Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B72C8E85CC711F090B6CFCDDAE4EC9C.roa
File: 1B72C8E85CC711F090B6CFCDDAE4EC9C.roa (raw, json)
Hash identifier: zz9JYpYRQuvpQd1rlwcKyY1lV4T96jIHwQV6KyBAWtM=
Subject key identifier: A3:EA:E7:B6:96:02:A2:5F:CF:A7:D4:E3:7D:B4:BA:6B:CF:6C:1B:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0163F2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B72C8E85CC711F090B6CFCDDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 13:17:48 +0000
ROA not before: Wed 09 Jul 2025 13:17:43 +0000
ROA not after: Sun 10 Aug 2025 13:17:43 +0000
asID: 137899
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91122 (0x163f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 13:17:43 2025 GMT
Not After : Aug 10 13:17:43 2025 GMT
Subject: CN=686e6bfc-4dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:03:30:5b:e2:4e:47:ae:00:64:2e:e8:21:bd:
28:25:d0:1b:ff:2d:93:f0:1e:3b:f4:7d:c5:93:0d:
fc:d4:5d:41:c2:c1:44:b0:d4:ba:31:08:71:75:14:
dd:87:dc:33:4b:93:aa:a1:c3:0a:ba:6f:3d:51:ff:
8b:65:71:71:89:4f:4b:3b:87:e4:f4:06:95:0d:91:
64:e2:5d:94:7f:1f:7a:15:e9:26:d1:75:a1:79:93:
e6:4d:09:69:d8:3c:01:25:b4:48:5d:61:6a:ce:a9:
2c:ad:d1:45:2e:c5:9a:79:b3:41:0c:1c:3a:cf:37:
50:31:be:cd:93:f6:8f:ee:9e:5a:3e:85:b5:31:6e:
ba:1c:99:40:3c:61:95:83:3a:b9:df:61:09:9e:c0:
e0:3e:d4:41:1b:90:ae:44:0f:59:20:e5:10:7d:94:
80:36:ec:bb:ef:8f:bc:6a:d9:3a:14:f1:40:c4:11:
e6:4d:16:69:af:31:62:cc:ae:f2:71:7c:a9:7f:c0:
54:9c:11:1a:33:76:f4:98:6e:9c:74:4d:6e:f5:1b:
cc:fc:bb:3c:19:dd:8a:8f:82:32:7d:41:f6:21:7b:
80:bc:0b:5d:94:44:ae:4c:ca:70:9b:d4:00:a6:e2:
57:5a:d2:cc:ae:2b:c3:08:42:72:23:60:78:51:87:
16:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EA:E7:B6:96:02:A2:5F:CF:A7:D4:E3:7D:B4:BA:6B:CF:6C:1B:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B72C8E85CC711F090B6CFCDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
74:c3:89:05:2a:4f:3c:fd:b8:6c:82:00:94:60:a3:ff:9c:6d:
22:ca:e9:8e:53:2c:62:0d:dc:ca:f1:16:d8:a0:f7:54:80:62:
1a:2f:b9:86:b1:83:27:14:a6:c5:91:bb:7b:8f:b4:35:84:a7:
93:c9:7b:08:18:1a:33:28:ae:40:76:d5:55:54:68:1b:45:d9:
b1:9e:bd:4a:53:9d:f6:87:c3:5e:67:05:29:1c:3c:fc:3d:43:
5b:b2:9a:df:ce:cd:35:49:e9:03:7e:b4:a3:42:cd:43:ae:cd:
11:7f:c5:63:fd:2e:f3:67:c4:b1:7b:87:b7:6c:ab:64:5e:19:
19:77:b3:00:a7:0c:3c:68:30:9f:7d:65:f3:c9:0e:f1:a2:f0:
9a:9e:f1:97:b6:58:1e:6a:18:ba:11:86:f3:a7:65:c4:67:11:
b2:4d:db:3c:c9:7d:99:60:4a:a4:b9:e4:64:68:65:41:21:ee:
67:d5:91:3f:1a:ec:7d:46:f1:a2:c6:28:8c:0e:96:84:bb:34:
66:4a:cc:0b:3c:1f:05:b5:9e:44:c6:80:04:71:73:34:e3:5c:
78:e8:b9:a4:fd:3d:73:cb:12:68:78:e7:8b:f6:af:62:02:65:
f6:2e:46:f9:91:c4:e7:04:9d:39:5d:5f:67:1e:74:7d:7e:20:
3f:91:38:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWPyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTMxNzQzWhcNMjUwODEwMTMxNzQzWjAYMRYw
FAYDVQQDEw02ODZlNmJmYy00ZGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuAMwW+JOR64AZC7oIb0oJdAb/y2T8B479H3Fkw381F1BwsFEsNS6MQhx
dRTdh9wzS5OqocMKum89Uf+LZXFxiU9LO4fk9AaVDZFk4l2Ufx96Fekm0XWheZPm
TQlp2DwBJbRIXWFqzqksrdFFLsWaebNBDBw6zzdQMb7Nk/aP7p5aPoW1MW66HJlA
PGGVgzq532EJnsDgPtRBG5CuRA9ZIOUQfZSANuy774+8atk6FPFAxBHmTRZprzFi
zK7ycXypf8BUnBEaM3b0mG6cdE1u9RvM/Ls8Gd2Kj4IyfUH2IXuAvAtdlESuTMpw
m9QApuJXWtLMrivDCEJyI2B4UYcW8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKPq
57aWAqJfz6fU4320umvPbBtjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjcyQzhFODVDQzcxMUYwOTBCNkNGQ0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQB0w4kFKk88/bhsggCUYKP/nG0iyumOUyxiDdzK8RbYoPdUgGIaL7mGsYMn
FKbFkbt7j7Q1hKeTyXsIGBozKK5AdtVVVGgbRdmxnr1KU532h8NeZwUpHDz8PUNb
sprfzs01SekDfrSjQs1Drs0Rf8Vj/S7zZ8Sxe4e3bKtkXhkZd7MApww8aDCffWXz
yQ7xovCanvGXtlgeahi6EYbzp2XEZxGyTds8yX2ZYEqkueRkaGVBIe5n1ZE/Gux9
RvGixiiMDpaEuzRmSswLPB8FtZ5ExoAEcXM041x46Lmk/T1zyxJoeOeL9q9iAmX2
Lkb5kcTnBJ05XV9nHnR9fiA/kTiI
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:33:17 2025 by rpki-client