Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A40C8C62597411F08001A6AFDAE4EC9C.roa
File: A40C8C62597411F08001A6AFDAE4EC9C.roa (raw, json)
Hash identifier: XpLApTaRLg/07Lw/EIdKENswwy7AJRqvB66qLlgCR0I=
Subject key identifier: 94:98:9B:FD:3A:F0:CC:BE:1E:C2:F0:1F:9B:1E:64:37:C1:4F:84:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016157
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A40C8C62597411F08001A6AFDAE4EC9C.roa
Signing time: Sat 05 Jul 2025 07:49:55 +0000
ROA not before: Sat 05 Jul 2025 07:49:51 +0000
ROA not after: Thu 21 Aug 2025 07:49:51 +0000
asID: 203020
IP address blocks: 156.233.180.0/22 maxlen: 24
156.233.184.0/21 maxlen: 24
156.233.192.0/24 maxlen: 24
156.248.32.0/19 maxlen: 24
156.251.96.0/20 maxlen: 24
156.251.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90455 (0x16157)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 5 07:49:51 2025 GMT
Not After : Aug 21 07:49:51 2025 GMT
Subject: CN=6868d923-8f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6c:ac:11:a2:88:90:25:f5:7a:97:04:ad:c8:
90:7e:7a:1d:ac:b7:a8:7c:a5:06:72:a4:dc:78:15:
a7:c1:1c:86:01:ff:2a:7a:bd:6c:17:7f:62:d2:c6:
b3:9d:7c:12:38:ca:7c:e9:f6:ce:96:a8:2f:5f:19:
04:4e:32:66:89:e2:61:9f:75:fe:71:40:fb:1d:5f:
99:f5:5b:ca:bb:36:20:cf:49:81:51:6d:89:80:4c:
01:a1:47:29:28:e0:8a:52:34:64:a3:3f:6e:74:5a:
3b:70:d2:50:f5:46:87:0b:8f:ff:ec:5a:79:04:58:
47:5f:60:28:b5:ed:ce:9f:63:99:3c:64:95:bb:7a:
98:30:58:74:b5:fc:ae:f7:15:85:13:9a:5c:b1:df:
db:b9:f4:34:bf:e0:4c:36:f9:dc:20:ea:ba:d3:a4:
2c:00:6c:91:42:db:eb:c6:16:2a:5d:78:ec:4e:cb:
d7:46:b6:ae:a4:3a:dd:f9:19:2d:d9:f0:7a:64:56:
cb:e0:18:6f:f2:57:db:4b:6b:17:b8:d5:a6:c3:8f:
9c:0b:1e:18:ed:ce:a3:ca:a1:6e:fb:6c:d0:00:68:
cf:c4:00:29:8b:f7:7f:06:fd:5d:b7:0d:b4:0e:92:
61:25:02:04:63:c9:e1:ce:54:92:ba:a3:b7:7c:ca:
89:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:98:9B:FD:3A:F0:CC:BE:1E:C2:F0:1F:9B:1E:64:37:C1:4F:84:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A40C8C62597411F08001A6AFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.180.0-156.233.192.255
156.248.32.0/19
156.251.96.0-156.251.119.255
Signature Algorithm: sha256WithRSAEncryption
58:bc:e1:eb:c4:d8:88:31:34:2f:45:3d:b7:b7:c6:09:19:e9:
e9:6a:da:1a:fc:01:f5:e3:49:d4:0f:47:00:e9:34:1d:70:d3:
ab:18:8d:14:70:20:71:67:18:eb:65:2a:85:63:bd:a7:9b:a9:
53:47:45:fc:79:ce:d2:39:87:b2:80:37:1d:0e:d1:f0:1c:39:
79:e6:8a:e7:5f:4a:69:e6:e7:f6:d0:a1:b3:f4:ea:2d:fe:7d:
51:a3:c4:97:b6:d1:1d:be:d0:6a:02:62:1d:ab:a4:61:bf:e7:
e8:7a:a6:91:c6:63:d4:05:da:3f:d7:65:9c:b7:b3:8a:91:76:
2f:c0:65:fb:56:19:da:95:d7:c4:c2:6f:03:61:b8:74:ca:b7:
f7:61:ed:d0:03:ea:a9:7a:0f:11:73:d1:3d:ee:2b:27:4b:68:
0e:80:86:46:01:a6:2d:13:97:f1:1f:2e:ad:df:20:18:d6:51:
bc:af:96:30:58:c4:75:56:95:9f:9f:57:91:d6:c2:7c:5f:e6:
3f:d8:d8:c8:71:1e:b0:b5:6a:2a:5d:fe:1a:bc:22:d0:7f:e3:
dd:8a:ad:d5:c5:56:a1:ad:61:ba:7a:c3:2e:7c:c7:33:62:cd:
9e:e1:95:6b:46:88:e0:10:b9:e6:86:4c:52:65:fb:8a:4d:5a:
c6:83:7a:24
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIDAWFXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA1MDc0OTUxWhcNMjUwODIxMDc0OTUxWjAYMRYw
FAYDVQQDEw02ODY4ZDkyMy04ZjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA42ysEaKIkCX1epcErciQfnodrLeofKUGcqTceBWnwRyGAf8qer1sF39i
0saznXwSOMp86fbOlqgvXxkETjJmieJhn3X+cUD7HV+Z9VvKuzYgz0mBUW2JgEwB
oUcpKOCKUjRkoz9udFo7cNJQ9UaHC4//7Fp5BFhHX2Aote3On2OZPGSVu3qYMFh0
tfyu9xWFE5pcsd/bufQ0v+BMNvncIOq606QsAGyRQtvrxhYqXXjsTsvXRraupDrd
+Rkt2fB6ZFbL4Bhv8lfbS2sXuNWmw4+cCx4Y7c6jyqFu+2zQAGjPxAApi/d/Bv1d
tw20DpJhJQIEY8nhzlSSuqO3fMqJJwIDAQABo4ICvjCCArowHQYDVR0OBBYEFJSY
m/068My+HsLwH5seZDfBT4SxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDBDOEM2MjU5NzQxMUYwODAwMUE2QUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAKc6bQDBACc6cADBAWc+CAw
DAMEBZz7YAMEA5z7cDANBgkqhkiG9w0BAQsFAAOCAQEAWLzh68TYiDE0L0U9t7fG
CRnp6WraGvwB9eNJ1A9HAOk0HXDTqxiNFHAgcWcY62UqhWO9p5upU0dF/HnO0jmH
soA3HQ7R8Bw5eeaK519Kaebn9tChs/TqLf59UaPEl7bRHb7QagJiHaukYb/n6Hqm
kcZj1AXaP9dlnLezipF2L8Bl+1YZ2pXXxMJvA2G4dMq392Ht0APqqXoPEXPRPe4r
J0toDoCGRgGmLROX8R8urd8gGNZRvK+WMFjEdVaVn59XkdbCfF/mP9jYyHEesLVq
Kl3+Grwi0H/j3Yqt1cVWoa1hunrDLnzHM2LNnuGVa0aI4BC55oZMUmX7ik1axoN6
JA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:27:14 2025 by rpki-client