Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DE99126892E11F0BC8B9795DAE4EC9C.roa
File: 2DE99126892E11F0BC8B9795DAE4EC9C.roa (raw, json)
Hash identifier: +r47Yarcf+vMdeQw5yOitHlclx9IipOPymT6FVBh+PM=
Subject key identifier: E0:E0:12:8E:66:86:C3:30:8E:5E:FE:F0:EB:CD:89:18:9E:4E:00:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01780B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DE99126892E11F0BC8B9795DAE4EC9C.roa
Signing time: Thu 04 Sep 2025 01:26:28 +0000
ROA not before: Thu 04 Sep 2025 01:26:24 +0000
ROA not after: Mon 13 Dec 2027 01:26:24 +0000
asID: 17561
IP address blocks: 156.235.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 08 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96267 (0x1780b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 01:26:24 2025 GMT
Not After : Dec 13 01:26:24 2027 GMT
Subject: CN=68b8eac4-6e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:8e:aa:f7:ad:99:4b:27:37:52:07:12:96:7a:
d6:87:bd:f6:1a:59:ca:2f:4b:22:3c:7f:7f:8f:0a:
49:fc:58:f5:46:78:d6:96:a7:93:bb:9d:63:01:8e:
14:09:4b:24:6f:cd:bc:81:be:db:0f:63:e3:e2:c8:
fb:67:94:8e:86:ee:a9:74:c3:57:74:95:eb:4a:3b:
ff:9e:52:0a:01:0a:39:fa:f5:8e:56:66:b3:c7:81:
3d:a4:9a:da:52:d6:46:67:e7:7c:23:b5:45:8a:f5:
87:59:8b:f7:a5:d9:1c:f9:3c:ee:60:a4:9b:e1:b6:
e4:9a:20:a0:fd:10:1d:1b:cd:ce:47:38:9b:2c:46:
fd:71:0f:6d:de:83:b9:40:17:3f:3f:01:33:57:dc:
06:29:6e:7e:d6:68:4e:4e:e3:15:cb:48:d4:38:0f:
c3:6d:60:bb:71:0b:c9:2d:e0:24:f7:41:06:a1:c2:
c1:9f:8d:c0:e5:11:cb:b9:55:d2:ad:44:9d:1f:49:
9d:41:e2:f2:d1:59:de:31:0f:f2:78:11:b1:f2:17:
aa:21:69:12:9e:84:06:92:f0:5a:e5:ea:a3:40:cf:
53:bc:18:57:01:30:c6:dd:7d:3f:5a:d3:e0:1d:fe:
84:53:c8:08:a3:c2:4a:a4:98:68:93:4e:22:5b:72:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E0:12:8E:66:86:C3:30:8E:5E:FE:F0:EB:CD:89:18:9E:4E:00:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DE99126892E11F0BC8B9795DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.124.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:be:df:d9:9f:34:5d:a3:aa:f3:05:57:1a:88:7f:df:bf:64:
52:70:69:58:b7:f8:6b:b1:02:c5:ff:cb:3b:00:06:5d:ba:af:
67:33:d0:81:98:13:87:d8:fc:7e:30:97:e0:80:74:2e:ab:37:
d9:eb:0c:71:9a:d3:d2:43:f9:a0:c4:51:62:fe:08:b0:6f:94:
10:27:c0:87:c0:da:0a:ee:1d:f1:dc:2a:20:47:12:72:e0:aa:
34:70:89:12:ec:b6:70:2c:5b:25:78:da:1c:d3:84:05:43:be:
71:c6:66:41:2c:91:84:5f:6b:67:d5:20:cc:22:93:63:21:75:
26:3e:ec:c4:21:a8:39:06:7f:70:ae:e3:95:0e:a7:73:c0:0b:
4b:72:70:13:cb:db:8a:21:05:69:c4:ab:b8:0b:2b:d7:eb:4c:
8c:b9:77:d1:df:1f:60:68:ff:b3:0a:d2:2f:f1:1e:77:8e:8b:
c0:79:0e:64:da:03:5a:22:4b:e2:4a:91:aa:65:13:31:ce:50:
ae:e1:7c:7a:73:99:4b:05:c2:88:27:2e:60:16:63:65:5c:1c:
63:f2:8d:b5:46:94:2d:1f:1f:36:d4:7d:af:63:29:bb:a5:d4:
af:31:65:8b:d3:fd:0e:d5:f1:30:5a:d5:3e:04:4d:f4:4c:01:
d5:91:64:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXgLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA0MDEyNjI0WhcNMjcxMjEzMDEyNjI0WjAYMRYw
FAYDVQQDEw02OGI4ZWFjNC02ZTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9I6q962ZSyc3UgcSlnrWh732GlnKL0siPH9/jwpJ/Fj1RnjWlqeTu51j
AY4UCUskb828gb7bD2Pj4sj7Z5SOhu6pdMNXdJXrSjv/nlIKAQo5+vWOVmazx4E9
pJraUtZGZ+d8I7VFivWHWYv3pdkc+TzuYKSb4bbkmiCg/RAdG83ORzibLEb9cQ9t
3oO5QBc/PwEzV9wGKW5+1mhOTuMVy0jUOA/DbWC7cQvJLeAk90EGocLBn43A5RHL
uVXSrUSdH0mdQeLy0VneMQ/yeBGx8heqIWkSnoQGkvBa5eqjQM9TvBhXATDG3X0/
WtPgHf6EU8gIo8JKpJhok04iW3IC0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFODg
Eo5mhsMwjl7+8OvNiRieTgD4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yREU5OTEyNjg5MkUxMUYwQkM4Qjk3OTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOt8MA0GCSqGSIb3DQEBCwUA
A4IBAQBKvt/ZnzRdo6rzBVcaiH/fv2RScGlYt/hrsQLF/8s7AAZduq9nM9CBmBOH
2Px+MJfggHQuqzfZ6wxxmtPSQ/mgxFFi/giwb5QQJ8CHwNoK7h3x3CogRxJy4Ko0
cIkS7LZwLFsleNoc04QFQ75xxmZBLJGEX2tn1SDMIpNjIXUmPuzEIag5Bn9wruOV
DqdzwAtLcnATy9uKIQVpxKu4CyvX60yMuXfR3x9gaP+zCtIv8R53jovAeQ5k2gNa
IkviSpGqZRMxzlCu4Xx6c5lLBcKIJy5gFmNlXBxj8o21RpQtHx821H2vYym7pdSv
MWWL0/0O1fEwWtU+BE30TAHVkWTq
-----END CERTIFICATE-----
Generated at Sat Sep 6 02:26:53 2025 by rpki-client