Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D4EB7AC60A411F0BD985ECBDAE4EC9C.roa
File: 8D4EB7AC60A411F0BD985ECBDAE4EC9C.roa (raw, json)
Hash identifier: QZmCzrL2w0GpFCWPGV2nD7d+2Bvf+R3KQL/nHCDTbL8=
Subject key identifier: A3:1C:C7:78:6D:3D:66:77:E5:D7:21:4B:6D:E4:C6:CE:8C:AF:54:CF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016526
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D4EB7AC60A411F0BD985ECBDAE4EC9C.roa
Signing time: Mon 14 Jul 2025 11:20:31 +0000
ROA not before: Mon 14 Jul 2025 11:20:26 +0000
ROA not after: Wed 03 Sep 2025 11:20:26 +0000
asID: 18013
IP address blocks: 156.234.0.0/24 maxlen: 24
156.234.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91430 (0x16526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 14 11:20:26 2025 GMT
Not After : Sep 3 11:20:26 2025 GMT
Subject: CN=6874e7ff-c443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b8:75:ba:bc:a8:36:40:21:04:04:ea:fa:e4:
5e:42:98:9c:64:e4:47:f5:7d:e5:da:26:87:44:fa:
31:bf:a9:0b:9f:54:23:b5:39:b3:cc:91:76:4d:0f:
ee:8e:f6:a8:c8:12:16:ee:4d:f8:f2:b2:b3:ae:64:
3d:c5:1f:b0:df:81:07:b9:d7:36:ba:df:ef:3e:3b:
63:32:79:db:27:12:ca:ad:cf:f5:fe:8e:75:a3:4b:
e6:ff:07:d7:d2:9f:30:7b:79:92:0c:50:f7:4e:b9:
e8:0c:2c:35:bc:3e:cd:58:9b:bf:cf:6e:b0:1f:0d:
91:83:68:c6:ac:c6:b2:29:92:15:d1:7e:60:34:45:
0e:f6:3c:52:06:ff:7f:ef:db:b0:d8:18:fc:a7:3b:
e2:28:15:7d:56:37:b4:0c:09:57:3e:ed:53:6e:0c:
32:84:72:57:9a:f1:f1:8e:9a:8b:98:6f:84:1a:cd:
a3:12:7a:b3:3d:b6:18:48:77:14:51:47:36:cd:ef:
53:3f:61:d1:2e:3b:e0:a7:53:9c:9d:86:1b:e3:24:
e9:f4:47:72:52:3c:04:5e:f7:37:ec:15:9c:ce:18:
f3:87:4b:12:34:6c:e5:30:f0:11:78:c5:6a:c2:5b:
44:90:71:e3:df:84:fb:e4:11:cf:83:6d:20:e0:a9:
22:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1C:C7:78:6D:3D:66:77:E5:D7:21:4B:6D:E4:C6:CE:8C:AF:54:CF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8D4EB7AC60A411F0BD985ECBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
156.234.7.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:9c:b1:c3:b5:fe:bc:26:09:a8:22:1a:a5:33:98:3a:f8:66:
2d:2c:29:5c:fd:27:1e:d7:03:98:48:e1:be:ad:44:03:4f:cd:
4e:29:a6:d0:92:56:1f:92:8e:9b:44:6e:81:79:ed:15:2d:d1:
9b:d6:3f:e4:85:83:1b:fa:df:88:c3:39:5a:b6:87:04:05:4c:
57:72:67:6a:98:49:44:da:7b:d5:19:4d:70:49:07:ec:84:fd:
0a:a1:28:08:3d:f3:63:86:47:bc:fa:a1:ac:1b:b6:e1:b1:ee:
96:39:2e:78:4b:ed:49:25:27:be:b6:19:d2:8f:9c:f2:94:c7:
38:01:21:38:70:3a:10:0f:f0:2e:b6:2e:12:93:94:c9:c2:f9:
b3:3a:d4:41:ba:a4:02:3e:c0:1c:89:b5:a0:b6:01:b5:e0:81:
87:34:bd:6c:9d:e7:33:b9:44:9b:47:ff:21:3d:58:2c:f4:e1:
96:75:a5:10:6c:57:ee:51:70:f7:52:3e:fc:60:0b:15:7b:fd:
d1:5d:e6:bf:83:01:e5:e1:d0:10:3a:c0:82:73:bb:dd:bf:9d:
35:e4:4c:65:56:f1:46:aa:cf:7c:94:b7:3d:2c:90:53:bd:60:
61:92:26:f3:63:4b:af:fa:cb:00:1c:1e:99:4e:df:ce:bd:30:
45:64:b3:21
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAWUmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE0MTEyMDI2WhcNMjUwOTAzMTEyMDI2WjAYMRYw
FAYDVQQDEw02ODc0ZTdmZi1jNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1bh1uryoNkAhBATq+uReQpicZORH9X3l2iaHRPoxv6kLn1QjtTmzzJF2
TQ/ujvaoyBIW7k348rKzrmQ9xR+w34EHudc2ut/vPjtjMnnbJxLKrc/1/o51o0vm
/wfX0p8we3mSDFD3TrnoDCw1vD7NWJu/z26wHw2Rg2jGrMayKZIV0X5gNEUO9jxS
Bv9/79uw2Bj8pzviKBV9Vje0DAlXPu1TbgwyhHJXmvHxjpqLmG+EGs2jEnqzPbYY
SHcUUUc2ze9TP2HRLjvgp1OcnYYb4yTp9EdyUjwEXvc37BWczhjzh0sSNGzlMPAR
eMVqwltEkHHj34T75BHPg20g4KkiYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKMc
x3htPWZ35dchS23kxs6Mr1TPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RDRFQjdBQzYwQTQxMUYwQkQ5ODVFQ0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOoAAwQAnOoHMA0GCSqGSIb3
DQEBCwUAA4IBAQBanLHDtf68JgmoIhqlM5g6+GYtLClc/Sce1wOYSOG+rUQDT81O
KabQklYfko6bRG6Bee0VLdGb1j/khYMb+t+IwzlatocEBUxXcmdqmElE2nvVGU1w
SQfshP0KoSgIPfNjhke8+qGsG7bhse6WOS54S+1JJSe+thnSj5zylMc4ASE4cDoQ
D/Auti4Sk5TJwvmzOtRBuqQCPsAcibWgtgG14IGHNL1sneczuUSbR/8hPVgs9OGW
daUQbFfuUXD3Uj78YAsVe/3RXea/gwHl4dAQOsCCc7vdv5015ExlVvFGqs98lLc9
LJBTvWBhkibzY0uv+ssAHB6ZTt/OvTBFZLMh
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:56:37 2025 by rpki-client