Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3EAAD0C679311F0B6B19F87DAE4EC9C.roa
File: C3EAAD0C679311F0B6B19F87DAE4EC9C.roa (raw, json)
Hash identifier: HagJ/VhSh6Ogr0AQEFP6pu8ZFKyYxG29gdjaXMJERFw=
Subject key identifier: C7:27:B5:25:7B:9F:49:95:A1:37:7C:77:2D:D1:CB:E2:F9:34:A8:22
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0166A4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3EAAD0C679311F0B6B19F87DAE4EC9C.roa
Signing time: Wed 23 Jul 2025 07:08:00 +0000
ROA not before: Wed 23 Jul 2025 07:07:55 +0000
ROA not after: Sat 23 Aug 2025 07:07:55 +0000
asID: 20326
IP address blocks: 156.229.232.0/22 maxlen: 24
156.229.248.0/22 maxlen: 24
156.229.252.0/23 maxlen: 24
156.243.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91812 (0x166a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 23 07:07:55 2025 GMT
Not After : Aug 23 07:07:55 2025 GMT
Subject: CN=68808a50-ca52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:af:c8:ff:a3:da:d9:9d:d8:e4:16:d7:c2:
43:3d:f2:57:06:35:c5:d9:78:ad:a4:48:9c:0b:3b:
5b:74:2f:7d:37:2b:86:90:ea:e2:7f:46:39:4f:ab:
f1:4a:e1:3f:fc:29:5b:99:13:95:e1:3e:1b:2e:46:
92:7a:55:23:e2:a8:c4:3d:c9:f5:48:34:9f:51:8c:
70:6c:b7:77:2e:d8:f8:40:b3:97:fa:89:80:8b:b1:
3a:29:2b:26:d3:3c:7c:4c:b8:77:f4:0a:4e:51:37:
ad:a2:d0:48:65:46:30:42:99:7f:ff:99:75:2f:b0:
67:6f:1f:ba:2d:f8:e6:95:0c:98:cb:9b:b0:12:cf:
67:90:22:e5:cb:07:c6:36:cc:42:d4:a2:1d:06:db:
7c:e1:5a:46:ba:7d:7c:08:8f:31:86:74:15:d6:6f:
a8:f8:c7:77:a6:7e:ca:5a:56:60:35:f7:e7:e7:6e:
04:6a:e7:d4:ef:ae:b7:10:7b:a5:9e:54:b3:67:11:
23:66:fa:ee:39:5b:2d:19:c5:d8:66:ee:47:d7:6a:
d4:c2:50:d9:c7:59:14:6e:1f:0b:8f:d4:53:88:14:
6e:86:51:76:7f:ba:ed:6d:ff:8e:7f:af:67:f8:4a:
16:f4:dd:23:b7:ac:c5:d5:b7:a1:93:ae:76:61:79:
85:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:27:B5:25:7B:9F:49:95:A1:37:7C:77:2D:D1:CB:E2:F9:34:A8:22
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C3EAAD0C679311F0B6B19F87DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.232.0/22
156.229.248.0-156.229.253.255
156.243.116.0/22
Signature Algorithm: sha256WithRSAEncryption
83:b5:79:de:33:81:3b:3b:91:82:d9:d8:c0:8d:a0:6a:fa:2d:
2c:18:64:00:0d:84:9f:be:45:50:d1:76:68:7a:45:48:03:95:
fc:7d:71:af:de:1f:fc:8f:46:cc:be:27:7c:60:c1:90:28:5e:
cf:fa:fc:99:b0:85:4e:50:52:ac:55:e8:07:b7:b3:4c:b9:76:
90:30:d0:52:55:71:8e:8f:14:e8:28:96:82:fa:35:14:57:13:
04:22:8c:31:89:c5:d1:cf:c4:fd:0b:08:9c:67:07:1e:2e:7e:
6d:13:48:8c:90:02:16:a6:5a:6d:d7:d3:00:1b:8d:4e:4b:22:
ac:ff:f9:21:22:0a:a3:4d:6c:49:ec:26:1f:c2:ab:f8:bc:00:
6f:50:8c:b4:48:16:04:6b:f7:a8:cc:fe:3e:8c:9a:e4:13:c7:
25:11:39:98:ca:25:a5:11:bb:e5:ff:c6:ac:7a:f2:cd:38:17:
63:2c:ad:69:83:d5:3e:65:68:24:97:f7:5e:d0:b7:67:8c:d3:
8d:a8:4c:60:ec:e3:0a:b2:40:e5:f3:e0:0a:ef:68:b9:df:4a:
f5:7e:f4:e5:99:8b:95:a0:61:bc:a8:a5:21:e2:3c:20:c4:e1:
04:1c:0d:45:1a:12:22:04:a9:5b:6a:19:05:52:1d:28:9a:12:
1c:7c:35:64
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAWakMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIzMDcwNzU1WhcNMjUwODIzMDcwNzU1WjAYMRYw
FAYDVQQDEw02ODgwOGE1MC1jYTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArmavyP+j2tmd2OQW18JDPfJXBjXF2XitpEicCztbdC99NyuGkOrif0Y5
T6vxSuE//ClbmROV4T4bLkaSelUj4qjEPcn1SDSfUYxwbLd3Ltj4QLOX+omAi7E6
KSsm0zx8TLh39ApOUTetotBIZUYwQpl//5l1L7Bnbx+6LfjmlQyYy5uwEs9nkCLl
ywfGNsxC1KIdBtt84VpGun18CI8xhnQV1m+o+Md3pn7KWlZgNffn524EaufU7663
EHulnlSzZxEjZvruOVstGcXYZu5H12rUwlDZx1kUbh8Lj9RTiBRuhlF2f7rtbf+O
f69n+EoW9N0jt6zF1behk652YXmFrQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFMcn
tSV7n0mVoTd8dy3Ry+L5NKgiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DM0VBQUQwQzY3OTMxMUYwQjZCMTlGODdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCnOXoMAwDBAOc5fgDBAGc5fwD
BAKc83QwDQYJKoZIhvcNAQELBQADggEBAIO1ed4zgTs7kYLZ2MCNoGr6LSwYZAAN
hJ++RVDRdmh6RUgDlfx9ca/eH/yPRsy+J3xgwZAoXs/6/JmwhU5QUqxV6Ae3s0y5
dpAw0FJVcY6PFOgoloL6NRRXEwQijDGJxdHPxP0LCJxnBx4ufm0TSIyQAhamWm3X
0wAbjU5LIqz/+SEiCqNNbEnsJh/Cq/i8AG9QjLRIFgRr96jM/j6MmuQTxyUROZjK
JaURu+X/xqx68s04F2MsrWmD1T5laCSX917Qt2eM042oTGDs4wqyQOXz4ArvaLnf
SvV+9OWZi5WgYbyopSHiPCDE4QQcDUUaEiIEqVtqGQVSHSiaEhx8NWQ=
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:59:40 2025 by rpki-client