Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B94DB34A665C11F0B3000E92DAE4EC9C.roa
File: B94DB34A665C11F0B3000E92DAE4EC9C.roa (raw, json)
Hash identifier: a+pMbrXiP3uXJdkFPUj4JCiRvS6iegKxBF+9QQr/5NQ=
Subject key identifier: F3:AA:4F:F8:E3:4D:A2:E1:95:7D:E0:03:00:1C:0C:AF:B6:C8:6C:2C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016654
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B94DB34A665C11F0B3000E92DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 18:01:28 +0000
ROA not before: Mon 21 Jul 2025 18:01:23 +0000
ROA not after: Wed 16 Sep 2026 18:01:23 +0000
asID: 63199
IP address blocks: 156.227.240.0/24 maxlen: 24
156.227.241.0/24 maxlen: 24
156.227.242.0/24 maxlen: 24
156.227.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91732 (0x16654)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 21 18:01:23 2025 GMT
Not After : Sep 16 18:01:23 2026 GMT
Subject: CN=687e8078-6657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5a:4e:8e:0a:bc:e3:c1:87:ed:43:ec:c2:3d:
b8:57:73:d2:5c:4b:69:b4:20:6a:8c:f4:cd:75:e9:
0e:19:6b:c0:05:69:85:29:92:6d:dd:d7:cb:f3:46:
50:eb:5e:4d:c7:a2:30:73:d6:20:14:ed:e0:c7:74:
a5:84:8e:f5:e1:1b:e3:6a:c3:bb:a5:fa:bc:7d:46:
85:68:e8:15:6e:cc:1f:fe:2f:6e:2a:40:90:00:bb:
94:cb:a3:31:52:a0:7d:8d:64:c7:37:e8:94:9c:5d:
f4:99:d8:0c:bd:0f:85:42:74:82:84:e3:0a:1e:15:
2b:3d:9c:71:6f:f5:08:29:c4:af:f4:82:17:5c:b7:
c3:09:1c:4c:61:32:0f:15:81:28:88:3f:c8:0c:da:
bb:ba:6e:73:9f:d1:19:ec:8b:a9:a4:e9:28:1c:f7:
d2:b8:aa:ea:e8:1f:22:c4:b5:24:c4:26:37:88:a8:
c8:8a:83:11:8d:d4:d6:ae:99:9b:15:28:2e:b9:41:
ff:5d:13:cd:dd:20:f7:6e:8d:d2:86:89:3e:d2:65:
cb:58:e0:55:19:99:b0:fd:48:47:80:84:48:05:1f:
dc:14:bc:76:ff:12:10:62:69:83:c5:80:20:e4:5f:
fb:6b:52:69:dc:16:f2:e3:7a:97:22:32:3f:ff:16:
91:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AA:4F:F8:E3:4D:A2:E1:95:7D:E0:03:00:1C:0C:AF:B6:C8:6C:2C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B94DB34A665C11F0B3000E92DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.240.0/22
Signature Algorithm: sha256WithRSAEncryption
03:10:ac:6e:a1:cd:f9:ad:8a:3a:82:66:d9:0a:18:cf:52:4f:
8e:22:9b:c6:d0:49:c4:7a:75:f1:d1:f2:2d:d4:f1:7d:0b:c4:
34:e1:e7:9a:ba:a1:88:c8:62:b2:8d:ea:b7:98:16:5a:5a:37:
3a:ba:61:ab:b5:87:ae:3e:8f:88:44:fd:09:f9:3a:02:d1:bc:
ae:04:3e:2e:13:ad:ae:d4:35:02:7f:81:75:4f:67:0f:04:75:
0c:ec:69:41:52:9a:d9:b6:dc:d7:3d:5b:12:a9:89:f0:eb:0c:
11:2b:97:e1:46:9b:5c:d4:c6:56:0b:fd:1d:12:f7:9a:56:34:
e7:0b:43:f4:7d:4f:e5:3f:24:a1:b2:21:11:7f:5c:04:c3:24:
77:27:03:00:b5:c5:79:40:83:da:c6:a0:a1:09:fe:65:cc:5f:
63:c2:0a:eb:0d:9f:8d:89:93:ce:0e:4a:df:8e:0f:d7:64:86:
34:f3:47:ed:41:f0:1d:07:63:c6:05:d8:b6:cd:22:b4:ff:8d:
51:b8:2f:47:f4:5d:7e:98:3e:8b:3d:bb:9b:de:b2:73:b1:d8:
75:de:b6:46:4e:54:09:5e:de:7d:bd:3d:aa:ed:ef:70:02:0f:
f1:c6:53:e4:07:ad:28:88:fd:41:a3:a9:76:c4:49:8d:cf:b8:
9f:9e:18:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWZUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIxMTgwMTIzWhcNMjYwOTE2MTgwMTIzWjAYMRYw
FAYDVQQDEw02ODdlODA3OC02NjU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvVpOjgq848GH7UPswj24V3PSXEtptCBqjPTNdekOGWvABWmFKZJt3dfL
80ZQ615Nx6Iwc9YgFO3gx3SlhI714RvjasO7pfq8fUaFaOgVbswf/i9uKkCQALuU
y6MxUqB9jWTHN+iUnF30mdgMvQ+FQnSChOMKHhUrPZxxb/UIKcSv9IIXXLfDCRxM
YTIPFYEoiD/IDNq7um5zn9EZ7IuppOkoHPfSuKrq6B8ixLUkxCY3iKjIioMRjdTW
rpmbFSguuUH/XRPN3SD3bo3Shok+0mXLWOBVGZmw/UhHgIRIBR/cFLx2/xIQYmmD
xYAg5F/7a1Jp3Bby43qXIjI//xaRCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPOq
T/jjTaLhlX3gAwAcDK+2yGwsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTREQjM0QTY2NUMxMUYwQjMwMDBFOTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOPwMA0GCSqGSIb3DQEBCwUA
A4IBAQADEKxuoc35rYo6gmbZChjPUk+OIpvG0EnEenXx0fIt1PF9C8Q04eeauqGI
yGKyjeq3mBZaWjc6umGrtYeuPo+IRP0J+ToC0byuBD4uE62u1DUCf4F1T2cPBHUM
7GlBUprZttzXPVsSqYnw6wwRK5fhRptc1MZWC/0dEveaVjTnC0P0fU/lPyShsiER
f1wEwyR3JwMAtcV5QIPaxqChCf5lzF9jwgrrDZ+NiZPODkrfjg/XZIY080ftQfAd
B2PGBdi2zSK0/41RuC9H9F1+mD6LPbub3rJzsdh13rZGTlQJXt59vT2q7e9wAg/x
xlPkB60oiP1Bo6l2xEmNz7ifnhhn
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:44:40 2025 by rpki-client