Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C6C46868A011F09D6DCBD7DAE4EC9C.roa
File: 20C6C46868A011F09D6DCBD7DAE4EC9C.roa (raw, json)
Hash identifier: ezsMTq7jL9eZ8oMQJCkNW19WMTvaGWJ3kp+EN1dRjtY=
Subject key identifier: C7:19:4D:06:3D:FE:42:1D:45:A5:52:7E:9D:FF:BC:44:4D:97:9D:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016789
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C6C46868A011F09D6DCBD7DAE4EC9C.roa
Signing time: Thu 24 Jul 2025 15:09:00 +0000
ROA not before: Thu 24 Jul 2025 15:08:55 +0000
ROA not after: Fri 05 Sep 2025 15:08:55 +0000
asID: 21859
IP address blocks: 156.225.8.0/24 maxlen: 24
156.225.9.0/24 maxlen: 24
156.225.10.0/24 maxlen: 24
156.225.11.0/24 maxlen: 24
156.226.164.0/24 maxlen: 24
156.226.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92041 (0x16789)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 15:08:55 2025 GMT
Not After : Sep 5 15:08:55 2025 GMT
Subject: CN=68824c8c-bf1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:34:04:d8:7b:b9:ca:a7:f5:e3:d2:fb:7b:cd:
44:47:64:5f:0e:5b:07:67:e9:20:47:a7:f8:e6:36:
9c:f9:94:db:36:46:80:3b:24:ed:11:a1:30:93:88:
c4:be:2a:81:34:77:33:81:ef:83:a2:c0:ba:79:d2:
09:06:f3:60:c4:4e:0f:4d:58:fa:eb:b0:b1:eb:80:
10:16:4b:09:1e:9a:9b:01:4e:66:57:3e:52:74:7d:
83:76:ea:ce:e7:04:77:09:79:48:6c:a8:3b:1a:95:
e2:52:93:c4:75:20:3b:e3:75:af:63:9c:e0:6e:b8:
d7:dd:a1:d5:86:0f:8f:cb:26:5a:6a:db:8d:0f:09:
37:45:a4:0a:53:7e:16:a8:d8:bf:4d:69:62:68:f1:
a4:92:ed:16:95:a6:d6:9e:23:66:c5:f2:ff:6a:00:
b7:1a:d2:5e:24:45:32:e7:3f:1d:84:09:9a:c4:d2:
0c:56:f3:0e:64:97:86:24:65:a1:5a:db:5b:a9:c3:
28:f2:2b:95:70:ee:c3:3c:09:47:e4:56:d9:26:f0:
8f:83:11:fe:ba:2f:ce:e6:0d:a3:25:c3:d6:ba:34:
6a:b6:03:82:e7:ee:37:07:d9:d1:c5:6a:c4:b1:2e:
23:fd:01:8d:0e:d7:a1:47:0f:94:a2:e0:c3:08:05:
91:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:19:4D:06:3D:FE:42:1D:45:A5:52:7E:9D:FF:BC:44:4D:97:9D:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/20C6C46868A011F09D6DCBD7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.8.0/22
156.226.164.0/23
Signature Algorithm: sha256WithRSAEncryption
73:0b:28:40:b2:a5:c5:e0:8c:d7:2d:4c:20:37:93:8a:1c:ff:
24:8e:1c:61:ee:cc:ba:fd:0a:3b:05:63:1b:cd:7e:c5:ba:c0:
80:5f:2b:58:db:5d:f8:bc:d9:2e:6c:21:bf:35:55:c4:f1:c7:
d1:6d:38:41:72:ac:09:03:fb:5d:01:cb:4d:e1:c1:cc:25:0c:
8e:f7:dc:f9:9a:f2:0a:8b:5c:b0:80:64:1f:de:c9:e5:b3:28:
9b:4f:2e:71:db:58:e7:19:c5:37:09:ab:c5:f3:bd:db:7e:68:
0d:ff:26:ee:54:bf:7e:da:8d:af:2f:3e:4c:53:a0:8c:b4:4f:
00:ba:40:5f:8f:b7:8e:fc:66:63:d5:1a:61:14:ba:51:d2:aa:
bf:27:73:db:04:c4:9f:8f:68:04:88:a2:19:72:7a:dd:34:4c:
43:97:be:6d:dc:51:6f:6d:26:0e:4d:b1:c1:2e:a3:8d:e5:c1:
e3:79:f0:3d:f9:c9:b0:61:e4:c7:ed:58:da:39:10:df:da:9b:
1a:bb:c3:70:2d:33:e3:87:c6:e4:4a:80:dd:9c:af:17:99:52:
90:4c:68:81:7d:67:e0:20:55:7b:db:87:13:92:db:9b:d4:4a:
00:a7:7e:e5:bc:b8:58:26:fe:1d:66:d8:1a:a3:40:13:c5:b4:
b4:22:9a:20
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWeJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI0MTUwODU1WhcNMjUwOTA1MTUwODU1WjAYMRYw
FAYDVQQDEw02ODgyNGM4Yy1iZjFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvTQE2Hu5yqf149L7e81ER2RfDlsHZ+kgR6f45jac+ZTbNkaAOyTtEaEw
k4jEviqBNHczge+DosC6edIJBvNgxE4PTVj667Cx64AQFksJHpqbAU5mVz5SdH2D
durO5wR3CXlIbKg7GpXiUpPEdSA743WvY5zgbrjX3aHVhg+PyyZaatuNDwk3RaQK
U34WqNi/TWliaPGkku0WlabWniNmxfL/agC3GtJeJEUy5z8dhAmaxNIMVvMOZJeG
JGWhWttbqcMo8iuVcO7DPAlH5FbZJvCPgxH+ui/O5g2jJcPWujRqtgOC5+43B9nR
xWrEsS4j/QGNDtehRw+UouDDCAWRgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMcZ
TQY9/kIdRaVSfp3/vERNl50EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMEM2QzQ2ODY4QTAxMUYwOUQ2RENCRDdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnOEIAwQBnOKkMA0GCSqGSIb3
DQEBCwUAA4IBAQBzCyhAsqXF4IzXLUwgN5OKHP8kjhxh7sy6/Qo7BWMbzX7FusCA
XytY2134vNkubCG/NVXE8cfRbThBcqwJA/tdActN4cHMJQyO99z5mvIKi1ywgGQf
3snlsyibTy5x21jnGcU3CavF873bfmgN/ybuVL9+2o2vLz5MU6CMtE8AukBfj7eO
/GZj1RphFLpR0qq/J3PbBMSfj2gEiKIZcnrdNExDl75t3FFvbSYOTbHBLqON5cHj
efA9+cmwYeTH7VjaORDf2psau8NwLTPjh8bkSoDdnK8XmVKQTGiBfWfgIFV724cT
ktub1EoAp37lvLhYJv4dZtgao0ATxbS0Ipog
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:50:26 2025 by rpki-client