Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E4625F085FF11F096357BD6DAE4EC9C.roa
File: 0E4625F085FF11F096357BD6DAE4EC9C.roa (raw, json)
Hash identifier: OzYEGblT1yjoGZvfGw/eoAruwZ64ocqYsxoAZzuTgCY=
Subject key identifier: 15:AC:6C:00:8F:D0:CA:DF:C1:41:60:A6:C1:CB:5F:32:E2:95:B9:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017456
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E4625F085FF11F096357BD6DAE4EC9C.roa
Signing time: Sun 31 Aug 2025 00:11:35 +0000
ROA not before: Sun 31 Aug 2025 00:00:31 +0000
ROA not after: Sun 07 Sep 2025 00:00:31 +0000
asID: 54801
IP address blocks: 156.238.120.0/21 maxlen: 24
156.240.48.0/21 maxlen: 24
156.245.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95318 (0x17456)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 31 00:00:31 2025 GMT
Not After : Sep 7 00:00:31 2025 GMT
Subject: CN=68b39337-fe4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:6d:95:46:c3:89:0b:c0:9b:be:63:c8:aa:c1:
95:fe:b4:17:46:cb:50:68:b0:7c:e5:4f:a5:24:30:
81:e8:c5:ed:c3:f0:fb:24:a0:4e:ba:40:4a:1e:89:
f6:fb:67:fd:dc:36:ec:28:67:81:af:ff:61:0a:cb:
97:e8:9a:3f:4f:ea:95:a9:80:ef:4c:74:75:e1:b7:
95:1e:75:90:55:4b:1a:2b:a9:83:27:0b:7a:a2:75:
ca:6e:54:df:1d:f7:ce:c0:d9:9c:c4:fa:18:89:39:
d6:eb:26:4d:94:95:c5:35:f5:7e:d6:58:16:32:b7:
b4:38:db:05:e2:39:ea:18:df:bc:38:69:2e:7b:4f:
60:7a:94:71:43:88:ff:c7:29:9d:8e:2d:f6:56:ef:
b6:ad:67:da:2e:83:fd:a9:65:27:f4:19:09:68:9e:
6a:b2:53:5e:fc:48:ea:0c:91:02:f5:5d:53:75:be:
eb:22:55:e1:fc:15:88:0c:d4:df:4b:ac:2b:d3:e7:
c3:5c:95:66:91:38:14:0e:74:ba:80:40:13:8a:dd:
07:73:ef:88:f1:e9:18:60:05:19:6a:39:c9:df:c6:
a0:66:fa:a2:81:bc:a3:1b:59:df:c2:72:bf:1d:04:
8c:db:50:cf:bb:35:f5:3a:44:dc:f7:16:c8:a0:69:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:AC:6C:00:8F:D0:CA:DF:C1:41:60:A6:C1:CB:5F:32:E2:95:B9:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0E4625F085FF11F096357BD6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.120.0/21
156.240.48.0/21
156.245.232.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:23:b0:e8:d0:59:e2:4a:3c:7b:2f:2e:c5:ca:59:79:fc:bd:
6f:a1:5a:b3:69:8b:c1:cc:34:16:4c:7a:9c:77:bb:45:da:81:
63:d3:e4:4d:0b:d5:4c:56:89:b8:55:25:43:d4:48:2b:5d:50:
91:7c:48:c6:58:81:d8:c7:c8:0a:00:87:36:a8:c0:e4:0a:3b:
ee:b4:a2:c1:6c:fe:22:43:5b:c2:0b:a7:99:89:7d:b1:3d:4f:
6e:a8:ea:d4:a2:38:e5:8e:8a:63:8c:f4:cb:cf:78:b6:d6:5d:
21:39:8d:f9:c5:bf:92:35:da:3a:89:52:02:d7:a0:09:38:9c:
e0:a7:69:e4:6d:65:48:f3:51:44:1d:10:b2:f6:2b:ff:8a:ee:
bf:f0:c6:d7:2c:a0:24:ee:b2:84:4e:6c:91:7e:bd:46:db:20:
07:e3:d9:da:67:1d:28:a2:c5:a9:ad:74:b9:2d:49:93:88:46:
e1:ec:42:32:84:bf:a6:98:18:63:0b:e5:ef:fd:22:e0:9a:11:
54:08:54:1d:40:1c:2d:ba:14:27:62:96:48:01:41:f2:3c:ef:
48:c5:ea:16:88:12:09:3c:71:8d:5c:b7:1f:68:04:a3:84:59:
42:4a:01:20:ae:ab:e3:12:79:c9:f2:0a:6a:70:2f:82:05:7a:
af:b4:da:9c
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAXRWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODMxMDAwMDMxWhcNMjUwOTA3MDAwMDMxWjAYMRYw
FAYDVQQDEw02OGIzOTMzNy1mZTRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArG2VRsOJC8CbvmPIqsGV/rQXRstQaLB85U+lJDCB6MXtw/D7JKBOukBK
Hon2+2f93DbsKGeBr/9hCsuX6Jo/T+qVqYDvTHR14beVHnWQVUsaK6mDJwt6onXK
blTfHffOwNmcxPoYiTnW6yZNlJXFNfV+1lgWMre0ONsF4jnqGN+8OGkue09gepRx
Q4j/xymdji32Vu+2rWfaLoP9qWUn9BkJaJ5qslNe/EjqDJEC9V1Tdb7rIlXh/BWI
DNTfS6wr0+fDXJVmkTgUDnS6gEATit0Hc++I8ekYYAUZajnJ38agZvqigbyjG1nf
wnK/HQSM21DPuzX1OkTc9xbIoGn02QIDAQABo4ICrjCCAqowHQYDVR0OBBYEFBWs
bACP0MrfwUFgpsHLXzLilblUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRTQ2MjVGMDg1RkYxMUYwOTYzNTdCRDZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDnO54AwQDnPAwAwQDnPXoMA0G
CSqGSIb3DQEBCwUAA4IBAQCjI7Do0FniSjx7Ly7Fyll5/L1voVqzaYvBzDQWTHqc
d7tF2oFj0+RNC9VMVom4VSVD1EgrXVCRfEjGWIHYx8gKAIc2qMDkCjvutKLBbP4i
Q1vCC6eZiX2xPU9uqOrUojjljopjjPTLz3i21l0hOY35xb+SNdo6iVIC16AJOJzg
p2nkbWVI81FEHRCy9iv/iu6/8MbXLKAk7rKETmyRfr1G2yAH49naZx0oosWprXS5
LUmTiEbh7EIyhL+mmBhjC+Xv/SLgmhFUCFQdQBwtuhQnYpZIAUHyPO9IxeoWiBIJ
PHGNXLcfaASjhFlCSgEgrqvjEnnJ8gpqcC+CBXqvtNqc
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:22:01 2025 by rpki-client