Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/940897E25CCC11F09783BEF1DAE4EC9C.roa
File: 940897E25CCC11F09783BEF1DAE4EC9C.roa (raw, json)
Hash identifier: UbQn00gpm1PxoWrSUNwUYiPZwMOdVlmQLEj5+06Wn7k=
Subject key identifier: 33:CF:07:CD:8C:FC:C8:EC:AE:03:6A:07:6C:2A:4E:0A:FB:CD:06:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0163FA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/940897E25CCC11F09783BEF1DAE4EC9C.roa
Signing time: Wed 09 Jul 2025 13:56:58 +0000
ROA not before: Wed 09 Jul 2025 13:56:53 +0000
ROA not after: Mon 11 Aug 2025 13:56:53 +0000
asID: 214143
IP address blocks: 156.231.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91130 (0x163fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 9 13:56:53 2025 GMT
Not After : Aug 11 13:56:53 2025 GMT
Subject: CN=686e752a-fdc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:30:47:3a:ef:a9:62:6e:2d:4a:7b:46:ea:86:
3c:1d:a2:15:cc:6d:e7:88:95:0c:2e:e6:52:80:1b:
1f:8c:91:48:29:e7:28:fe:3b:86:e1:3d:88:41:c0:
ec:f3:6f:44:24:0d:a8:dd:81:e3:f3:9f:3d:bb:e0:
f6:82:a6:c1:7a:84:4d:19:27:b1:79:8c:c4:bd:16:
c2:6f:85:03:1e:9d:41:33:a1:3a:3c:8a:bc:73:47:
a3:76:b4:2f:1b:24:f5:01:ef:53:e9:33:9d:19:b1:
30:59:0f:8e:dc:41:d3:93:24:0c:da:05:cf:6b:60:
43:6e:a1:41:ca:18:8e:c0:c3:fb:69:4e:b3:e7:0d:
a2:27:9f:b6:81:81:33:36:15:33:ba:93:d7:83:b6:
bf:5b:5c:83:25:80:9d:cf:8c:07:b5:7d:f0:cd:ce:
42:2a:0b:5c:54:b5:85:7f:cb:9c:f1:0f:60:64:cf:
37:70:10:d0:34:85:89:af:55:b2:98:da:67:05:87:
d8:11:43:76:db:23:ff:73:b4:7e:8c:1e:0b:89:cb:
c9:eb:90:9c:7f:36:91:1b:83:4f:94:db:d4:93:52:
ac:5b:0c:a8:da:1b:23:89:88:ad:ec:87:e1:81:7b:
50:62:ae:c4:c3:54:c2:04:a2:d3:69:a6:a5:42:13:
be:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CF:07:CD:8C:FC:C8:EC:AE:03:6A:07:6C:2A:4E:0A:FB:CD:06:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/940897E25CCC11F09783BEF1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.108.0/23
Signature Algorithm: sha256WithRSAEncryption
05:2e:70:7d:c1:98:1a:04:6a:0f:5b:5f:dd:28:fa:2f:d8:77:
fd:cf:b7:e4:49:78:e7:ff:57:c4:86:bf:be:0a:3b:96:19:63:
b3:9e:b1:52:1d:5c:6b:ae:63:e2:41:bf:59:57:1f:05:00:21:
c0:87:85:3d:05:ce:02:db:d2:88:8d:53:f8:78:bc:16:3c:a1:
72:18:b0:f6:88:9d:cb:06:a6:96:4e:32:5a:63:33:c0:ae:cf:
49:ae:95:3a:35:55:16:f5:b2:40:f4:2b:6b:97:fd:1d:0d:b8:
b6:b0:77:6b:35:d0:ba:5f:d6:e9:b7:05:03:8b:13:f5:05:45:
3c:73:c0:a6:91:a2:30:37:07:9a:de:cd:dc:7b:33:71:38:90:
93:1d:1e:2a:bf:ca:54:cd:c9:2a:cd:fd:03:7d:33:ff:7a:74:
fe:7c:69:14:73:b1:11:53:b7:d1:af:55:09:38:30:2c:10:b4:
fe:1c:18:8e:54:23:df:4a:bf:04:5a:8a:c3:85:78:d7:7b:a7:
8f:27:93:a5:9d:1f:e0:f4:fb:f1:c4:45:cb:b2:4c:04:ab:46:
35:60:e7:4d:c4:9e:21:81:b3:83:e3:3c:6e:d0:58:6d:a0:33:
f9:9a:fe:ff:bd:f9:26:47:9f:ba:f1:68:c8:71:06:b8:ab:7c:
80:79:4b:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWP6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA5MTM1NjUzWhcNMjUwODExMTM1NjUzWjAYMRYw
FAYDVQQDEw02ODZlNzUyYS1mZGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmzBHOu+pYm4tSntG6oY8HaIVzG3niJUMLuZSgBsfjJFIKeco/juG4T2I
QcDs829EJA2o3YHj8589u+D2gqbBeoRNGSexeYzEvRbCb4UDHp1BM6E6PIq8c0ej
drQvGyT1Ae9T6TOdGbEwWQ+O3EHTkyQM2gXPa2BDbqFByhiOwMP7aU6z5w2iJ5+2
gYEzNhUzupPXg7a/W1yDJYCdz4wHtX3wzc5CKgtcVLWFf8uc8Q9gZM83cBDQNIWJ
r1WymNpnBYfYEUN22yP/c7R+jB4LicvJ65CcfzaRG4NPlNvUk1KsWwyo2hsjiYit
7IfhgXtQYq7Ew1TCBKLTaaalQhO+MwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDPP
B82M/MjsrgNqB2wqTgr7zQadMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NDA4OTdFMjVDQ0MxMUYwOTc4M0JFRjFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOdsMA0GCSqGSIb3DQEBCwUA
A4IBAQAFLnB9wZgaBGoPW1/dKPov2Hf9z7fkSXjn/1fEhr++CjuWGWOznrFSHVxr
rmPiQb9ZVx8FACHAh4U9Bc4C29KIjVP4eLwWPKFyGLD2iJ3LBqaWTjJaYzPArs9J
rpU6NVUW9bJA9Ctrl/0dDbi2sHdrNdC6X9bptwUDixP1BUU8c8CmkaIwNwea3s3c
ezNxOJCTHR4qv8pUzckqzf0DfTP/enT+fGkUc7ERU7fRr1UJODAsELT+HBiOVCPf
Sr8EWorDhXjXe6ePJ5OlnR/g9PvxxEXLskwEq0Y1YOdNxJ4hgbOD4zxu0FhtoDP5
mv7/vfkmR5+68WjIcQa4q3yAeUti
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:32:43 2025 by rpki-client