Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D522C9658B711F09F47BCDEDAE4EC9C.roa
File: 9D522C9658B711F09F47BCDEDAE4EC9C.roa (raw, json)
Hash identifier: e6DUx0r8VFIMxk8J33AFc3ds/pJfD9/D6xMmISxXgLg=
Subject key identifier: 6F:54:ED:90:8C:4C:A9:82:1E:1C:5C:EC:66:3B:0C:3D:AA:51:A5:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0160B7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D522C9658B711F09F47BCDEDAE4EC9C.roa
Signing time: Fri 04 Jul 2025 09:16:49 +0000
ROA not before: Fri 04 Jul 2025 09:16:44 +0000
ROA not after: Fri 25 Jul 2025 09:16:44 +0000
asID: 203020
IP address blocks: 156.229.240.0/22 maxlen: 24
156.238.184.0/22 maxlen: 24
156.241.8.0/21 maxlen: 24
156.241.44.0/22 maxlen: 24
156.243.40.0/21 maxlen: 24
156.243.120.0/21 maxlen: 24
156.243.152.0/22 maxlen: 24
156.243.208.0/21 maxlen: 24
156.243.236.0/22 maxlen: 24
156.244.192.0/21 maxlen: 24
156.244.200.0/22 maxlen: 24
156.244.212.0/22 maxlen: 24
156.244.216.0/21 maxlen: 24
156.248.16.0/22 maxlen: 24
156.248.96.0/22 maxlen: 24
156.249.68.0/22 maxlen: 24
156.249.72.0/21 maxlen: 24
156.249.84.0/22 maxlen: 24
156.249.88.0/21 maxlen: 24
156.249.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90295 (0x160b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 09:16:44 2025 GMT
Not After : Jul 25 09:16:44 2025 GMT
Subject: CN=68679c01-2520
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8c:fd:2a:b6:dc:4f:48:09:6d:22:fb:d2:4c:
2d:a8:03:c0:90:6e:74:c8:a6:15:90:27:43:3a:a0:
e5:aa:22:67:4f:1d:1d:a1:9e:c1:f8:44:f8:f3:8a:
43:e8:37:42:97:61:0d:af:9d:d0:c0:1d:f2:47:8a:
f7:04:21:96:72:81:e8:72:a7:f0:7a:c2:c3:56:00:
88:7b:9e:fc:f5:d5:51:68:d3:82:c6:a5:0f:88:f2:
06:40:ba:e0:b0:7a:6a:d5:a5:c3:4a:19:34:fa:ea:
e6:b4:24:3c:28:23:10:d1:e3:54:01:69:41:f6:99:
9e:79:d7:18:0e:87:a1:13:d9:44:86:10:a1:2b:70:
a9:3f:18:c2:a6:56:a1:e7:9d:6a:7d:fb:ef:0c:38:
f9:04:d8:09:b0:44:c9:23:92:fd:bd:5d:66:1b:38:
7b:21:bd:21:8c:a3:d3:40:c9:c8:44:06:6b:e4:1a:
6c:3a:35:42:40:6c:fb:ec:5c:b6:40:24:5a:51:98:
ab:f5:e6:92:7e:59:f1:e9:06:86:9c:93:c2:7b:ac:
5c:13:06:90:33:27:6f:da:03:91:a9:4c:7a:21:46:
c9:a1:b9:b8:e0:22:25:e6:f6:f0:9c:68:00:ab:4a:
1b:2c:35:d1:1e:30:3d:8b:3b:fd:e1:ab:2f:71:22:
a1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:54:ED:90:8C:4C:A9:82:1E:1C:5C:EC:66:3B:0C:3D:AA:51:A5:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D522C9658B711F09F47BCDEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.240.0/22
156.238.184.0/22
156.241.8.0/21
156.241.44.0/22
156.243.40.0/21
156.243.120.0/21
156.243.152.0/22
156.243.208.0/21
156.243.236.0/22
156.244.192.0-156.244.203.255
156.244.212.0-156.244.223.255
156.248.16.0/22
156.248.96.0/22
156.249.68.0-156.249.79.255
156.249.84.0-156.249.95.255
156.249.116.0/22
Signature Algorithm: sha256WithRSAEncryption
38:f9:f1:cf:0d:2c:b3:91:5e:34:47:56:37:13:c9:5b:f5:70:
43:8b:33:45:cd:ae:f2:9a:65:86:5b:43:6a:85:c5:f2:02:93:
c5:22:42:6c:bc:db:71:ae:e6:98:d2:89:f3:9d:93:f3:e0:79:
2b:3f:24:34:fa:db:d5:74:92:eb:9c:b0:e2:a4:a6:b9:43:e4:
1e:68:75:f0:6b:66:36:f8:cd:17:ec:0f:ca:43:3f:40:76:a8:
cb:3f:2f:44:66:cb:4c:9f:69:a8:9d:b3:2c:85:93:9c:f6:27:
f4:27:6e:17:6a:09:cb:43:56:16:4e:a7:ff:c5:85:c1:02:d0:
ed:fe:be:35:f6:e6:8d:ef:ef:20:1a:88:3f:c4:f3:41:e4:07:
33:eb:37:44:cb:fb:20:c9:69:0e:28:29:15:bc:fd:35:b1:a8:
67:85:6f:3e:6d:3e:d4:79:89:17:6e:03:ad:72:59:d5:8f:e8:
94:95:84:3a:ff:03:d6:2b:56:af:d9:d4:24:86:a0:dd:55:14:
e5:40:37:d7:1e:63:45:fd:b3:98:59:32:b1:d4:86:55:84:1c:
29:a5:9d:fc:fb:86:c2:06:4b:31:c5:1b:cd:c3:aa:0e:b1:bc:
ee:ff:b3:4d:8d:2e:74:45:9d:4f:42:6a:30:96:c6:30:28:bf:
2e:63:a8:c2
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgIDAWC3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MDkxNjQ0WhcNMjUwNzI1MDkxNjQ0WjAYMRYw
FAYDVQQDEw02ODY3OWMwMS0yNTIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyYz9KrbcT0gJbSL70kwtqAPAkG50yKYVkCdDOqDlqiJnTx0doZ7B+ET4
84pD6DdCl2ENr53QwB3yR4r3BCGWcoHocqfwesLDVgCIe5789dVRaNOCxqUPiPIG
QLrgsHpq1aXDShk0+urmtCQ8KCMQ0eNUAWlB9pmeedcYDoehE9lEhhChK3CpPxjC
plah551qffvvDDj5BNgJsETJI5L9vV1mGzh7Ib0hjKPTQMnIRAZr5BpsOjVCQGz7
7Fy2QCRaUZir9eaSflnx6QaGnJPCe6xcEwaQMydv2gORqUx6IUbJobm44CIl5vbw
nGgAq0obLDXRHjA9izv94asvcSKh1wIDAQABo4IDITCCAx0wHQYDVR0OBBYEFG9U
7ZCMTKmCHhxc7GY7DD2qUaUOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RDUyMkM5NjU4QjcxMUYwOUY0N0JDREVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAKc5fADBAKc7rgDBAOc
8QgDBAKc8SwDBAOc8ygDBAOc83gDBAKc85gDBAOc89ADBAKc8+wwDAMEBpz0wAME
Apz0yDAMAwQCnPTUAwQFnPTAAwQCnPgQAwQCnPhgMAwDBAKc+UQDBASc+UAwDAME
Apz5VAMEBZz5QAMEApz5dDANBgkqhkiG9w0BAQsFAAOCAQEAOPnxzw0ss5FeNEdW
NxPJW/VwQ4szRc2u8pplhltDaoXF8gKTxSJCbLzbca7mmNKJ852T8+B5Kz8kNPrb
1XSS65yw4qSmuUPkHmh18GtmNvjNF+wPykM/QHaoyz8vRGbLTJ9pqJ2zLIWTnPYn
9CduF2oJy0NWFk6n/8WFwQLQ7f6+Nfbmje/vIBqIP8TzQeQHM+s3RMv7IMlpDigp
Fbz9NbGoZ4VvPm0+1HmJF24DrXJZ1Y/olJWEOv8D1itWr9nUJIag3VUU5UA31x5j
Rf2zmFkysdSGVYQcKaWd/PuGwgZLMcUbzcOqDrG87v+zTY0udEWdT0JqMJbGMCi/
LmOowg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:34:16 2025 by rpki-client