Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0963A2E665811F083D323F6DAE4EC9C.roa
File: A0963A2E665811F083D323F6DAE4EC9C.roa (raw, json)
Hash identifier: SF0uO0j0az1TiTk3VzUvndBsEqtSKYxlELMXFoLUzR0=
Subject key identifier: AE:66:1A:37:CA:BE:7E:94:7C:5B:BD:72:4B:2D:0A:7F:0C:9D:F2:1B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01664C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0963A2E665811F083D323F6DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 17:32:09 +0000
ROA not before: Mon 21 Jul 2025 17:32:04 +0000
ROA not after: Fri 29 Aug 2025 17:32:04 +0000
asID: 401254
IP address blocks: 156.224.84.0/22 maxlen: 24
156.224.92.0/22 maxlen: 24
156.224.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91724 (0x1664c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 21 17:32:04 2025 GMT
Not After : Aug 29 17:32:04 2025 GMT
Subject: CN=687e7999-4779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1d:b3:02:a1:08:56:fc:01:a4:ef:d9:54:86:
7f:54:3d:12:b3:c8:a5:1b:40:0f:76:45:07:bc:5e:
e6:85:0a:41:e6:27:f6:ee:7b:33:e1:97:f1:fb:9b:
f9:b2:4f:50:8c:b4:23:8a:db:73:72:40:71:96:8f:
02:32:ea:8b:3d:19:06:bb:0c:6d:e9:6c:6f:64:95:
ff:93:08:34:95:e2:65:aa:a3:f5:82:67:e0:d6:6d:
21:68:9c:a8:db:ef:8b:5e:39:65:35:2c:cd:7d:d0:
4b:f0:57:42:eb:65:82:25:02:43:57:34:82:82:e9:
eb:be:91:80:a4:9e:e1:d0:00:c0:ea:f5:00:c8:3e:
3f:db:1c:fb:11:6b:b6:20:ea:08:a8:80:d5:93:fe:
cd:9e:83:4f:1b:bb:02:9f:11:4d:12:50:63:eb:25:
d1:12:32:8b:32:70:ab:6f:25:ae:da:0f:91:5c:3b:
52:cb:44:39:d4:0e:d8:0f:3d:0e:84:c1:a4:10:3f:
09:52:e2:f5:6d:f7:25:45:b6:37:e7:e7:eb:31:f6:
99:a6:a3:8b:fa:cc:a9:27:6f:d6:a9:fc:67:4f:b3:
60:a8:7b:74:f5:d2:43:04:c5:ca:bf:58:fc:6f:cc:
e4:55:89:53:2e:ce:1b:88:95:6e:a6:ff:d5:e2:78:
23:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:66:1A:37:CA:BE:7E:94:7C:5B:BD:72:4B:2D:0A:7F:0C:9D:F2:1B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0963A2E665811F083D323F6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.84.0/22
156.224.92.0-156.224.127.255
Signature Algorithm: sha256WithRSAEncryption
09:7b:02:48:01:6b:a4:61:9a:73:f9:02:24:0e:0b:10:56:af:
b6:b2:40:22:0b:33:0d:b3:ef:a0:31:b2:14:5b:58:4e:ba:30:
92:8c:d7:5b:a0:f8:39:09:d2:32:3d:ee:9e:d9:ac:c0:00:db:
b6:d8:ee:c4:ab:f7:87:8e:56:41:7d:1a:bd:d1:ea:fc:ef:75:
15:d9:b4:f1:ca:f1:aa:8b:18:e9:db:d7:db:b3:5f:12:8d:4c:
88:ab:b4:5e:7f:91:61:51:f0:76:db:78:82:27:27:6a:21:16:
25:d7:46:25:af:88:01:03:2f:08:e9:01:2f:70:3d:1b:06:bc:
81:53:ff:77:93:47:d3:de:95:1c:fa:c3:b4:bf:09:c3:25:67:
fe:88:de:f7:6e:0f:9d:82:23:a7:84:d3:44:c5:54:b7:22:35:
d3:30:f5:d2:aa:31:32:c0:a4:ca:40:64:a3:e8:ab:03:23:87:
26:f1:eb:d8:bd:3f:80:42:18:f9:b6:ee:5a:f7:7f:ce:79:1c:
aa:d7:39:11:38:b1:d9:f6:af:82:dc:04:e6:d2:50:45:90:b9:
20:fa:3d:e7:62:29:dc:39:2a:0a:ee:86:13:3a:d5:80:86:a4:
76:45:af:aa:51:5d:8e:4d:6a:d5:6b:5c:81:cf:1f:25:e1:3d:
e2:0f:08:aa
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAWZMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIxMTczMjA0WhcNMjUwODI5MTczMjA0WjAYMRYw
FAYDVQQDEw02ODdlNzk5OS00Nzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6x2zAqEIVvwBpO/ZVIZ/VD0Ss8ilG0APdkUHvF7mhQpB5if27nsz4Zfx
+5v5sk9QjLQjittzckBxlo8CMuqLPRkGuwxt6WxvZJX/kwg0leJlqqP1gmfg1m0h
aJyo2++LXjllNSzNfdBL8FdC62WCJQJDVzSCgunrvpGApJ7h0ADA6vUAyD4/2xz7
EWu2IOoIqIDVk/7NnoNPG7sCnxFNElBj6yXREjKLMnCrbyWu2g+RXDtSy0Q51A7Y
Dz0OhMGkED8JUuL1bfclRbY35+frMfaZpqOL+sypJ2/WqfxnT7NgqHt09dJDBMXK
v1j8b8zkVYlTLs4biJVupv/V4ngj/QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFK5m
GjfKvn6UfFu9ckstCn8MnfIbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMDk2M0EyRTY2NTgxMUYwODNEMzIzRjZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCnOBUMAwDBAKc4FwDBAec4AAw
DQYJKoZIhvcNAQELBQADggEBAAl7AkgBa6RhmnP5AiQOCxBWr7ayQCILMw2z76Ax
shRbWE66MJKM11ug+DkJ0jI97p7ZrMAA27bY7sSr94eOVkF9Gr3R6vzvdRXZtPHK
8aqLGOnb19uzXxKNTIirtF5/kWFR8HbbeIInJ2ohFiXXRiWviAEDLwjpAS9wPRsG
vIFT/3eTR9PelRz6w7S/CcMlZ/6I3vduD52CI6eE00TFVLciNdMw9dKqMTLApMpA
ZKPoqwMjhybx69i9P4BCGPm27lr3f855HKrXORE4sdn2r4LcBObSUEWQuSD6Pedi
Kdw5KgruhhM61YCGpHZFr6pRXY5NatVrXIHPHyXhPeIPCKo=
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:53:43 2025 by rpki-client