Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D20BAA687511F087A814C6DAE4EC9C.roa
File: D9D20BAA687511F087A814C6DAE4EC9C.roa (raw, json)
Hash identifier: UZtPh65yEFCHsrv0w91BoMkPbYReUF4g/91YNyCUb/M=
Subject key identifier: 10:6E:AC:CE:5B:28:67:CF:F4:45:89:C2:76:1B:AE:12:00:92:9F:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01672B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D20BAA687511F087A814C6DAE4EC9C.roa
Signing time: Thu 24 Jul 2025 10:06:23 +0000
ROA not before: Thu 24 Jul 2025 10:06:17 +0000
ROA not after: Thu 28 Aug 2025 10:06:17 +0000
asID: 202656
IP address blocks: 156.246.162.0/24 maxlen: 24
156.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 07 Aug 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91947 (0x1672b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 10:06:17 2025 GMT
Not After : Aug 28 10:06:17 2025 GMT
Subject: CN=6882059f-e8e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bb:4c:60:ee:80:19:f6:22:a6:ab:c4:52:f2:
31:bc:8b:65:55:d5:dd:b2:f2:1c:cd:b5:7c:47:91:
27:0d:d8:da:a5:ad:4a:7e:a8:b2:b1:08:45:00:5c:
c6:40:ff:05:55:45:7c:65:59:cd:57:1f:e3:31:10:
33:02:92:84:ed:c1:25:8f:49:ed:b9:51:95:fe:22:
8b:7b:24:43:52:82:56:cb:a9:83:0f:0a:81:b1:48:
62:cf:8e:21:9b:a7:6b:23:8c:89:67:56:a4:66:02:
22:4e:0a:a5:67:de:66:70:79:64:e3:6e:9e:75:22:
b2:95:2f:70:bd:0a:4f:c6:1f:2f:10:cd:ee:da:45:
82:f5:04:cd:17:7f:f3:d0:30:23:70:d0:6b:88:0b:
fe:05:9c:ac:3d:6d:7f:6a:da:2c:c2:6d:5d:7d:9c:
b6:a8:96:f3:35:e4:2e:5b:e9:73:50:c8:44:5f:2e:
52:4f:ce:b4:93:88:99:2a:aa:50:5f:3a:71:ae:ce:
94:c4:16:20:b6:13:30:96:be:3d:6f:88:e5:ed:30:
a7:66:55:60:d4:cd:fd:28:1e:e0:c8:da:60:eb:64:
4e:2a:59:d3:a9:35:1f:9d:2a:b5:f9:f7:d7:d5:25:
2f:fe:da:c0:64:3d:6a:a1:6c:46:97:42:76:3a:92:
04:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6E:AC:CE:5B:28:67:CF:F4:45:89:C2:76:1B:AE:12:00:92:9F:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9D20BAA687511F087A814C6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.162.0/24
156.246.165.0/24
Signature Algorithm: sha256WithRSAEncryption
27:d3:b2:88:e5:2a:a7:c6:f7:0f:2e:bb:3e:6a:b4:ed:87:8b:
eb:2d:3e:20:e8:b8:97:b3:aa:63:dd:e2:c4:21:da:31:4b:cb:
1b:e7:f3:ed:89:8f:5f:2b:6b:9e:5f:5c:3d:d5:95:6a:39:be:
53:53:60:48:79:0c:aa:0f:76:60:4d:06:fc:d6:87:c4:3a:f1:
8a:ef:43:77:98:60:47:fe:d6:92:c3:5a:71:df:dc:d1:6e:10:
b7:1c:b1:69:a5:2a:73:5d:e5:1b:72:0e:48:54:f2:63:f1:b1:
e0:55:63:03:ee:82:f9:2c:26:9e:6b:60:b0:7c:d9:22:76:f1:
30:18:5c:ef:84:fb:13:fe:ec:97:1d:e7:49:bf:05:3e:9b:3f:
b0:52:d9:c4:9a:b5:62:97:61:bf:e8:c3:c2:ea:70:39:66:c3:
ad:81:61:57:2b:4f:11:2e:4a:4b:2d:69:2a:f5:dd:2b:d5:d9:
14:b0:1a:2d:8d:ac:11:e6:2f:5c:ce:c5:47:9f:9e:52:fd:60:
e4:bb:df:b8:95:82:c4:b9:40:82:48:8b:c9:3a:ff:da:29:af:
05:ce:8a:ae:81:86:bf:71:4c:f0:8d:f8:aa:c2:09:49:a5:dd:
93:be:24:2a:1b:42:10:02:d8:8d:97:2c:68:17:b3:7e:bc:ef:
c2:75:ef:c8
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWcrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI0MTAwNjE3WhcNMjUwODI4MTAwNjE3WjAYMRYw
FAYDVQQDEw02ODgyMDU5Zi1lOGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzbtMYO6AGfYipqvEUvIxvItlVdXdsvIczbV8R5EnDdjapa1KfqiysQhF
AFzGQP8FVUV8ZVnNVx/jMRAzApKE7cElj0ntuVGV/iKLeyRDUoJWy6mDDwqBsUhi
z44hm6drI4yJZ1akZgIiTgqlZ95mcHlk426edSKylS9wvQpPxh8vEM3u2kWC9QTN
F3/z0DAjcNBriAv+BZysPW1/atoswm1dfZy2qJbzNeQuW+lzUMhEXy5ST860k4iZ
KqpQXzpxrs6UxBYgthMwlr49b4jl7TCnZlVg1M39KB7gyNpg62ROKlnTqTUfnSq1
+ffX1SUv/trAZD1qoWxGl0J2OpIEfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBBu
rM5bKGfP9EWJwnYbrhIAkp/rMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOUQyMEJBQTY4NzUxMUYwODdBODE0QzZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnPaiAwQAnPalMA0GCSqGSIb3
DQEBCwUAA4IBAQAn07KI5SqnxvcPLrs+arTth4vrLT4g6LiXs6pj3eLEIdoxS8sb
5/PtiY9fK2ueX1w91ZVqOb5TU2BIeQyqD3ZgTQb81ofEOvGK70N3mGBH/taSw1px
39zRbhC3HLFppSpzXeUbcg5IVPJj8bHgVWMD7oL5LCaea2CwfNkidvEwGFzvhPsT
/uyXHedJvwU+mz+wUtnEmrVil2G/6MPC6nA5ZsOtgWFXK08RLkpLLWkq9d0r1dkU
sBotjawR5i9czsVHn55S/WDku9+4lYLEuUCCSIvJOv/aKa8FzoqugYa/cUzwjfiq
wglJpd2TviQqG0IQAtiNlyxoF7N+vO/Cde/I
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:47:11 2025 by rpki-client