Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9696C10C6FA811F09E4F45A2DAE4EC9C.roa
File: 9696C10C6FA811F09E4F45A2DAE4EC9C.roa (raw, json)
Hash identifier: J4SRf3sIfFABx2kzk7dEP5b/I+iqzBBlzspJmPp4+Y0=
Subject key identifier: E5:C9:39:C5:B0:3F:51:96:F0:35:56:72:EC:8D:6C:D2:53:26:1F:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016894
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9696C10C6FA811F09E4F45A2DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 13:57:12 +0000
ROA not before: Sat 02 Aug 2025 13:57:07 +0000
ROA not after: Sun 07 Sep 2025 13:57:07 +0000
asID: 207023
IP address blocks: 156.255.24.0/22 maxlen: 24
156.255.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92308 (0x16894)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 2 13:57:07 2025 GMT
Not After : Sep 7 13:57:07 2025 GMT
Subject: CN=688e1938-35e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:6c:c4:8d:73:b0:39:e2:9a:47:e2:9c:8e:2a:
95:86:ce:30:49:cd:fe:ae:8c:a0:0a:64:07:3b:bf:
05:5f:07:6f:f6:09:6c:26:60:e1:e1:89:ef:ac:9b:
2b:7f:15:7b:8a:2b:fb:a9:07:84:a5:fb:64:41:ff:
e1:ff:03:b2:8b:d8:3e:a7:13:c7:c6:21:52:01:dc:
4e:1b:7a:6c:7b:ab:32:9d:07:be:6d:65:4f:b7:c9:
aa:10:2b:ac:d3:38:da:34:28:63:49:f3:e2:5f:06:
ab:bf:be:60:f5:e2:cf:b0:48:ed:3c:2c:4b:70:dc:
8a:5f:27:67:9f:82:f4:81:d8:32:23:73:95:12:59:
4e:47:1d:a8:9c:31:ae:8c:0c:d5:50:73:f8:fb:45:
5d:68:42:be:e0:46:95:8b:d9:c2:29:66:c2:63:41:
00:0d:ee:f9:f0:e8:4d:79:e7:0e:75:50:6c:26:94:
4e:73:39:11:65:ce:05:3c:87:0a:26:0e:18:38:27:
05:d3:90:39:f2:ad:04:10:89:84:03:ed:15:71:c6:
6d:5c:95:d9:89:36:37:26:38:71:69:99:0c:89:20:
ea:e8:58:9c:42:da:27:2b:c7:43:eb:96:ea:18:e4:
82:10:bd:52:be:d2:b7:0a:07:38:87:89:de:12:07:
fd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C9:39:C5:B0:3F:51:96:F0:35:56:72:EC:8D:6C:D2:53:26:1F:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9696C10C6FA811F09E4F45A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.24.0/21
Signature Algorithm: sha256WithRSAEncryption
9f:fb:bf:ee:ca:71:64:ce:88:2b:3f:53:24:29:02:62:2c:fc:
0e:09:09:9a:80:6f:0b:15:63:73:38:2c:f6:2e:22:88:ee:3d:
31:6b:fb:98:6a:ca:ff:bf:8e:e9:5b:c7:06:df:d7:e1:d9:05:
dd:d8:e0:49:f6:c4:ba:c2:d9:a1:36:34:0d:66:bc:52:8e:cf:
a9:e2:b3:6a:dd:42:a0:6c:eb:2e:4e:ac:82:51:0e:3b:f8:ee:
d3:d0:18:50:59:21:03:d5:c6:84:40:cc:77:23:0a:cc:ba:0d:
7a:14:ec:bf:70:96:d5:6e:d7:2f:e6:e1:81:0a:31:99:4e:67:
7a:32:63:23:fc:99:8a:ac:00:a2:1d:27:46:bf:d1:e1:14:8d:
73:b1:ea:0a:ff:ed:59:8c:8b:6f:2c:9d:1f:53:37:9c:59:c0:
b9:10:7d:51:50:48:47:d3:36:6b:e5:14:e1:e1:19:6e:68:01:
22:6a:cd:b9:e6:44:99:3b:a9:5c:07:e4:de:72:7d:c7:04:a3:
a2:d2:2a:86:d3:b0:6a:e8:6d:6c:bc:19:f6:5e:47:5c:5b:c8:
9f:b6:c8:16:79:61:4e:67:3a:04:74:2c:12:2f:88:c4:ea:cc:
bb:cd:9e:7a:6e:e0:14:46:95:fc:55:c6:88:2a:0a:d3:6b:7c:
d9:16:20:08
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWiUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODAyMTM1NzA3WhcNMjUwOTA3MTM1NzA3WjAYMRYw
FAYDVQQDEw02ODhlMTkzOC0zNWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzWzEjXOwOeKaR+KcjiqVhs4wSc3+roygCmQHO78FXwdv9glsJmDh4Ynv
rJsrfxV7iiv7qQeEpftkQf/h/wOyi9g+pxPHxiFSAdxOG3pse6synQe+bWVPt8mq
ECus0zjaNChjSfPiXwarv75g9eLPsEjtPCxLcNyKXydnn4L0gdgyI3OVEllORx2o
nDGujAzVUHP4+0VdaEK+4EaVi9nCKWbCY0EADe758OhNeecOdVBsJpROczkRZc4F
PIcKJg4YOCcF05A58q0EEImEA+0VccZtXJXZiTY3JjhxaZkMiSDq6FicQtonK8dD
65bqGOSCEL1SvtK3Cgc4h4neEgf9HwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOXJ
OcWwP1GW8DVWcuyNbNJTJh9kMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85Njk2QzEwQzZGQTgxMUYwOUU0RjQ1QTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP8YMA0GCSqGSIb3DQEBCwUA
A4IBAQCf+7/uynFkzogrP1MkKQJiLPwOCQmagG8LFWNzOCz2LiKI7j0xa/uYasr/
v47pW8cG39fh2QXd2OBJ9sS6wtmhNjQNZrxSjs+p4rNq3UKgbOsuTqyCUQ47+O7T
0BhQWSED1caEQMx3IwrMug16FOy/cJbVbtcv5uGBCjGZTmd6MmMj/JmKrACiHSdG
v9HhFI1zseoK/+1ZjItvLJ0fUzecWcC5EH1RUEhH0zZr5RTh4RluaAEias255kSZ
O6lcB+Tecn3HBKOi0iqG07Bq6G1svBn2XkdcW8iftsgWeWFOZzoEdCwSL4jE6sy7
zZ56buAURpX8VcaIKgrTa3zZFiAI
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:24:56 2025 by rpki-client