Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1AC23F7267DB11F0BA93D1D2DAE4EC9C.roa
File: 1AC23F7267DB11F0BA93D1D2DAE4EC9C.roa (raw, json)
Hash identifier: E2UqFj41d0+VO49oyg7bJxFTpEyaNW70j+0hZKMHxVc=
Subject key identifier: 74:BC:E6:68:EF:1E:1B:19:41:E4:EE:8D:CB:35:3D:83:D0:65:D7:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016708
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1AC23F7267DB11F0BA93D1D2DAE4EC9C.roa
Signing time: Wed 23 Jul 2025 15:38:40 +0000
ROA not before: Wed 23 Jul 2025 15:38:34 +0000
ROA not after: Fri 26 Sep 2025 15:38:34 +0000
asID: 63139
IP address blocks: 156.225.121.0/24 maxlen: 24
156.227.14.0/24 maxlen: 24
156.227.192.0/24 maxlen: 24
156.227.193.0/24 maxlen: 24
156.227.194.0/23 maxlen: 24
156.227.196.0/24 maxlen: 24
156.227.197.0/24 maxlen: 24
156.227.198.0/24 maxlen: 24
156.227.199.0/24 maxlen: 24
156.227.220.0/22 maxlen: 24
156.227.224.0/23 maxlen: 24
156.227.252.0/22 maxlen: 24
156.229.2.0/23 maxlen: 24
156.229.29.0/24 maxlen: 24
156.229.30.0/23 maxlen: 24
156.229.44.0/23 maxlen: 24
156.229.49.0/24 maxlen: 24
156.229.51.0/24 maxlen: 24
156.229.64.0/24 maxlen: 24
156.229.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91912 (0x16708)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 23 15:38:34 2025 GMT
Not After : Sep 26 15:38:34 2025 GMT
Subject: CN=68810200-f20a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f9:11:53:b7:0b:f7:9d:52:93:59:50:10:d7:
2b:dd:ed:fb:3d:fd:5a:0f:51:ba:65:f0:7f:4c:e0:
a4:dd:f7:e3:13:fa:95:5a:bf:1d:1f:04:e4:f9:4e:
f6:56:6d:ce:90:20:bb:1a:5d:24:d1:e4:ff:f4:1c:
53:f5:79:e4:ae:dc:c6:e2:c2:be:c0:5d:9b:fc:da:
88:01:f8:a2:b1:10:4f:bf:83:ef:e5:bf:7c:0f:57:
b9:cf:c9:36:7a:25:80:ca:24:e4:e7:e8:1d:78:29:
ee:00:da:59:9f:ff:ca:df:1d:4b:b0:cc:f6:7c:04:
ce:9e:5b:a6:c1:0a:9a:62:28:37:2f:6e:d9:ff:95:
7a:82:66:56:bf:3c:10:a8:16:d5:bb:4b:5f:cc:42:
95:cb:89:24:48:9a:16:ca:49:48:fa:fc:43:f6:7b:
91:37:74:e2:fe:ef:f8:5f:3f:22:5f:91:2f:05:fe:
df:97:f2:87:14:57:6e:30:ed:38:cd:ec:39:93:a6:
71:84:56:22:bb:b2:18:d9:78:79:82:fc:fc:c8:0c:
f0:ae:8f:cd:55:85:75:7a:3a:2c:80:ea:ef:fb:fa:
54:ab:73:23:70:bc:34:3d:d3:a3:0a:80:21:7b:0b:
8f:da:19:34:4e:4c:72:eb:22:00:e1:72:32:dc:03:
03:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BC:E6:68:EF:1E:1B:19:41:E4:EE:8D:CB:35:3D:83:D0:65:D7:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1AC23F7267DB11F0BA93D1D2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.121.0/24
156.227.14.0/24
156.227.192.0/21
156.227.220.0-156.227.225.255
156.227.252.0/22
156.229.2.0/23
156.229.29.0-156.229.31.255
156.229.44.0/23
156.229.49.0/24
156.229.51.0/24
156.229.64.0/23
Signature Algorithm: sha256WithRSAEncryption
79:c6:5d:a5:1b:59:43:8f:74:b5:e9:53:a5:af:8e:71:2b:47:
f6:a4:8c:cb:74:7f:17:fc:cc:81:1b:e9:af:e0:6f:2d:1c:3d:
6c:4b:39:f6:02:1e:50:3f:ad:5e:3a:d4:f1:67:bd:34:ee:e3:
ac:a1:32:f7:42:97:8f:b4:d9:a1:2c:24:2a:40:5d:de:53:b9:
77:7e:2f:8d:a2:93:d7:a4:6a:72:3f:f9:85:e8:4b:07:fa:7c:
e5:e2:ce:73:99:ff:91:c5:91:82:10:fd:c4:9f:bc:78:9f:c6:
4f:03:d3:ff:fc:b4:19:31:4f:ba:3a:92:36:12:7a:2c:c6:44:
e1:47:f6:ad:80:a8:1f:b3:d5:f2:e4:54:93:08:8a:3d:aa:de:
d7:a8:b4:f9:03:06:5c:84:7a:a1:c4:31:22:9f:a1:48:ba:cb:
74:b3:a8:5e:a3:76:ef:52:ce:22:4a:58:e0:dc:7b:8c:1d:d2:
98:6c:94:23:7d:70:82:f7:f0:c2:f8:0b:15:1c:54:68:b6:ae:
2d:0b:cd:dd:8c:0f:f2:9a:01:85:64:ab:36:ee:ab:3b:08:de:
ad:92:8e:98:da:47:59:da:23:c7:2a:ba:c3:1f:5b:2d:ea:20:
93:9f:2f:39:bb:e2:76:50:bc:d5:81:af:73:f8:1e:cd:56:bc:
b9:7f:12:52
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIDAWcIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIzMTUzODM0WhcNMjUwOTI2MTUzODM0WjAYMRYw
FAYDVQQDEw02ODgxMDIwMC1mMjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzfkRU7cL951Sk1lQENcr3e37Pf1aD1G6ZfB/TOCk3ffjE/qVWr8dHwTk
+U72Vm3OkCC7Gl0k0eT/9BxT9XnkrtzG4sK+wF2b/NqIAfiisRBPv4Pv5b98D1e5
z8k2eiWAyiTk5+gdeCnuANpZn//K3x1LsMz2fATOnlumwQqaYig3L27Z/5V6gmZW
vzwQqBbVu0tfzEKVy4kkSJoWyklI+vxD9nuRN3Ti/u/4Xz8iX5EvBf7fl/KHFFdu
MO04zew5k6ZxhFYiu7IY2Xh5gvz8yAzwro/NVYV1ejosgOrv+/pUq3MjcLw0PdOj
CoAhewuP2hk0Tkxy6yIA4XIy3AMDQQIDAQABo4IC7jCCAuowHQYDVR0OBBYEFHS8
5mjvHhsZQeTujcs1PYPQZddBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQUMyM0Y3MjY3REIxMUYwQkE5M0QxRDJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAnOF5AwQAnOMOAwQDnOPAMAwD
BAKc49wDBAGc4+ADBAKc4/wDBAGc5QIwDAMEAJzlHQMEBZzlAAMEAZzlLAMEAJzl
MQMEAJzlMwMEAZzlQDANBgkqhkiG9w0BAQsFAAOCAQEAecZdpRtZQ490telTpa+O
cStH9qSMy3R/F/zMgRvpr+BvLRw9bEs59gIeUD+tXjrU8We9NO7jrKEy90KXj7TZ
oSwkKkBd3lO5d34vjaKT16Rqcj/5hehLB/p85eLOc5n/kcWRghD9xJ+8eJ/GTwPT
//y0GTFPujqSNhJ6LMZE4Uf2rYCoH7PV8uRUkwiKPare16i0+QMGXIR6ocQxIp+h
SLrLdLOoXqN271LOIkpY4Nx7jB3SmGyUI31wgvfwwvgLFRxUaLauLQvN3YwP8poB
hWSrNu6rOwjerZKOmNpHWdojxyq6wx9bLeogk58vObvidlC81YGvc/gezVa8uX8S
Ug==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:49:54 2025 by rpki-client