Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AA3098C5A9911F0AA6C9496DAE4EC9C.roa
File: 9AA3098C5A9911F0AA6C9496DAE4EC9C.roa (raw, json)
Hash identifier: AWPjKNB92eygYVtakzZjsCM3pY967knPqz5Spjr1TFM=
Subject key identifier: 69:CD:2B:31:75:E1:B4:BB:D8:C1:39:C8:CD:25:89:54:6C:87:AA:57
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016275
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AA3098C5A9911F0AA6C9496DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 18:47:02 +0000
ROA not before: Sun 06 Jul 2025 18:46:57 +0000
ROA not after: Thu 21 Aug 2025 18:46:57 +0000
asID: 51809
IP address blocks: 156.233.128.0/20 maxlen: 24
156.233.144.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90741 (0x16275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 18:46:57 2025 GMT
Not After : Aug 21 18:46:57 2025 GMT
Subject: CN=686ac4a6-83d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:31:ad:07:7f:7d:a0:0d:8e:dc:7d:be:04:
26:2f:d9:e6:84:80:3c:f1:2c:4d:f8:f2:f7:5b:8f:
36:8a:d8:ef:30:83:19:a3:35:06:61:8c:88:39:c9:
4e:84:29:a1:1e:2f:88:64:18:19:42:bc:1d:76:87:
00:98:6b:d5:72:20:bb:21:14:7e:e9:3a:1f:5f:84:
b1:73:35:00:0e:47:32:e1:ca:ab:0f:4a:e0:41:cb:
f7:59:dd:20:a4:0e:1e:9e:26:39:2c:9a:05:3d:57:
73:a5:32:a6:0f:83:46:1b:50:d4:c2:5c:ce:de:d4:
68:69:45:a1:17:8e:43:7b:51:cf:a3:a5:bf:19:4e:
09:5f:4d:40:08:f6:4b:3c:fc:bd:e5:13:64:8f:77:
2b:89:6a:06:20:58:b9:77:3a:2b:b0:86:2b:5f:94:
dd:83:17:14:be:36:92:4c:2c:99:2c:d5:d6:04:ef:
b6:9f:3b:32:df:07:6d:53:68:98:0d:11:71:c6:53:
e2:fc:23:c2:ab:b7:8e:31:d6:0f:3e:ff:a3:a8:26:
e8:28:94:bb:df:09:3d:75:e8:b6:cd:e7:d0:f2:75:
9a:48:0c:bd:6a:64:a6:ab:96:0d:50:32:bd:15:93:
cd:48:b9:7e:2f:4c:fd:e0:bf:bb:f7:55:51:d5:df:
85:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CD:2B:31:75:E1:B4:BB:D8:C1:39:C8:CD:25:89:54:6C:87:AA:57
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9AA3098C5A9911F0AA6C9496DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.128.0-156.233.151.255
Signature Algorithm: sha256WithRSAEncryption
25:60:cb:51:80:fc:b5:68:9a:c0:e7:e8:1d:4d:c8:a3:7b:ac:
db:61:52:8d:4b:ba:0d:0b:e4:06:ff:f1:3c:01:01:a3:7e:04:
fe:1b:d4:2b:38:a2:0f:c9:f6:f3:41:27:d3:84:61:5b:9f:b0:
48:06:b2:3b:d9:7c:a5:f5:b7:22:b1:17:ca:0e:f2:bf:05:e3:
b8:37:79:fb:f9:8f:74:81:ba:d5:03:13:8e:93:17:31:8d:2a:
98:46:23:45:9a:5b:97:2d:03:af:ab:b3:76:e9:b8:d5:a0:00:
a9:6f:e6:24:b7:ef:04:f4:c6:43:23:70:53:ad:2c:63:ab:9e:
4a:b9:24:44:31:7c:31:19:af:a5:f6:a8:b7:ee:15:d7:53:5e:
a8:2d:30:a1:61:6a:ec:ca:88:28:02:86:22:e8:69:40:37:5c:
b8:a6:76:cb:de:9d:3c:5e:23:ca:12:65:c9:a5:ec:f2:6f:e5:
94:a0:6e:73:67:32:58:25:bb:f5:e1:ae:f2:68:d5:4e:d8:a1:
05:42:94:18:9e:8e:95:30:80:14:c5:03:88:23:75:95:01:15:
42:ef:c4:0c:08:f5:4e:e4:74:a8:29:59:22:e2:8b:f1:c6:b5:
f3:d9:64:0f:70:b6:8c:9b:49:e9:69:9e:8b:93:6d:08:18:89:
52:a7:b0:20
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWJ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MTg0NjU3WhcNMjUwODIxMTg0NjU3WjAYMRYw
FAYDVQQDEw02ODZhYzRhNi04M2Q4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq5oxrQd/faANjtx9vgQmL9nmhIA88SxN+PL3W482itjvMIMZozUGYYyI
OclOhCmhHi+IZBgZQrwddocAmGvVciC7IRR+6TofX4SxczUADkcy4cqrD0rgQcv3
Wd0gpA4eniY5LJoFPVdzpTKmD4NGG1DUwlzO3tRoaUWhF45De1HPo6W/GU4JX01A
CPZLPPy95RNkj3criWoGIFi5dzorsIYrX5TdgxcUvjaSTCyZLNXWBO+2nzsy3wdt
U2iYDRFxxlPi/CPCq7eOMdYPPv+jqCboKJS73wk9dei2zefQ8nWaSAy9amSmq5YN
UDK9FZPNSLl+L0z94L+791VR1d+FOQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGnN
KzF14bS72ME5yM0liVRsh6pXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85QUEzMDk4QzVBOTkxMUYwQUE2Qzk0OTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAec6YADBAOc6ZAwDQYJKoZI
hvcNAQELBQADggEBACVgy1GA/LVomsDn6B1NyKN7rNthUo1Lug0L5Ab/8TwBAaN+
BP4b1Cs4og/J9vNBJ9OEYVufsEgGsjvZfKX1tyKxF8oO8r8F47g3efv5j3SButUD
E46TFzGNKphGI0WaW5ctA6+rs3bpuNWgAKlv5iS37wT0xkMjcFOtLGOrnkq5JEQx
fDEZr6X2qLfuFddTXqgtMKFhauzKiCgChiLoaUA3XLimdsvenTxeI8oSZcml7PJv
5ZSgbnNnMlglu/XhrvJo1U7YoQVClBiejpUwgBTFA4gjdZUBFULvxAwI9U7kdKgp
WSLii/HGtfPZZA9wtoybSelpnouTbQgYiVKnsCA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:37:38 2025 by rpki-client