Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2C9C91066CE11F0B9B73684DAE4EC9C.roa
File: B2C9C91066CE11F0B9B73684DAE4EC9C.roa (raw, json)
Hash identifier: uNjWhll4JbpdAprqfd++brrFzd53aabIv6i/RmGlPiI=
Subject key identifier: C1:BD:E5:DA:1D:E0:4A:8A:14:B0:86:C2:C9:C1:F7:E6:CD:9F:84:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016681
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2C9C91066CE11F0B9B73684DAE4EC9C.roa
Signing time: Tue 22 Jul 2025 07:37:20 +0000
ROA not before: Tue 22 Jul 2025 07:37:15 +0000
ROA not after: Thu 28 Aug 2025 07:37:15 +0000
asID: 59187
IP address blocks: 156.238.97.0/24 maxlen: 24
156.238.98.0/24 maxlen: 24
156.238.99.0/24 maxlen: 24
156.238.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91777 (0x16681)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 22 07:37:15 2025 GMT
Not After : Aug 28 07:37:15 2025 GMT
Subject: CN=687f3fb0-e183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:06:b5:6c:43:8c:a9:77:50:a6:c0:62:3e:ae:
8a:3e:a6:bc:22:34:a4:15:6c:41:c6:e5:a6:9e:a3:
53:71:07:69:77:0e:c7:dc:68:ba:82:91:f5:fe:0f:
ff:aa:75:0e:bb:0e:b9:b1:ff:67:2f:63:a1:52:82:
3e:e6:75:5b:3c:5d:14:91:35:f3:20:57:22:18:e9:
49:e1:77:98:f0:d8:5e:08:06:95:1e:63:02:d2:a7:
09:4c:41:6b:3e:81:58:20:a6:71:3d:57:f8:7a:ea:
41:dd:29:65:b2:12:ef:a3:ec:c5:f1:7d:d2:a0:da:
48:bd:75:0d:89:9a:5a:19:67:5c:3f:77:ca:39:35:
8f:04:09:3f:c9:ed:dd:cd:50:49:22:f2:97:35:d7:
2c:ed:fe:8d:0d:69:f0:ce:87:3d:42:0d:a9:fa:e9:
d8:b3:84:62:57:92:18:5e:74:75:84:4a:82:92:f5:
d9:02:b7:db:5f:9e:b4:92:8b:d3:a6:86:4f:e0:13:
7a:a9:c9:9f:88:7e:f7:01:95:a2:25:1e:b4:f9:9f:
89:3c:b0:bc:7d:68:3d:27:07:3d:01:b5:1a:6b:ba:
c0:13:f0:98:2e:72:cd:1c:7f:0e:c8:29:b0:5e:76:
c7:35:8d:f1:ce:ab:24:20:f5:01:83:1b:13:4a:7b:
5e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:BD:E5:DA:1D:E0:4A:8A:14:B0:86:C2:C9:C1:F7:E6:CD:9F:84:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2C9C91066CE11F0B9B73684DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.97.0-156.238.100.255
Signature Algorithm: sha256WithRSAEncryption
42:89:24:bf:4a:c7:85:33:cf:3b:41:d6:47:bc:5e:7c:de:4a:
54:a7:0a:b9:56:90:c4:1d:cb:d4:9a:5f:96:ba:da:b6:38:3a:
12:26:a0:64:ce:b9:0d:ed:83:f9:5d:d6:ce:d4:c3:f7:83:09:
06:c0:f5:89:32:09:1f:80:88:8e:6b:2c:f8:66:b3:25:88:8b:
c9:6c:57:c6:24:7d:8b:56:26:84:81:82:2c:47:16:bc:10:10:
4d:71:fe:01:6d:61:de:19:ce:77:aa:4e:e6:39:a7:58:be:f6:
0a:7a:75:86:b3:64:2b:43:9b:c3:04:39:c4:95:3b:59:f0:8b:
8b:68:44:7c:97:11:1b:db:3b:9a:07:77:ae:69:17:99:5b:9e:
9f:44:ba:10:bb:cb:3b:07:2f:12:ca:51:47:c3:56:46:e0:ba:
ff:e6:5c:f8:b3:1f:be:9d:02:d4:70:de:b8:f7:3e:23:08:ae:
c2:4e:6e:2c:5e:6f:a4:ed:da:d1:50:51:eb:5e:de:d4:c7:16:
16:b1:5a:2a:11:be:48:e5:33:91:2a:38:ea:7b:44:9e:60:a1:
19:43:93:33:52:3f:c0:b0:7c:d6:9a:f6:f0:09:3a:90:4e:c0:
2d:d9:d3:50:e3:9b:ff:a0:76:51:19:a5:d6:e3:ed:36:2e:88:
6a:db:6b:bd
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWaBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIyMDczNzE1WhcNMjUwODI4MDczNzE1WjAYMRYw
FAYDVQQDEw02ODdmM2ZiMC1lMTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqga1bEOMqXdQpsBiPq6KPqa8IjSkFWxBxuWmnqNTcQdpdw7H3Gi6gpH1
/g//qnUOuw65sf9nL2OhUoI+5nVbPF0UkTXzIFciGOlJ4XeY8NheCAaVHmMC0qcJ
TEFrPoFYIKZxPVf4eupB3SllshLvo+zF8X3SoNpIvXUNiZpaGWdcP3fKOTWPBAk/
ye3dzVBJIvKXNdcs7f6NDWnwzoc9Qg2p+unYs4RiV5IYXnR1hEqCkvXZArfbX560
kovTpoZP4BN6qcmfiH73AZWiJR60+Z+JPLC8fWg9Jwc9AbUaa7rAE/CYLnLNHH8O
yCmwXnbHNY3xzqskIPUBgxsTSnte3QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMG9
5dod4EqKFLCGwsnB9+bNn4T4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMkM5QzkxMDY2Q0UxMUYwQjlCNzM2ODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc7mEDBACc7mQwDQYJKoZI
hvcNAQELBQADggEBAEKJJL9Kx4UzzztB1ke8XnzeSlSnCrlWkMQdy9SaX5a62rY4
OhImoGTOuQ3tg/ld1s7Uw/eDCQbA9YkyCR+AiI5rLPhmsyWIi8lsV8YkfYtWJoSB
gixHFrwQEE1x/gFtYd4ZzneqTuY5p1i+9gp6dYazZCtDm8MEOcSVO1nwi4toRHyX
ERvbO5oHd65pF5lbnp9EuhC7yzsHLxLKUUfDVkbguv/mXPizH76dAtRw3rj3PiMI
rsJObixeb6Tt2tFQUete3tTHFhaxWioRvkjlM5EqOOp7RJ5goRlDkzNSP8CwfNaa
9vAJOpBOwC3Z01Djm/+gdlEZpdbj7TYuiGrba70=
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:44:45 2025 by rpki-client