Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A29791A6C4D11F0BBF4D3CEDAE4EC9C.roa
File: 1A29791A6C4D11F0BBF4D3CEDAE4EC9C.roa (raw, json)
Hash identifier: bxrLW7PceHs/0zHoLzb9dhNTVhJMugH+p2o2m5Zi+ms=
Subject key identifier: 69:7E:F7:4A:F4:94:31:89:FF:17:A7:29:CD:7C:00:38:E7:AB:10:23
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01680A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A29791A6C4D11F0BBF4D3CEDAE4EC9C.roa
Signing time: Tue 29 Jul 2025 07:24:46 +0000
ROA not before: Tue 29 Jul 2025 07:24:41 +0000
ROA not after: Thu 21 Aug 2025 07:24:41 +0000
asID: 133180
IP address blocks: 156.227.64.0/18 maxlen: 24
156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92170 (0x1680a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 29 07:24:41 2025 GMT
Not After : Aug 21 07:24:41 2025 GMT
Subject: CN=6888773e-9aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:de:da:05:f2:8c:10:55:3d:65:9b:d8:33:7d:
0b:c5:b0:4d:c4:47:f2:17:e8:56:25:1b:1e:2a:da:
06:48:61:94:85:ce:67:90:b4:70:10:67:58:fe:b4:
26:6f:1b:90:21:05:32:48:9f:51:83:0e:c7:cf:0e:
22:17:b5:06:71:a2:68:7b:2d:c4:4a:05:35:1f:a4:
1a:71:12:eb:3b:fb:40:cc:f7:d6:eb:97:84:b9:9f:
45:5c:18:8d:f3:15:fc:8d:60:1d:7d:8d:e7:75:06:
63:a0:01:f2:38:02:17:f2:e0:90:38:54:80:5c:43:
14:0e:07:c9:60:79:79:32:8b:d5:8f:6c:4e:b5:25:
0e:71:33:e1:2e:33:02:74:53:43:fe:23:b1:fd:0a:
b8:79:85:07:c2:a1:88:79:82:5e:7d:ee:c0:5c:a9:
b8:0b:85:a2:ed:d7:05:84:de:c4:5f:28:e2:5f:b4:
32:3c:12:d0:58:c3:b3:97:92:f1:94:2d:2a:3d:13:
32:d5:a8:1e:95:23:92:87:f7:ef:1e:bc:0c:51:8f:
2a:95:e6:2b:e5:de:f1:2c:68:fb:48:1b:16:36:6a:
59:04:76:0a:e9:c2:9a:99:00:33:fc:b8:71:4c:ef:
d9:7d:80:60:7f:e7:2f:cd:ce:de:2f:92:9f:a9:fc:
43:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7E:F7:4A:F4:94:31:89:FF:17:A7:29:CD:7C:00:38:E7:AB:10:23
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A29791A6C4D11F0BBF4D3CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/18
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
b4:5b:23:49:c0:82:64:21:19:5d:17:c3:d1:5d:e9:56:fb:a0:
98:c4:95:d9:6f:14:7e:36:28:e2:d2:ac:d5:11:90:c6:a9:10:
2c:5c:7e:d1:c1:80:a8:cd:66:25:7d:13:93:b8:1e:99:0a:3f:
8b:ad:55:12:bf:6a:99:7e:72:e8:ab:fe:3c:dc:44:a7:fd:72:
4e:1f:f5:80:3e:5e:cc:33:9c:47:14:12:e8:42:83:88:b5:d7:
05:03:84:c3:b8:8c:38:8c:c4:1f:b2:0c:8d:86:bb:10:0a:67:
65:c9:a3:e3:42:89:b7:b2:57:8f:88:a8:50:63:7f:11:0b:9a:
e1:bd:71:94:44:2f:d7:af:a0:97:65:86:b0:67:2a:a3:df:4c:
a8:a9:f3:ff:9f:52:e6:bd:da:9c:c1:c5:9f:74:98:11:5f:be:
06:d7:c6:fe:f9:e3:e4:08:72:a2:fd:77:78:c9:d7:71:0f:c1:
bb:1b:a4:be:e4:eb:e5:0d:dc:ce:60:52:33:9c:ab:0d:b6:e6:
74:1e:96:99:b9:ff:1f:5c:87:e9:de:a4:d2:da:31:2a:f0:3a:
80:12:a7:30:0f:ee:3d:6f:fe:5a:4d:4b:d8:88:46:d6:ae:0b:
e7:4b:10:25:25:c6:46:d1:1b:03:ec:28:61:43:3b:1a:5f:96:
56:1b:ba:dd
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAWgKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI5MDcyNDQxWhcNMjUwODIxMDcyNDQxWjAYMRYw
FAYDVQQDEw02ODg4NzczZS05YWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxd7aBfKMEFU9ZZvYM30LxbBNxEfyF+hWJRseKtoGSGGUhc5nkLRwEGdY
/rQmbxuQIQUySJ9Rgw7Hzw4iF7UGcaJoey3ESgU1H6QacRLrO/tAzPfW65eEuZ9F
XBiN8xX8jWAdfY3ndQZjoAHyOAIX8uCQOFSAXEMUDgfJYHl5MovVj2xOtSUOcTPh
LjMCdFND/iOx/Qq4eYUHwqGIeYJefe7AXKm4C4Wi7dcFhN7EXyjiX7QyPBLQWMOz
l5LxlC0qPRMy1agelSOSh/fvHrwMUY8qleYr5d7xLGj7SBsWNmpZBHYK6cKamQAz
/LhxTO/ZfYBgf+cvzc7eL5KfqfxDYQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFGl+
90r0lDGJ/xenKc18ADjnqxAjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTI5NzkxQTZDNEQxMUYwQkJGNEQzQ0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQGnONAMAwDBAWc/iADBAWc/kAw
DQYJKoZIhvcNAQELBQADggEBALRbI0nAgmQhGV0Xw9Fd6Vb7oJjEldlvFH42KOLS
rNURkMapECxcftHBgKjNZiV9E5O4HpkKP4utVRK/apl+cuir/jzcRKf9ck4f9YA+
XswznEcUEuhCg4i11wUDhMO4jDiMxB+yDI2GuxAKZ2XJo+NCibeyV4+IqFBjfxEL
muG9cZREL9evoJdlhrBnKqPfTKip8/+fUua92pzBxZ90mBFfvgbXxv754+QIcqL9
d3jJ13EPwbsbpL7k6+UN3M5gUjOcqw225nQelpm5/x9ch+nepNLaMSrwOoASpzAP
7j1v/lpNS9iIRtauC+dLECUlxkbRGwPsKGFDOxpfllYbut0=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:18:11 2025 by rpki-client