Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27E9EDFA870511F0BFBFB596DAE4EC9C.roa
File: 27E9EDFA870511F0BFBFB596DAE4EC9C.roa (raw, json)
Hash identifier: UChlpa/F44cJClflSZXndmDfwJoyJZR9yns7lDIJlGU=
Subject key identifier: 3F:64:8B:92:1C:F0:3F:6E:8C:51:44:54:24:30:BF:8A:9A:60:49:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0174CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27E9EDFA870511F0BFBFB596DAE4EC9C.roa
Signing time: Mon 01 Sep 2025 07:27:47 +0000
ROA not before: Mon 01 Sep 2025 07:27:42 +0000
ROA not after: Tue 30 Sep 2025 07:27:42 +0000
asID: 401783
IP address blocks: 156.227.132.0/24 maxlen: 24
156.227.136.0/24 maxlen: 24
156.227.139.0/24 maxlen: 24
156.227.140.0/24 maxlen: 24
156.227.159.0/24 maxlen: 24
156.231.4.0/24 maxlen: 24
156.231.5.0/24 maxlen: 24
156.231.6.0/24 maxlen: 24
156.231.8.0/24 maxlen: 24
156.231.9.0/24 maxlen: 24
156.231.63.0/24 maxlen: 24
156.231.106.0/24 maxlen: 24
156.231.128.0/24 maxlen: 24
156.231.129.0/24 maxlen: 24
156.231.133.0/24 maxlen: 24
156.233.66.0/24 maxlen: 24
156.249.183.0/24 maxlen: 24
156.249.185.0/24 maxlen: 24
156.249.191.0/24 maxlen: 24
156.253.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95438 (0x174ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 1 07:27:42 2025 GMT
Not After : Sep 30 07:27:42 2025 GMT
Subject: CN=68b54af2-b7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d9:37:ac:22:ce:0f:55:53:5f:c4:eb:45:10:
02:3e:01:87:95:dc:40:d6:19:bb:66:0c:26:7f:9a:
a9:db:8e:72:e6:ab:5c:65:9f:e4:dc:e7:90:2b:1d:
00:c8:66:85:ec:6f:ce:e9:c5:e3:d0:99:17:d5:f3:
8e:62:b1:f5:95:87:e3:41:e9:0b:f1:88:84:62:3a:
1a:0a:f4:3e:14:cb:2c:95:b8:d9:fd:b3:cc:62:ba:
f2:71:cf:fc:a6:c5:88:ac:14:59:8c:68:db:61:27:
3c:fb:76:b0:17:78:9b:78:91:4e:bd:d3:67:73:7b:
49:6b:dc:cf:28:02:c3:7f:8b:24:77:78:f6:c3:c8:
a3:8a:96:e9:fb:c5:b6:da:c6:f1:71:dc:f2:ae:1a:
f5:0b:ed:c0:77:eb:bc:f6:ae:31:ef:f3:62:ad:bf:
bb:74:3a:58:cc:e5:d2:20:1a:1a:8a:43:bf:c9:d4:
52:ac:04:df:9b:a7:3d:e4:f2:53:a3:db:63:8f:3b:
d0:3f:30:c9:b1:c5:6c:25:76:04:49:ad:82:01:20:
4f:a0:41:db:5c:fd:05:b5:59:4f:ef:a5:e9:47:e4:
b4:98:b9:2a:20:a3:04:cc:15:44:f0:34:f6:18:34:
97:a7:4f:65:9c:a3:d4:e5:85:cb:b3:07:21:10:d3:
b7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:64:8B:92:1C:F0:3F:6E:8C:51:44:54:24:30:BF:8A:9A:60:49:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/27E9EDFA870511F0BFBFB596DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.132.0/24
156.227.136.0/24
156.227.139.0-156.227.140.255
156.227.159.0/24
156.231.4.0-156.231.6.255
156.231.8.0/23
156.231.63.0/24
156.231.106.0/24
156.231.128.0/23
156.231.133.0/24
156.233.66.0/24
156.249.183.0/24
156.249.185.0/24
156.249.191.0/24
156.253.187.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:96:10:f8:90:79:58:17:ba:77:5b:8c:ca:63:23:7b:2b:70:
b4:58:2f:cc:6c:7a:41:d5:5f:43:1a:94:b8:ee:cb:71:3e:49:
b1:d1:0b:2b:c7:84:17:cf:a9:6e:6e:60:ed:4f:a0:4b:01:1d:
12:8a:96:16:2e:8d:f4:76:d0:95:bd:1f:46:69:19:ad:65:c9:
07:fd:98:6b:91:24:71:af:6b:f1:bc:de:07:df:9f:73:a7:31:
f7:5f:27:ff:94:ed:34:58:28:d2:9a:32:d9:c1:63:07:9a:c4:
e0:5f:c3:3f:95:79:20:b7:d6:fa:f5:2e:9e:bb:97:87:7a:fe:
1f:be:7f:fc:43:91:4b:4a:08:46:a6:f9:40:6b:55:29:36:ef:
71:a8:8e:93:7b:f5:f5:5f:9a:21:b6:91:03:fb:cd:5b:cc:da:
63:5b:a4:d1:9d:9e:87:78:50:3c:5c:19:1c:27:d9:29:2d:78:
64:03:b5:c8:a5:94:2a:11:5a:c8:05:64:60:76:06:d5:c8:4c:
c3:26:63:92:83:c7:29:72:3f:00:55:b4:10:14:4b:49:a0:2c:
b3:61:7c:9f:6c:08:2b:70:8b:51:6c:48:23:39:e6:49:c7:74:
e6:ca:fa:9c:f3:c5:10:19:18:4a:48:15:67:c2:b1:ac:10:6a:
c2:b6:63:fd
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgIDAXTOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAxMDcyNzQyWhcNMjUwOTMwMDcyNzQyWjAYMRYw
FAYDVQQDEw02OGI1NGFmMi1iN2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1tk3rCLOD1VTX8TrRRACPgGHldxA1hm7Zgwmf5qp245y5qtcZZ/k3OeQ
Kx0AyGaF7G/O6cXj0JkX1fOOYrH1lYfjQekL8YiEYjoaCvQ+FMsslbjZ/bPMYrry
cc/8psWIrBRZjGjbYSc8+3awF3ibeJFOvdNnc3tJa9zPKALDf4skd3j2w8ijipbp
+8W22sbxcdzyrhr1C+3Ad+u89q4x7/Nirb+7dDpYzOXSIBoaikO/ydRSrATfm6c9
5PJTo9tjjzvQPzDJscVsJXYESa2CASBPoEHbXP0FtVlP76XpR+S0mLkqIKMEzBVE
8DT2GDSXp09lnKPU5YXLswchENO37wIDAQABo4IDBzCCAwMwHQYDVR0OBBYEFD9k
i5Ic8D9ujFFEVCQwv4qaYEneMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yN0U5RURGQTg3MDUxMUYwQkZCRkI1OTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAJzjhAMEAJzjiDAMAwQAnOOL
AwQAnOOMAwQAnOOfMAwDBAKc5wQDBACc5wYDBAGc5wgDBACc5z8DBACc52oDBAGc
54ADBACc54UDBACc6UIDBACc+bcDBACc+bkDBACc+b8DBACc/bswDQYJKoZIhvcN
AQELBQADggEBAC2WEPiQeVgXundbjMpjI3srcLRYL8xsekHVX0MalLjuy3E+SbHR
CyvHhBfPqW5uYO1PoEsBHRKKlhYujfR20JW9H0ZpGa1lyQf9mGuRJHGva/G83gff
n3OnMfdfJ/+U7TRYKNKaMtnBYweaxOBfwz+VeSC31vr1Lp67l4d6/h++f/xDkUtK
CEam+UBrVSk273GojpN79fVfmiG2kQP7zVvM2mNbpNGdnod4UDxcGRwn2SkteGQD
tcillCoRWsgFZGB2BtXITMMmY5KDxylyPwBVtBAUS0mgLLNhfJ9sCCtwi1FsSCM5
5knHdObK+pzzxRAZGEpIFWfCsawQasK2Y/0=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:19:26 2025 by rpki-client