Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8DB3CDC66F211F0B3F2E2EADAE4EC9C.roa
File: D8DB3CDC66F211F0B3F2E2EADAE4EC9C.roa (raw, json)
Hash identifier: ZixV97snFjxSwi/JnotFyiKdYNsPm/vkuXMUn+jYE6Q=
Subject key identifier: 13:EB:CD:2A:90:00:56:31:B1:7D:98:2E:66:26:AD:35:B4:FC:94:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01669F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8DB3CDC66F211F0B3F2E2EADAE4EC9C.roa
Signing time: Tue 22 Jul 2025 11:56:06 +0000
ROA not before: Tue 22 Jul 2025 11:56:00 +0000
ROA not after: Wed 16 Sep 2026 11:56:00 +0000
asID: 63199
IP address blocks: 156.227.240.0/24 maxlen: 24
156.227.241.0/24 maxlen: 24
156.227.242.0/24 maxlen: 24
156.227.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91807 (0x1669f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 22 11:56:00 2025 GMT
Not After : Sep 16 11:56:00 2026 GMT
Subject: CN=687f7c56-eedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:97:e9:e3:2a:82:b3:00:8a:b1:31:44:54:58:
71:ba:52:bd:41:fa:0e:81:b2:40:68:ec:e6:49:ea:
ba:e3:10:e3:67:84:01:bd:d0:81:fa:c5:b7:58:1c:
27:b7:da:dc:4f:16:3b:50:2c:43:95:bf:d2:d4:1c:
df:e6:14:39:87:41:72:2a:c1:b4:4e:62:53:2a:bf:
d6:ff:7e:32:52:70:99:ba:0c:72:cf:2b:fa:18:9b:
5a:87:3f:66:87:9e:a9:0e:0f:05:86:be:58:bc:75:
d0:24:71:de:3d:a3:a0:02:9b:87:d6:61:02:fe:b1:
ae:04:57:4f:5b:82:94:40:20:c3:a6:61:fe:82:81:
a4:be:fa:e1:8a:fb:bb:94:75:a1:96:58:20:fb:be:
ed:39:00:b0:ad:d9:87:81:72:74:cb:e6:f9:a7:54:
8c:d2:49:f3:fc:8a:b2:d8:6b:48:bb:06:e3:7e:98:
83:88:d7:06:49:f9:62:0f:54:8a:07:2c:fc:e0:e8:
ff:3d:23:d8:5c:cb:53:ad:b0:59:d5:a0:7c:42:52:
4e:b4:ff:14:2a:da:c9:ad:86:2c:5c:c5:84:17:1f:
38:75:ef:d5:c9:1e:5a:f1:29:b2:fc:e6:3f:e9:ba:
0b:35:d0:68:1c:d1:87:3f:02:c8:e7:20:aa:2a:21:
9a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EB:CD:2A:90:00:56:31:B1:7D:98:2E:66:26:AD:35:B4:FC:94:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D8DB3CDC66F211F0B3F2E2EADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.240.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:75:d1:f5:9f:53:00:b6:25:cf:58:a1:09:13:d5:7e:6d:21:
9d:df:d2:8b:ae:6d:91:7b:9d:0c:04:3f:32:d5:68:78:49:71:
2c:a1:8c:60:df:dd:50:d8:ab:53:c5:10:23:72:34:ed:e1:a5:
b5:6a:5a:09:05:f3:91:25:fa:10:2e:7a:1c:d5:7d:a3:5a:c9:
c2:f8:4e:99:4f:ce:be:a8:73:a9:b6:93:ee:aa:5b:16:95:8f:
b7:4a:72:de:64:89:00:0d:f0:e8:3a:00:c9:ed:f1:43:57:43:
28:3b:99:00:34:a7:dc:d7:b1:64:9e:5d:71:b9:bd:ad:da:3e:
1c:de:cf:ea:5d:9f:45:26:10:de:73:62:9d:7f:66:f6:08:61:
c5:44:06:88:35:4b:4d:2c:aa:ed:e6:b5:57:40:f7:24:d5:cd:
f0:18:95:ce:e9:79:74:94:84:66:1d:3f:53:76:b9:ac:fb:bf:
8c:34:ce:f4:21:e5:4a:78:b2:56:82:22:2d:fc:2e:fc:b1:78:
b3:08:23:8b:dc:58:ac:e6:58:cb:de:c6:5a:6b:31:f4:23:64:
4c:91:15:01:9e:55:0a:98:62:fa:53:64:a8:2b:8e:b5:15:63:
68:3f:22:2d:3a:b2:d5:b8:10:37:b3:b0:72:4f:c0:7c:9a:79:
b4:53:d9:10
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWafMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIyMTE1NjAwWhcNMjYwOTE2MTE1NjAwWjAYMRYw
FAYDVQQDEw02ODdmN2M1Ni1lZWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr5fp4yqCswCKsTFEVFhxulK9QfoOgbJAaOzmSeq64xDjZ4QBvdCB+sW3
WBwnt9rcTxY7UCxDlb/S1Bzf5hQ5h0FyKsG0TmJTKr/W/34yUnCZugxyzyv6GJta
hz9mh56pDg8Fhr5YvHXQJHHePaOgApuH1mEC/rGuBFdPW4KUQCDDpmH+goGkvvrh
ivu7lHWhllgg+77tOQCwrdmHgXJ0y+b5p1SM0knz/Iqy2GtIuwbjfpiDiNcGSfli
D1SKByz84Oj/PSPYXMtTrbBZ1aB8QlJOtP8UKtrJrYYsXMWEFx84de/VyR5a8Smy
/OY/6boLNdBoHNGHPwLI5yCqKiGakwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBPr
zSqQAFYxsX2YLmYmrTW0/JRBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOERCM0NEQzY2RjIxMUYwQjNGMkUyRUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOPwMA0GCSqGSIb3DQEBCwUA
A4IBAQBMddH1n1MAtiXPWKEJE9V+bSGd39KLrm2Re50MBD8y1Wh4SXEsoYxg391Q
2KtTxRAjcjTt4aW1aloJBfORJfoQLnoc1X2jWsnC+E6ZT86+qHOptpPuqlsWlY+3
SnLeZIkADfDoOgDJ7fFDV0MoO5kANKfc17Fknl1xub2t2j4c3s/qXZ9FJhDec2Kd
f2b2CGHFRAaINUtNLKrt5rVXQPck1c3wGJXO6Xl0lIRmHT9Tdrms+7+MNM70IeVK
eLJWgiIt/C78sXizCCOL3Fis5ljL3sZaazH0I2RMkRUBnlUKmGL6U2SoK461FWNo
PyItOrLVuBA3s7ByT8B8mnm0U9kQ
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:25:34 2025 by rpki-client