTmrFtdCA13UoeV3NdQV1oDuPaDlOdEI4YhEHLrc
70iFs04XwByj3HmlscEITIGkzvhPmwd7fXWOde1YVigyYmEzdhv8xG2LLR1R+ZWC
Z03Z6poSU8Q/n7Lgt/4ddU8DrP40
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:15:53 2025 by rpki-client