Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A1E7518860111F0A90787E3DAE4EC9C.roa
File: 3A1E7518860111F0A90787E3DAE4EC9C.roa (raw, json)
Hash identifier: UB6Q5VUVbBE1u7Y2kuBfLeDRFPZ1HD91IrhWLduujsw=
Subject key identifier: 49:CF:B6:AB:9F:32:79:27:63:BC:63:23:03:E2:81:11:DF:56:A9:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01745A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A1E7518860111F0A90787E3DAE4EC9C.roa
Signing time: Sun 31 Aug 2025 00:27:08 +0000
ROA not before: Sun 31 Aug 2025 00:00:03 +0000
ROA not after: Sun 07 Sep 2025 00:00:03 +0000
asID: 54801
IP address blocks: 156.240.32.0/20 maxlen: 24
156.246.0.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95322 (0x1745a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 31 00:00:03 2025 GMT
Not After : Sep 7 00:00:03 2025 GMT
Subject: CN=68b396dc-4068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:65:af:49:bd:37:c9:78:7d:ed:29:0e:6a:a1:
b3:62:a7:02:52:00:e0:fd:ce:78:68:98:46:9b:e4:
11:d0:b8:49:51:c0:d5:b6:f1:30:7d:9b:3a:e4:01:
6c:00:2b:fb:f5:21:d8:ec:95:95:f7:fb:c6:50:20:
cf:dd:13:f2:3e:ed:85:e7:f4:54:07:9c:64:70:d0:
64:14:be:97:7f:56:bf:85:6b:e4:ab:ae:9b:f3:14:
1f:05:4d:a3:f0:b3:ae:92:6d:ca:d6:6b:f9:72:29:
29:6b:da:c5:d6:1b:fc:22:13:9c:b4:81:ca:e0:75:
b4:5c:95:45:66:db:a1:2b:04:3c:c0:6f:24:79:85:
59:a0:a2:52:0e:82:8c:91:09:de:a6:f3:f7:57:25:
e8:7e:6a:1d:77:81:fc:c2:b1:37:a4:2b:95:e5:b8:
ca:95:7d:5b:77:08:83:f5:bd:3c:5e:1e:08:1b:27:
15:e5:75:71:a4:19:39:fb:89:a8:2c:f7:cf:8a:1c:
d1:57:6e:99:89:4d:d1:fb:db:d3:b1:44:3e:ac:f0:
2b:fb:5a:8e:a9:bd:a2:c8:10:46:73:77:55:99:66:
71:46:c0:42:d7:f0:2d:a9:b3:ae:2d:d6:7f:31:8c:
63:dd:41:94:04:fd:32:21:64:cb:92:1e:4b:a6:d5:
46:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CF:B6:AB:9F:32:79:27:63:BC:63:23:03:E2:81:11:DF:56:A9:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A1E7518860111F0A90787E3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.32.0/20
156.246.0.0/20
Signature Algorithm: sha256WithRSAEncryption
15:c7:df:96:15:e2:6a:15:70:d0:17:f5:c0:94:1f:97:97:dd:
75:fd:a6:47:d0:cd:2d:d5:c6:35:ec:84:ae:24:86:02:b5:84:
f2:7e:2d:a7:f6:53:01:22:3f:f6:f8:66:ad:81:6b:ea:25:73:
f7:e0:03:e9:a7:6f:7a:fa:99:fb:26:11:c5:f4:dd:1e:4a:29:
29:f9:8f:be:57:f0:3b:f3:9f:36:a5:50:f3:0d:0c:f0:4e:5d:
bb:4f:dc:3d:c1:72:19:5f:f0:93:e9:a7:b1:7f:6b:2f:41:1c:
e3:cb:f3:66:e9:00:bf:1c:05:3a:f2:07:a3:13:91:92:59:09:
77:99:c8:93:90:ca:fd:45:72:ee:4b:6b:17:68:a4:82:43:38:
f4:c4:80:a6:00:0c:7d:97:c0:27:b5:91:59:ba:0a:c2:31:5e:
5b:ad:4e:70:d7:d6:1f:d3:a3:16:26:bb:9a:85:6c:0e:de:a0:
eb:00:25:8f:93:f1:92:72:40:fe:f9:91:91:4f:e6:04:40:df:
4a:96:80:af:50:d7:75:98:70:6c:54:64:c3:0b:4e:a8:d4:8d:
45:1b:e7:ad:7a:a8:e3:da:54:2a:6c:23:1a:b7:ea:60:72:3d:
98:68:3b:d0:f6:a3:9e:34:04:75:43:90:4a:6d:bb:35:75:a7:
d5:5f:f8:a8
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXRaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODMxMDAwMDAzWhcNMjUwOTA3MDAwMDAzWjAYMRYw
FAYDVQQDEw02OGIzOTZkYy00MDY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3GWvSb03yXh97SkOaqGzYqcCUgDg/c54aJhGm+QR0LhJUcDVtvEwfZs6
5AFsACv79SHY7JWV9/vGUCDP3RPyPu2F5/RUB5xkcNBkFL6Xf1a/hWvkq66b8xQf
BU2j8LOukm3K1mv5cikpa9rF1hv8IhOctIHK4HW0XJVFZtuhKwQ8wG8keYVZoKJS
DoKMkQnepvP3VyXofmodd4H8wrE3pCuV5bjKlX1bdwiD9b08Xh4IGycV5XVxpBk5
+4moLPfPihzRV26ZiU3R+9vTsUQ+rPAr+1qOqb2iyBBGc3dVmWZxRsBC1/AtqbOu
LdZ/MYxj3UGUBP0yIWTLkh5LptVGgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEnP
tqufMnknY7xjIwPigRHfVqn6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTFFNzUxODg2MDExMUYwQTkwNzg3RTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEnPAgAwQEnPYAMA0GCSqGSIb3
DQEBCwUAA4IBAQAVx9+WFeJqFXDQF/XAlB+Xl911/aZH0M0t1cY17ISuJIYCtYTy
fi2n9lMBIj/2+GatgWvqJXP34APpp296+pn7JhHF9N0eSikp+Y++V/A78582pVDz
DQzwTl27T9w9wXIZX/CT6aexf2svQRzjy/Nm6QC/HAU68gejE5GSWQl3mciTkMr9
RXLuS2sXaKSCQzj0xICmAAx9l8AntZFZugrCMV5brU5w19Yf06MWJruahWwO3qDr
ACWPk/GSckD++ZGRT+YEQN9KloCvUNd1mHBsVGTDC06o1I1FG+eteqjj2lQqbCMa
t+pgcj2YaDvQ9qOeNAR1Q5BKbbs1dafVX/io
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:20:47 2025 by rpki-client