Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BBF254268A211F0AB61E1E4DAE4EC9C.roa
File: 3BBF254268A211F0AB61E1E4DAE4EC9C.roa (raw, json)
Hash identifier: K6/joAg7x0xoJXku2A19trIZyinH1s1De+5k6VVdVYw=
Subject key identifier: 44:56:65:FB:8A:14:BE:E2:22:87:2C:BC:97:67:E1:81:AD:A9:21:F6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01678B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BBF254268A211F0AB61E1E4DAE4EC9C.roa
Signing time: Thu 24 Jul 2025 15:24:05 +0000
ROA not before: Thu 24 Jul 2025 15:23:59 +0000
ROA not after: Mon 08 Sep 2025 15:23:59 +0000
asID: 62084
IP address blocks: 156.247.20.0/24 maxlen: 24
156.247.21.0/24 maxlen: 24
156.247.22.0/24 maxlen: 24
156.247.23.0/24 maxlen: 24
156.254.96.0/24 maxlen: 24
156.254.97.0/24 maxlen: 24
156.254.98.0/24 maxlen: 24
156.254.99.0/24 maxlen: 24
156.254.100.0/24 maxlen: 24
156.254.101.0/24 maxlen: 24
156.254.102.0/24 maxlen: 24
156.254.103.0/24 maxlen: 24
156.254.104.0/24 maxlen: 24
156.254.105.0/24 maxlen: 24
156.254.106.0/24 maxlen: 24
156.254.107.0/24 maxlen: 24
156.254.108.0/24 maxlen: 24
156.254.109.0/24 maxlen: 24
156.254.110.0/24 maxlen: 24
156.254.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92043 (0x1678b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 15:23:59 2025 GMT
Not After : Sep 8 15:23:59 2025 GMT
Subject: CN=68825015-c0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1c:de:89:39:88:ef:4d:b2:20:e9:76:2d:39:
1e:3d:7c:1d:73:ed:24:60:3e:ca:55:c4:2a:96:7d:
80:4b:a1:95:19:f2:a1:93:3a:50:ee:d1:77:9c:b0:
4b:54:84:c7:e0:ab:e4:eb:4a:66:c6:fb:f2:70:a9:
9f:06:f2:af:a8:fc:84:74:72:1b:95:ab:51:89:b1:
d0:ee:a3:d1:58:8f:90:5b:65:15:30:0c:66:89:46:
f5:3e:d5:be:9f:84:18:39:9e:34:5b:59:f7:6c:63:
19:ba:a0:19:ed:d9:a8:6d:5c:bb:3d:20:04:0a:8e:
d8:c6:4e:9d:9f:fc:5f:28:61:81:d9:dc:be:e5:9e:
04:b5:3a:ae:af:bd:51:1d:a9:be:41:d4:d2:f2:3a:
52:8e:d5:8e:3b:d0:f3:83:f0:a3:a4:68:82:33:8c:
f5:02:e0:19:03:9f:c5:0a:f6:1f:13:aa:b1:35:24:
df:70:04:02:6f:23:8d:9d:5d:5c:f1:c1:04:ee:4d:
25:c0:e7:d0:f4:dc:02:4e:71:c1:f1:cd:16:34:18:
d7:c7:fb:73:cc:18:94:c0:53:60:d0:c5:6f:79:d8:
b0:f6:12:70:3f:52:d2:71:29:fe:d2:5c:8c:c6:96:
2d:34:08:3c:88:e8:a0:ce:33:5c:94:92:3f:d0:fb:
dd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:56:65:FB:8A:14:BE:E2:22:87:2C:BC:97:67:E1:81:AD:A9:21:F6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3BBF254268A211F0AB61E1E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.20.0/22
156.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
94:9a:30:60:10:07:b4:8b:38:96:c6:da:07:49:e9:cb:c6:72:
85:cc:5e:13:c8:ca:e7:ea:d8:f2:a3:64:ef:06:9c:3b:2a:c3:
7a:95:f8:43:ed:4f:4e:59:bc:e4:eb:8e:7c:c9:d4:06:6b:ea:
9d:84:98:38:3e:17:3c:b3:fd:50:70:38:cd:1e:3c:5f:46:e9:
bf:2d:b4:45:23:d5:09:08:46:f7:ab:9a:16:6a:be:39:47:05:
b6:2e:ea:85:9f:df:bd:39:39:43:56:65:98:08:d9:da:ca:79:
8f:cb:a6:7f:fb:4d:28:49:eb:a8:96:90:73:0e:83:3f:18:78:
ae:53:d5:ee:0e:98:50:8a:c8:45:62:fe:9b:77:47:60:87:26:
3e:19:f4:bd:b7:55:c7:a9:69:36:c6:d5:9b:17:85:f7:7e:6f:
97:78:b5:1a:97:fe:a8:70:bc:4f:45:f4:66:8a:d7:af:a8:c9:
15:f4:53:dd:34:a1:9a:fe:3c:1f:a8:d3:50:a1:24:35:e7:67:
05:f1:0f:74:fd:df:e2:ac:0b:26:44:b8:6d:b2:1e:df:36:34:
c6:1e:bc:91:fe:99:f2:14:64:38:b8:ab:6f:9d:e0:7b:f0:c7:
14:63:17:af:f4:94:5a:b8:5b:eb:1e:64:31:bf:4c:b0:9a:ea:
96:d4:66:87
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWeLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI0MTUyMzU5WhcNMjUwOTA4MTUyMzU5WjAYMRYw
FAYDVQQDEw02ODgyNTAxNS1jMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0xzeiTmI702yIOl2LTkePXwdc+0kYD7KVcQqln2AS6GVGfKhkzpQ7tF3
nLBLVITH4Kvk60pmxvvycKmfBvKvqPyEdHIblatRibHQ7qPRWI+QW2UVMAxmiUb1
PtW+n4QYOZ40W1n3bGMZuqAZ7dmobVy7PSAECo7Yxk6dn/xfKGGB2dy+5Z4EtTqu
r71RHam+QdTS8jpSjtWOO9Dzg/CjpGiCM4z1AuAZA5/FCvYfE6qxNSTfcAQCbyON
nV1c8cEE7k0lwOfQ9NwCTnHB8c0WNBjXx/tzzBiUwFNg0MVvediw9hJwP1LScSn+
0lyMxpYtNAg8iOigzjNclJI/0PvdgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFERW
ZfuKFL7iIocsvJdn4YGtqSH2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQkJGMjU0MjY4QTIxMUYwQUI2MUUxRTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnPcUAwQEnP5gMA0GCSqGSIb3
DQEBCwUAA4IBAQCUmjBgEAe0iziWxtoHSenLxnKFzF4TyMrn6tjyo2TvBpw7KsN6
lfhD7U9OWbzk6458ydQGa+qdhJg4Phc8s/1QcDjNHjxfRum/LbRFI9UJCEb3q5oW
ar45RwW2LuqFn9+9OTlDVmWYCNnaynmPy6Z/+00oSeuolpBzDoM/GHiuU9XuDphQ
ishFYv6bd0dghyY+GfS9t1XHqWk2xtWbF4X3fm+XeLUal/6ocLxPRfRmitevqMkV
9FPdNKGa/jwfqNNQoSQ152cF8Q90/d/irAsmRLhtsh7fNjTGHryR/pnyFGQ4uKtv
neB78McUYxev9JRauFvrHmQxv0ywmuqW1GaH
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:53:53 2025 by rpki-client