Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE8F27DA5E4711F0BBA3B1DDDAE4EC9C.roa
File: AE8F27DA5E4711F0BBA3B1DDDAE4EC9C.roa (raw, json)
Hash identifier: fQMY6grH4XJbCCvLbuxBXABstw7noutKW026YBTHqN0=
Subject key identifier: E2:33:BD:45:69:FB:08:97:D1:32:8E:5E:C0:94:E6:66:9C:ED:18:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01648C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE8F27DA5E4711F0BBA3B1DDDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 11:10:42 +0000
ROA not before: Fri 11 Jul 2025 11:10:37 +0000
ROA not after: Sat 16 Aug 2025 11:10:37 +0000
asID: 22773
IP address blocks: 156.229.4.0/24 maxlen: 24
156.229.5.0/24 maxlen: 24
156.229.6.0/24 maxlen: 24
156.229.7.0/24 maxlen: 24
156.233.208.0/24 maxlen: 24
156.233.209.0/24 maxlen: 24
156.233.210.0/24 maxlen: 24
156.233.211.0/24 maxlen: 24
156.233.212.0/24 maxlen: 24
156.233.213.0/24 maxlen: 24
156.233.214.0/24 maxlen: 24
156.233.215.0/24 maxlen: 24
156.233.220.0/24 maxlen: 24
156.233.221.0/24 maxlen: 24
156.233.222.0/24 maxlen: 24
156.233.223.0/24 maxlen: 24
156.233.240.0/24 maxlen: 24
156.233.241.0/24 maxlen: 24
156.233.242.0/24 maxlen: 24
156.238.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91276 (0x1648c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 11 11:10:37 2025 GMT
Not After : Aug 16 11:10:37 2025 GMT
Subject: CN=6870f132-05e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c9:03:e6:ca:cb:6a:79:4b:a0:b9:10:0a:79:
a3:6a:5d:ad:8e:84:a2:2c:a0:a9:51:33:52:00:83:
84:8a:41:40:35:18:5b:1c:26:5f:47:e1:2c:7f:7b:
df:22:d0:12:36:d0:f9:e5:eb:7f:38:ad:e2:d5:4d:
bf:63:f0:9e:29:c4:9c:60:03:65:8a:d6:92:72:3a:
13:41:b2:73:06:50:d6:53:79:a9:ec:93:cf:b8:07:
0b:b7:59:0a:b3:30:bf:3a:20:34:b9:b4:eb:73:b0:
02:c6:4b:c4:23:d0:79:15:b1:2a:e9:3f:33:dd:42:
a1:14:93:ab:28:b9:40:6c:83:bd:e3:25:3f:35:ea:
09:92:cb:9e:de:3d:66:96:51:20:b3:7f:1f:3a:ea:
23:ae:7e:68:be:32:ff:47:1d:21:02:db:6d:51:64:
5a:1c:25:d7:c7:ad:43:fb:9c:cd:c8:13:1b:1e:e0:
34:dc:1f:98:e6:d1:74:e5:84:de:33:4c:2f:ba:6d:
80:2e:af:8a:71:91:3d:13:8b:ef:75:17:53:b5:47:
20:7d:90:ea:ce:6a:91:63:e1:3a:da:c5:45:1b:fb:
c0:ff:93:ce:c4:75:97:40:df:11:0f:3d:d5:0a:15:
bb:2d:d8:b0:e7:22:be:90:d1:06:2e:2f:c8:0b:ff:
d0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:33:BD:45:69:FB:08:97:D1:32:8E:5E:C0:94:E6:66:9C:ED:18:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE8F27DA5E4711F0BBA3B1DDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.4.0/22
156.233.208.0/21
156.233.220.0/22
156.233.240.0-156.233.242.255
156.238.144.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:0b:55:43:2f:66:44:b8:5e:60:34:56:09:b0:d2:0e:d9:26:
1c:af:d3:19:b8:f9:2a:86:72:44:de:b6:e3:93:07:8f:58:30:
16:12:b1:82:51:d9:a4:bb:18:45:34:89:38:46:3b:d2:5b:b2:
aa:fa:e7:eb:da:7d:64:a5:23:eb:c9:f1:66:db:57:7a:fd:b5:
82:bc:62:bb:a3:e8:ba:2b:e0:69:fa:eb:d6:dc:be:65:30:f1:
f4:4c:3e:e9:09:9c:aa:27:9e:74:f9:8c:c8:f8:8a:cf:a2:bf:
b3:9c:8b:59:5f:b9:3e:8b:ad:00:e9:6e:78:e1:af:8a:e0:7f:
0f:3d:4f:6f:ce:90:44:13:bb:4c:fe:46:8d:1e:5c:c6:31:10:
23:6b:04:93:60:45:37:26:2c:07:48:67:bd:f7:b2:0b:91:73:
03:ca:f3:59:7e:81:99:4c:bd:3e:bc:5d:f8:dc:87:b8:28:aa:
21:38:55:94:0a:3e:03:60:9c:c0:f1:68:38:1d:1d:93:0d:a4:
5d:a4:29:d0:a5:de:9c:35:b7:c7:cd:17:07:a9:5f:36:7a:1e:
09:56:88:e5:cd:4f:0c:ea:e3:55:d5:eb:70:04:78:30:34:42:
13:1b:98:c6:85:21:60:af:1b:d1:f0:39:d0:8e:69:ef:13:2b:
ab:4f:7b:03
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAWSMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzExMTExMDM3WhcNMjUwODE2MTExMDM3WjAYMRYw
FAYDVQQDEw02ODcwZjEzMi0wNWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq8kD5srLanlLoLkQCnmjal2tjoSiLKCpUTNSAIOEikFANRhbHCZfR+Es
f3vfItASNtD55et/OK3i1U2/Y/CeKcScYANlitaScjoTQbJzBlDWU3mp7JPPuAcL
t1kKszC/OiA0ubTrc7ACxkvEI9B5FbEq6T8z3UKhFJOrKLlAbIO94yU/NeoJksue
3j1mllEgs38fOuojrn5ovjL/Rx0hAtttUWRaHCXXx61D+5zNyBMbHuA03B+Y5tF0
5YTeM0wvum2ALq+KcZE9E4vvdRdTtUcgfZDqzmqRY+E62sVFG/vA/5POxHWXQN8R
Dz3VChW7Ldiw5yK+kNEGLi/IC//QTwIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFOIz
vUVp+wiX0TKOXsCU5mac7RitMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRThGMjdEQTVFNDcxMUYwQkJBM0IxREREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCnOUEAwQDnOnQAwQCnOncMAwD
BASc6fADBACc6fIDBACc7pAwDQYJKoZIhvcNAQELBQADggEBAK0LVUMvZkS4XmA0
Vgmw0g7ZJhyv0xm4+SqGckTetuOTB49YMBYSsYJR2aS7GEU0iThGO9Jbsqr65+va
fWSlI+vJ8WbbV3r9tYK8Yruj6Lor4Gn669bcvmUw8fRMPukJnKonnnT5jMj4is+i
v7Oci1lfuT6LrQDpbnjhr4rgfw89T2/OkEQTu0z+Ro0eXMYxECNrBJNgRTcmLAdI
Z733sguRcwPK81l+gZlMvT68Xfjch7goqiE4VZQKPgNgnMDxaDgdHZMNpF2kKdCl
3pw1t8fNFwepXzZ6HglWiOXNTwzq41XV63AEeDA0QhMbmMaFIWCvG9HwOdCOae8T
K6tPewM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:28:39 2025 by rpki-client