Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A6CE53C5D7411F0B1DD43BFDAE4EC9C.roa
File: 8A6CE53C5D7411F0B1DD43BFDAE4EC9C.roa (raw, json)
Hash identifier: GecUZreZgrAvDF3a1KvZcsJBejra6//FduQy+6Ophv4=
Subject key identifier: DD:AF:D6:66:58:B4:F2:B5:9F:DC:88:D1:EE:00:FB:02:3E:C7:AA:D5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016469
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A6CE53C5D7411F0B1DD43BFDAE4EC9C.roa
Signing time: Thu 10 Jul 2025 09:59:17 +0000
ROA not before: Thu 10 Jul 2025 09:59:12 +0000
ROA not after: Tue 18 Aug 2026 09:59:12 +0000
asID: 142132
IP address blocks: 156.230.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91241 (0x16469)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 10 09:59:12 2025 GMT
Not After : Aug 18 09:59:12 2026 GMT
Subject: CN=686f8ef5-8489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8e:e5:a6:89:92:2d:20:bb:21:78:4d:a2:7f:
d5:7e:2c:4e:8a:04:12:c3:bf:23:02:79:33:7c:a8:
12:1c:9a:e1:fb:65:21:8f:ed:a4:9f:89:3c:50:c9:
2d:36:04:ac:88:9a:a5:bb:42:72:5e:08:f4:44:a7:
b6:ff:82:65:f2:62:fc:6c:53:e2:82:35:74:1a:1e:
2b:2f:2d:90:dc:cb:ed:fc:9f:6f:a0:b2:48:6e:39:
38:d1:84:1f:63:44:eb:3d:2c:16:b9:99:ed:7b:16:
ba:ff:5d:67:6e:42:3f:2c:56:c8:c7:5e:24:f5:d8:
d9:ff:13:14:6c:34:55:38:b7:12:54:86:7c:4c:9b:
31:45:21:e2:89:9c:b9:6a:9f:b6:24:03:1f:35:7c:
6f:5b:3f:82:1a:d2:4d:d1:bb:7e:2d:4d:f6:26:8a:
ca:5b:6c:7b:78:b1:32:94:6b:d3:24:49:3e:f3:30:
19:8f:81:ff:b9:26:4b:66:c8:1d:47:3f:cd:d5:f2:
4a:90:6d:ae:50:4d:6e:f8:b8:39:53:6f:79:a2:58:
dd:31:5e:b8:5f:95:3a:57:03:d7:54:11:61:56:24:
37:83:86:33:23:c5:a8:c5:0f:43:86:cd:07:ea:66:
e7:38:84:57:53:53:49:f5:22:be:bd:2a:01:f5:22:
82:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AF:D6:66:58:B4:F2:B5:9F:DC:88:D1:EE:00:FB:02:3E:C7:AA:D5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8A6CE53C5D7411F0B1DD43BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.11.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:12:0c:02:37:d6:7e:eb:54:ad:4d:3d:d0:a0:6a:61:3c:1d:
55:0b:9e:cc:08:85:ba:d0:2e:42:8c:70:43:cc:91:ac:4f:34:
ca:d1:62:61:49:5b:7a:e3:73:79:d5:60:66:23:a6:27:e7:6f:
1f:86:29:46:65:67:78:b6:1f:c1:30:fe:f6:fb:59:ab:b7:79:
82:44:36:2f:13:db:57:9b:4e:a3:fc:6b:10:46:94:ce:c3:53:
92:46:8f:52:27:ab:8c:c5:a5:09:51:b7:2b:78:ef:52:ad:35:
3a:4f:ec:38:a1:4f:20:1d:e6:b0:0f:6b:12:6d:b1:db:28:c7:
05:44:8c:92:44:6e:fd:9d:2a:a9:ea:74:93:74:cd:32:e5:83:
b7:18:5c:ac:f5:9f:db:98:3f:c5:6e:8a:c6:2f:24:59:56:1a:
20:58:a0:7c:a6:2b:46:a5:0b:9c:23:29:57:c0:18:22:de:ce:
da:0a:33:0d:6d:ee:ba:e8:32:cb:b2:91:52:90:fe:dd:ce:1e:
19:51:77:ac:1c:f4:d3:7d:e7:99:37:3c:2f:ec:6d:e3:56:d2:
7b:cb:50:24:7d:c7:ad:a9:2e:a6:e0:a5:9c:b5:98:d6:13:3e:
88:e0:be:d9:eb:66:4b:1d:30:fc:87:a6:d3:70:f4:1d:f8:a0:
8f:ff:d2:81
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWRpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzEwMDk1OTEyWhcNMjYwODE4MDk1OTEyWjAYMRYw
FAYDVQQDEw02ODZmOGVmNS04NDg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz47lpomSLSC7IXhNon/VfixOigQSw78jAnkzfKgSHJrh+2Uhj+2kn4k8
UMktNgSsiJqlu0JyXgj0RKe2/4Jl8mL8bFPigjV0Gh4rLy2Q3Mvt/J9voLJIbjk4
0YQfY0TrPSwWuZntexa6/11nbkI/LFbIx14k9djZ/xMUbDRVOLcSVIZ8TJsxRSHi
iZy5ap+2JAMfNXxvWz+CGtJN0bt+LU32JorKW2x7eLEylGvTJEk+8zAZj4H/uSZL
ZsgdRz/N1fJKkG2uUE1u+Lg5U295oljdMV64X5U6VwPXVBFhViQ3g4YzI8WoxQ9D
hs0H6mbnOIRXU1NJ9SK+vSoB9SKCnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN2v
1mZYtPK1n9yI0e4A+wI+x6rVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QTZDRTUzQzVENzQxMUYwQjFERDQzQkZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOYLMA0GCSqGSIb3DQEBCwUA
A4IBAQChEgwCN9Z+61StTT3QoGphPB1VC57MCIW60C5CjHBDzJGsTzTK0WJhSVt6
43N51WBmI6Yn528fhilGZWd4th/BMP72+1mrt3mCRDYvE9tXm06j/GsQRpTOw1OS
Ro9SJ6uMxaUJUbcreO9SrTU6T+w4oU8gHeawD2sSbbHbKMcFRIySRG79nSqp6nST
dM0y5YO3GFys9Z/bmD/FborGLyRZVhogWKB8pitGpQucIylXwBgi3s7aCjMNbe66
6DLLspFSkP7dzh4ZUXesHPTTfeeZNzwv7G3jVtJ7y1AkfcetqS6m4KWctZjWEz6I
4L7Z62ZLHTD8h6bTcPQd+KCP/9KB
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:40:15 2025 by rpki-client