Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F578D6F66F9411F0A08A02A5DAE4EC9C.roa
File: F578D6F66F9411F0A08A02A5DAE4EC9C.roa (raw, json)
Hash identifier: kcH2VHkh5MuOgUTzsGnH3pLF8X2HIcRjikWFLPvagOU=
Subject key identifier: 8E:10:3C:59:6B:68:9D:1A:AD:09:7A:AD:07:44:FD:11:64:69:3E:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016876
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F578D6F66F9411F0A08A02A5DAE4EC9C.roa
Signing time: Sat 02 Aug 2025 11:36:42 +0000
ROA not before: Sat 02 Aug 2025 11:36:36 +0000
ROA not after: Sat 06 Sep 2025 11:36:36 +0000
asID: 141883
IP address blocks: 156.240.0.0/19 maxlen: 24
156.240.32.0/20 maxlen: 24
156.240.48.0/21 maxlen: 24
156.242.10.0/23 maxlen: 24
156.242.12.0/22 maxlen: 24
156.246.0.0/20 maxlen: 24
156.246.16.0/23 maxlen: 24
156.249.28.0/22 maxlen: 24
156.255.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 11 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92278 (0x16876)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 2 11:36:36 2025 GMT
Not After : Sep 6 11:36:36 2025 GMT
Subject: CN=688df849-fe4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:63:6f:81:d8:c0:01:0f:5f:d6:b2:43:7a:cd:
8d:71:d3:8e:e7:08:98:27:9c:3e:ae:4d:75:aa:ff:
de:9f:a5:78:24:ce:51:21:81:78:98:ad:2a:5f:f2:
cb:88:80:76:e0:28:28:60:c6:fb:d4:31:01:25:c2:
2b:5b:80:d6:06:68:f9:bf:4b:2b:e2:d3:68:c7:39:
38:e9:91:ab:2e:b9:1e:e9:e7:36:9f:2b:27:f1:34:
81:db:11:fe:9c:b7:db:c8:2e:25:52:02:d8:f3:85:
ca:10:03:dc:5e:7a:ca:f6:9c:e4:b1:e1:31:cc:f0:
3d:e1:11:01:54:d5:2c:cc:bd:1b:88:1e:f8:7f:b0:
5c:be:df:68:ff:9c:67:15:24:b5:0e:cd:53:9a:69:
e4:93:ba:c0:5d:51:fd:e7:6c:4d:1c:b5:5a:ef:41:
31:26:6f:ab:df:c7:c6:96:81:28:0d:7b:de:a4:0f:
14:33:0f:c7:84:c4:9a:53:dd:57:9e:84:05:98:2d:
2f:79:b4:b4:ed:7f:0f:a1:a1:d4:92:a9:55:91:9d:
d4:4b:1c:df:6e:d4:1b:7a:cc:e9:02:52:b8:6b:ac:
fb:c6:aa:35:16:f4:3e:92:61:07:95:73:27:6f:8c:
2c:5d:77:e2:bf:b3:d8:fa:27:01:86:8d:5e:6f:5b:
9e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:10:3C:59:6B:68:9D:1A:AD:09:7A:AD:07:44:FD:11:64:69:3E:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F578D6F66F9411F0A08A02A5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.0.0-156.240.55.255
156.242.10.0-156.242.15.255
156.246.0.0-156.246.17.255
156.249.28.0/22
156.255.0.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:04:e2:5c:17:c7:60:79:19:3b:f2:df:f9:ba:4d:9d:13:b9:
68:73:18:fa:52:99:17:30:de:66:76:c6:88:c1:e6:d0:f7:42:
5c:4b:27:6c:17:5f:fa:67:7b:32:43:31:b6:f7:f7:4c:02:91:
07:8f:b2:9a:34:c7:f5:04:7e:97:87:7c:26:ca:19:3c:91:01:
7a:ba:8b:c7:c1:91:d2:de:c8:36:71:2a:19:08:46:b1:dc:ea:
bf:56:07:88:59:62:0a:bb:c7:8c:ee:10:76:9f:59:2b:bc:25:
8a:b9:c1:b5:f7:f6:0e:18:a0:98:db:3f:07:ac:69:12:f3:93:
9a:f2:f0:e4:d2:64:5e:ef:fa:7b:7c:5b:34:23:94:9f:ab:62:
7d:e8:0e:f6:b4:0d:f1:55:c6:ab:ef:5b:36:c8:18:33:55:5f:
9f:6f:e8:3f:89:2d:06:78:c5:5a:e4:fa:4b:c2:2d:04:60:01:
ed:db:e4:c1:7e:c8:22:3a:27:d8:95:32:72:7f:8d:23:ae:fa:
b1:83:1b:bb:70:1b:68:99:f4:eb:5e:4f:b2:df:81:73:f6:0b:
50:2c:9d:9c:4a:19:18:bc:46:c7:0a:bf:67:32:90:d2:cc:cf:
f6:d1:ff:22:32:4d:c5:9c:dc:d5:9b:b3:8e:09:14:40:28:94:
4c:b0:4f:31
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIDAWh2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODAyMTEzNjM2WhcNMjUwOTA2MTEzNjM2WjAYMRYw
FAYDVQQDEw02ODhkZjg0OS1mZTRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6GNvgdjAAQ9f1rJDes2NcdOO5wiYJ5w+rk11qv/en6V4JM5RIYF4mK0q
X/LLiIB24CgoYMb71DEBJcIrW4DWBmj5v0sr4tNoxzk46ZGrLrke6ec2nysn8TSB
2xH+nLfbyC4lUgLY84XKEAPcXnrK9pzkseExzPA94REBVNUszL0biB74f7Bcvt9o
/5xnFSS1Ds1Tmmnkk7rAXVH952xNHLVa70ExJm+r38fGloEoDXvepA8UMw/HhMSa
U91XnoQFmC0vebS07X8PoaHUkqlVkZ3USxzfbtQbeszpAlK4a6z7xqo1FvQ+kmEH
lXMnb4wsXXfiv7PY+icBho1eb1ue0wIDAQABo4IC0DCCAswwHQYDVR0OBBYEFI4Q
PFlraJ0arQl6rQdE/RFkaT4PMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNTc4RDZGNjZGOTQxMUYwQTA4QTAyQTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
ME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAsDAwSc8AMEA5zwMDAMAwQBnPIK
AwQEnPIAMAsDAwGc9gMEAZz2EAMEApz5HAMEAJz/ADANBgkqhkiG9w0BAQsFAAOC
AQEAPwTiXBfHYHkZO/Lf+bpNnRO5aHMY+lKZFzDeZnbGiMHm0PdCXEsnbBdf+md7
MkMxtvf3TAKRB4+ymjTH9QR+l4d8JsoZPJEBerqLx8GR0t7INnEqGQhGsdzqv1YH
iFliCrvHjO4Qdp9ZK7wlirnBtff2DhigmNs/B6xpEvOTmvLw5NJkXu/6e3xbNCOU
n6tifegO9rQN8VXGq+9bNsgYM1Vfn2/oP4ktBnjFWuT6S8ItBGAB7dvkwX7IIjon
2JUycn+NI676sYMbu3AbaJn0615Pst+Bc/YLUCydnEoZGLxGxwq/ZzKQ0szP9tH/
IjJNxZzc1ZuzjgkUQCiUTLBPMQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:29:47 2025 by rpki-client