Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8930FE665D0F11F083B7479FDAE4EC9C.roa
File: 8930FE665D0F11F083B7479FDAE4EC9C.roa (raw, json)
Hash identifier: 0LyzTu3cl8ooe950MKKpt1Bu3KF06Mk1FMnaOF0M66A=
Subject key identifier: CD:CF:34:95:2C:E0:8A:7E:F8:A7:0D:6F:20:F3:84:39:00:30:C2:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016450
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8930FE665D0F11F083B7479FDAE4EC9C.roa
Signing time: Wed 09 Jul 2025 21:56:16 +0000
ROA not before: Wed 09 Jul 2025 21:56:11 +0000
ROA not after: Fri 17 Jul 2026 21:56:11 +0000
asID: 40065
IP address blocks: 156.239.52.0/23 maxlen: 24
156.241.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 23 Jul 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91216 (0x16450)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 21:56:11 2025 GMT
Not After : Jul 17 21:56:11 2026 GMT
Subject: CN=686ee580-a13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b6:dd:05:d4:97:ef:ae:d4:b5:2f:1c:cb:87:
f9:30:d1:77:ba:5f:e6:ac:0e:be:e3:54:b9:0e:2a:
94:a8:26:16:92:b3:3b:d2:dd:3e:cd:7d:b8:0c:c9:
27:65:77:a1:2a:e3:79:d3:eb:44:96:23:ec:85:ea:
26:8e:a3:86:85:c7:f6:3f:f5:02:cf:16:d7:fd:b4:
06:e8:e1:c2:45:5a:ba:44:79:f1:19:50:5b:28:79:
60:f6:20:c3:4d:10:80:cb:02:7f:de:10:8e:70:64:
93:7d:8e:bb:e1:19:69:35:eb:5e:6e:84:e8:79:6d:
0b:31:8c:5a:6d:22:53:7b:2c:3d:ec:38:52:b4:78:
8c:58:15:12:84:88:63:b3:51:77:91:e8:8d:c7:2e:
c6:1a:48:21:6e:82:df:6d:83:e8:11:ed:1e:b9:70:
96:ea:4a:ca:4b:ce:97:44:c9:84:ad:a3:72:1a:e6:
1d:a5:5e:11:40:86:35:5e:66:00:ea:cf:12:14:e8:
9c:1f:ef:14:61:f3:a2:36:dd:37:ef:d9:cc:b3:7b:
ac:5e:51:50:82:4b:21:a0:9d:92:0b:07:eb:fa:61:
94:d2:88:65:16:e0:a1:1f:40:00:29:3a:c4:4b:56:
7d:e7:5c:26:70:3e:ef:6f:94:5b:90:03:9e:bd:c5:
7e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CF:34:95:2C:E0:8A:7E:F8:A7:0D:6F:20:F3:84:39:00:30:C2:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8930FE665D0F11F083B7479FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.52.0/23
156.241.188.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f6:0f:44:0b:71:a4:d9:d9:cb:17:bb:5b:30:1d:e3:23:93:
6e:78:a5:c1:21:13:18:a6:85:97:df:64:ca:b3:d5:dd:1f:ff:
e6:52:ad:03:2a:ca:80:9b:08:c0:e4:f2:3f:0a:e1:81:df:e0:
83:a3:78:69:12:82:17:ec:67:82:70:9e:08:79:3c:3b:4e:32:
40:0d:04:56:e0:d8:9f:ef:3e:ff:e3:1b:51:73:6b:3f:10:f9:
7a:af:8f:d8:18:84:a1:38:55:c4:57:4b:c4:1c:5f:dc:a2:df:
ee:89:e7:e7:ae:f8:5e:49:c6:a9:61:dd:13:5a:b2:70:0b:a1:
2e:21:d1:42:ca:67:05:5c:37:10:98:da:fe:f4:0f:53:58:9c:
22:14:c3:28:49:d4:b9:87:5e:f1:89:b5:75:98:5c:c8:06:e5:
b4:d8:a7:ef:a1:de:8c:7d:94:34:57:9f:a0:9d:e9:8f:c0:91:
de:61:50:87:a8:30:2a:4e:34:48:8a:d1:a3:66:82:ca:18:cf:
45:a2:ac:7d:59:97:71:20:57:47:db:18:ff:90:98:61:5d:d3:
8e:d8:4c:04:4c:9c:f0:51:23:24:2a:93:6c:80:dc:2b:82:b2:
e0:30:71:b6:f4:f2:b8:b3:12:e0:d2:fd:4a:a0:28:4f:af:37:
7d:7f:15:5f
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWRQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MjE1NjExWhcNMjYwNzE3MjE1NjExWjAYMRYw
FAYDVQQDEw02ODZlZTU4MC1hMTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7bbdBdSX767UtS8cy4f5MNF3ul/mrA6+41S5DiqUqCYWkrM70t0+zX24
DMknZXehKuN50+tEliPsheomjqOGhcf2P/UCzxbX/bQG6OHCRVq6RHnxGVBbKHlg
9iDDTRCAywJ/3hCOcGSTfY674RlpNeteboToeW0LMYxabSJTeyw97DhStHiMWBUS
hIhjs1F3keiNxy7GGkghboLfbYPoEe0euXCW6krKS86XRMmEraNyGuYdpV4RQIY1
XmYA6s8SFOicH+8UYfOiNt0379nMs3usXlFQgkshoJ2SCwfr+mGU0ohlFuChH0AA
KTrES1Z951wmcD7vb5RbkAOevcV+nwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM3P
NJUs4Ip++KcNbyDzhDkAMML6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OTMwRkU2NjVEMEYxMUYwODNCNzQ3OUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnO80AwQAnPG8MA0GCSqGSIb3
DQEBCwUAA4IBAQBG9g9EC3Gk2dnLF7tbMB3jI5NueKXBIRMYpoWX32TKs9XdH//m
Uq0DKsqAmwjA5PI/CuGB3+CDo3hpEoIX7GeCcJ4IeTw7TjJADQRW4Nif7z7/4xtR
c2s/EPl6r4/YGIShOFXEV0vEHF/cot/uiefnrvheScapYd0TWrJwC6EuIdFCymcF
XDcQmNr+9A9TWJwiFMMoSdS5h17xibV1mFzIBuW02Kfvod6MfZQ0V5+gnemPwJHe
YVCHqDAqTjRIitGjZoLKGM9Foqx9WZdxIFdH2xj/kJhhXdOO2EwETJzwUSMkKpNs
gNwrgrLgMHG29PK4sxLg0v1KoChPrzd9fxVf
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:31:17 2025 by rpki-client