Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F3C35EE6D3311F0998A65A4DAE4EC9C.roa
File: 3F3C35EE6D3311F0998A65A4DAE4EC9C.roa (raw, json)
Hash identifier: FdnYx0eJltyJUBnht22HRzWT8hgtpGYMrmFA9Dj+jQE=
Subject key identifier: D2:DC:E2:09:18:1E:FB:FE:C5:4C:D6:96:8B:4D:80:62:CF:E2:3E:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016858
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F3C35EE6D3311F0998A65A4DAE4EC9C.roa
Signing time: Wed 30 Jul 2025 10:52:12 +0000
ROA not before: Wed 30 Jul 2025 10:52:07 +0000
ROA not after: Thu 28 Aug 2025 10:52:07 +0000
asID: 139880
IP address blocks: 156.227.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92248 (0x16858)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 30 10:52:07 2025 GMT
Not After : Aug 28 10:52:07 2025 GMT
Subject: CN=6889f95c-99a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:89:21:9d:b2:96:08:e6:2d:6d:4c:e6:db:38:
4e:04:5c:5d:f8:e7:cf:9f:9e:aa:b5:0c:0a:6e:38:
95:dd:91:80:37:5d:31:c5:0d:91:56:69:fa:4b:85:
dc:4e:76:11:03:b0:71:3e:73:ab:62:06:79:04:c1:
8b:ce:30:3c:ee:a0:f4:8f:a2:0d:44:5e:ae:90:2d:
d6:b7:11:f4:f2:5e:d1:e5:47:3d:fa:f0:d4:e4:78:
f5:d5:81:3d:8a:39:52:34:a6:8b:fd:e4:4a:14:c0:
24:cf:ac:e3:7d:2b:1b:9f:45:24:82:05:09:0c:3d:
87:c6:dc:ac:54:9f:ab:dc:f7:f9:c8:d7:e2:b4:ad:
6c:b6:3b:96:fc:b5:b9:d5:a9:59:62:6c:74:94:f7:
c5:da:53:41:80:d1:88:de:6a:73:41:06:c4:4e:c9:
00:27:46:ad:0e:34:29:99:e5:4f:31:e0:61:28:ce:
92:e3:30:55:25:e2:8b:d6:21:e8:b2:e2:0d:a1:34:
e4:b9:d1:5f:51:21:43:dc:17:b6:86:75:a9:55:6e:
8d:1a:8e:b3:b1:7b:85:e3:c9:b5:f5:93:4d:40:61:
b4:2a:a7:0e:fb:0c:7b:93:dd:64:e2:cd:3a:5c:18:
36:93:58:e9:25:72:7b:1c:23:66:bf:f0:a5:b2:f4:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DC:E2:09:18:1E:FB:FE:C5:4C:D6:96:8B:4D:80:62:CF:E2:3E:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F3C35EE6D3311F0998A65A4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b6:07:a6:55:6b:70:c6:88:fb:df:2e:b0:19:0a:bf:11:00:4a:
e8:77:3d:e4:64:54:cb:0f:a1:9f:a1:a6:24:33:5c:e4:65:82:
52:2e:e3:13:6b:bc:19:a4:61:33:61:fe:ff:3f:15:13:5c:fa:
db:63:dc:e6:65:f9:68:18:d0:79:0a:28:24:04:53:e7:60:16:
21:11:78:98:d8:c4:1f:72:56:cb:07:af:99:46:72:a0:01:de:
c3:03:18:d5:d3:f3:9d:d2:7d:17:ab:71:d7:63:d1:75:2e:2c:
62:7a:bb:fc:5e:f0:c2:a5:24:28:7a:78:1b:b9:71:34:b7:79:
17:0c:2d:2f:3a:2f:c3:8d:69:f2:f3:dc:9b:ec:a3:41:d1:7e:
5b:30:6b:45:15:9e:8c:17:b1:1d:83:22:6e:13:9a:29:4a:64:
1b:5a:bf:d9:4d:15:86:83:f8:99:28:c4:27:59:47:9c:9d:32:
df:d1:00:4d:17:34:8e:b5:17:29:8e:3d:56:af:f4:b0:85:94:
f5:3a:dc:2f:c8:32:2f:b2:ef:57:a9:9b:39:b4:48:d6:d4:8b:
7a:9d:11:90:51:46:af:2e:01:b1:80:69:cd:d3:05:3c:8f:b5:
89:d9:aa:0b:85:85:74:41:0b:7a:2d:da:b9:13:c7:00:4f:08:
be:2f:12:d0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWhYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzMwMTA1MjA3WhcNMjUwODI4MTA1MjA3WjAYMRYw
FAYDVQQDEw02ODg5Zjk1Yy05OWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuokhnbKWCOYtbUzm2zhOBFxd+OfPn56qtQwKbjiV3ZGAN10xxQ2RVmn6
S4XcTnYRA7BxPnOrYgZ5BMGLzjA87qD0j6INRF6ukC3WtxH08l7R5Uc9+vDU5Hj1
1YE9ijlSNKaL/eRKFMAkz6zjfSsbn0UkggUJDD2HxtysVJ+r3Pf5yNfitK1stjuW
/LW51alZYmx0lPfF2lNBgNGI3mpzQQbETskAJ0atDjQpmeVPMeBhKM6S4zBVJeKL
1iHosuINoTTkudFfUSFD3Be2hnWpVW6NGo6zsXuF48m19ZNNQGG0KqcO+wx7k91k
4s06XBg2k1jpJXJ7HCNmv/ClsvRSMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNLc
4gkYHvv+xUzWlotNgGLP4j6rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjNDMzVFRTZEMzMxMUYwOTk4QTY1QTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnONAMA0GCSqGSIb3DQEBCwUA
A4IBAQC2B6ZVa3DGiPvfLrAZCr8RAErodz3kZFTLD6GfoaYkM1zkZYJSLuMTa7wZ
pGEzYf7/PxUTXPrbY9zmZfloGNB5CigkBFPnYBYhEXiY2MQfclbLB6+ZRnKgAd7D
AxjV0/Od0n0Xq3HXY9F1Lixierv8XvDCpSQoengbuXE0t3kXDC0vOi/DjWny89yb
7KNB0X5bMGtFFZ6MF7EdgyJuE5opSmQbWr/ZTRWGg/iZKMQnWUecnTLf0QBNFzSO
tRcpjj1Wr/SwhZT1OtwvyDIvsu9XqZs5tEjW1It6nRGQUUavLgGxgGnN0wU8j7WJ
2aoLhYV0QQt6Ldq5E8cATwi+LxLQ
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:40:42 2025 by rpki-client