Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C203A1067C211F0A85F6DB2DAE4EC9C.roa
File: 9C203A1067C211F0A85F6DB2DAE4EC9C.roa (raw, json)
Hash identifier: s0TeirPRo03R/1eJXRGsIfSdrAjaTOG5Bu9YQiabrrs=
Subject key identifier: 9B:A2:9A:1F:EF:7A:3D:B8:7A:E0:C0:B0:AE:66:AE:40:F7:F2:35:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0166F4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C203A1067C211F0A85F6DB2DAE4EC9C.roa
Signing time: Wed 23 Jul 2025 12:43:19 +0000
ROA not before: Wed 23 Jul 2025 12:43:14 +0000
ROA not after: Sat 30 Aug 2025 12:43:14 +0000
asID: 20326
IP address blocks: 156.229.232.0/22 maxlen: 24
156.229.248.0/22 maxlen: 24
156.229.252.0/23 maxlen: 24
156.243.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91892 (0x166f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 23 12:43:14 2025 GMT
Not After : Aug 30 12:43:14 2025 GMT
Subject: CN=6880d8e7-f65b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:76:3e:e1:99:78:24:35:a0:1f:4e:0a:01:49:
13:f6:8d:47:a0:91:2a:0d:05:2e:0d:12:a5:73:ff:
8d:b5:3f:be:f2:bc:06:bc:3b:48:d9:6a:ac:d1:d5:
cd:fb:1d:28:f7:72:16:21:8c:d3:e4:2f:9e:ac:38:
07:c5:d6:d5:33:48:a3:12:9d:04:b8:aa:dd:61:ef:
9a:36:19:7c:9a:3e:99:b3:b5:f6:ec:a4:c3:4f:0f:
a8:b7:8c:d3:d7:c9:08:a0:c5:dc:98:10:39:3f:94:
8b:ec:c6:cc:94:cb:21:f0:b3:be:b7:65:61:57:ed:
52:1b:94:11:12:9d:59:2e:f4:7d:d9:26:f2:2e:d5:
11:a9:75:12:43:61:62:b1:55:1f:e8:3c:ce:53:2b:
07:a3:db:68:f9:ba:7e:f4:a7:55:13:47:a5:87:db:
c3:bc:59:cb:ca:e8:f3:03:41:40:ac:e4:d4:ac:b7:
7a:f1:59:cb:c9:4b:59:95:6b:49:2d:99:5d:27:c4:
c0:83:b3:f7:a5:75:a2:24:35:07:63:82:7b:4d:ca:
15:85:14:3d:e1:fa:8e:1d:24:8e:14:9e:c9:3d:42:
60:6b:08:85:d9:b2:12:72:d2:10:86:b1:d2:91:9d:
dc:fd:d7:06:85:e4:c4:01:22:ac:e9:8e:38:6a:f0:
b8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A2:9A:1F:EF:7A:3D:B8:7A:E0:C0:B0:AE:66:AE:40:F7:F2:35:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9C203A1067C211F0A85F6DB2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.232.0/22
156.229.248.0-156.229.253.255
156.243.116.0/22
Signature Algorithm: sha256WithRSAEncryption
96:6f:ea:4f:02:17:89:33:0c:88:e6:b9:26:c6:e0:ff:fd:54:
8d:66:00:3c:92:8c:6d:ae:14:85:4d:29:19:6c:be:d5:8b:22:
a8:d2:3f:8f:48:3f:72:e8:9a:76:88:e2:47:c6:e6:6c:4e:1a:
86:9f:0f:58:27:ee:5a:3c:64:0d:75:d3:f0:96:db:8b:2d:47:
9c:57:1e:a0:ba:0a:22:39:d5:45:22:3e:65:95:2b:13:dd:51:
c4:8d:dc:e8:28:d8:6d:b4:ea:1c:a7:c9:db:9e:01:07:a7:8f:
25:46:84:c2:e7:b2:e5:4c:db:28:3a:d1:81:e2:af:7c:47:0a:
ac:96:cc:5d:08:a4:3f:57:ab:b7:8b:77:55:65:13:52:1f:ac:
96:2a:2d:fc:de:2a:f8:67:7f:41:d7:ca:61:66:fb:a6:ee:fb:
92:a4:3e:e8:eb:c9:c6:4c:8e:7a:29:c5:a6:57:52:8c:a8:1f:
2a:fb:45:fe:60:a1:6f:8d:8c:43:95:fc:2a:ec:da:76:d9:ae:
09:3b:38:15:cd:58:af:1d:16:eb:f0:fa:3e:7d:e9:9c:f4:b1:
ed:5b:3e:05:e6:27:d7:1a:66:a5:70:87:5b:2a:e4:fe:b9:d9:
6c:8a:de:24:45:88:d5:78:18:69:5c:7d:e3:b4:70:9f:0e:fc:
33:c7:46:97
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAWb0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIzMTI0MzE0WhcNMjUwODMwMTI0MzE0WjAYMRYw
FAYDVQQDEw02ODgwZDhlNy1mNjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl3Y+4Zl4JDWgH04KAUkT9o1HoJEqDQUuDRKlc/+NtT++8rwGvDtI2Wqs
0dXN+x0o93IWIYzT5C+erDgHxdbVM0ijEp0EuKrdYe+aNhl8mj6Zs7X27KTDTw+o
t4zT18kIoMXcmBA5P5SL7MbMlMsh8LO+t2VhV+1SG5QREp1ZLvR92SbyLtURqXUS
Q2FisVUf6DzOUysHo9to+bp+9KdVE0elh9vDvFnLyujzA0FArOTUrLd68VnLyUtZ
lWtJLZldJ8TAg7P3pXWiJDUHY4J7TcoVhRQ94fqOHSSOFJ7JPUJgawiF2bISctIQ
hrHSkZ3c/dcGheTEASKs6Y44avC4qwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFJui
mh/vej24euDAsK5mrkD38jUaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QzIwM0ExMDY3QzIxMUYwQTg1RjZEQjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCnOXoMAwDBAOc5fgDBAGc5fwD
BAKc83QwDQYJKoZIhvcNAQELBQADggEBAJZv6k8CF4kzDIjmuSbG4P/9VI1mADyS
jG2uFIVNKRlsvtWLIqjSP49IP3LomnaI4kfG5mxOGoafD1gn7lo8ZA110/CW24st
R5xXHqC6CiI51UUiPmWVKxPdUcSN3Ogo2G206hynydueAQenjyVGhMLnsuVM2yg6
0YHir3xHCqyWzF0IpD9Xq7eLd1VlE1IfrJYqLfzeKvhnf0HXymFm+6bu+5KkPujr
ycZMjnopxaZXUoyoHyr7Rf5goW+NjEOV/Crs2nbZrgk7OBXNWK8dFuvw+j596Zz0
se1bPgXmJ9caZqVwh1sq5P652WyK3iRFiNV4GGlcfeO0cJ8O/DPHRpc=
-----END CERTIFICATE-----
Generated at Sat Aug 9 03:01:09 2025 by rpki-client