Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42F1FEC2896611F0805A4992DAE4EC9C.roa
File: 42F1FEC2896611F0805A4992DAE4EC9C.roa (raw, json)
Hash identifier: 2vNlUhOvMvYtQAJ0obHqNmzIpwmeGYckP+337SOpEug=
Subject key identifier: 30:D0:1B:73:43:1D:EE:53:4B:56:EB:1C:2B:75:7E:6B:77:5E:B3:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017836
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42F1FEC2896611F0805A4992DAE4EC9C.roa
Signing time: Thu 04 Sep 2025 08:07:56 +0000
ROA not before: Thu 04 Sep 2025 08:07:50 +0000
ROA not after: Sat 11 Oct 2025 08:07:50 +0000
asID: 6079
IP address blocks: 156.237.16.0/20 maxlen: 24
156.237.32.0/19 maxlen: 24
156.237.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96310 (0x17836)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 08:07:50 2025 GMT
Not After : Oct 11 08:07:50 2025 GMT
Subject: CN=68b948db-55f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:07:bd:64:40:f2:c4:d3:86:c9:6d:12:13:f0:
b9:c9:b3:19:39:0d:2d:fb:d5:b6:14:ab:ad:86:32:
ce:e8:98:4a:f9:7e:6c:10:34:b9:e3:db:06:81:c1:
92:4f:78:36:c8:87:4e:f7:0b:2e:45:21:81:fd:c5:
48:cd:e1:47:6d:9e:7e:bc:bf:e3:e3:94:18:5b:89:
2e:41:7d:05:2b:91:c0:fb:27:f2:1b:e5:36:c6:ed:
fc:34:5e:a9:61:ea:fa:50:3b:50:52:a8:a5:51:45:
72:8f:ca:43:0d:0a:d8:c8:bc:30:b7:89:66:e8:99:
6f:e8:9b:cd:8c:45:c1:2d:0d:11:cc:82:c6:71:bd:
b8:e8:32:17:05:c1:e2:ed:a7:ec:4a:27:b1:68:7e:
43:15:56:fb:de:a8:ac:4e:b6:3f:4d:d5:8c:d9:39:
ca:23:6a:1f:91:3c:ca:87:9c:15:17:78:b5:cb:eb:
4f:72:d2:39:3a:08:9c:20:0b:15:e0:93:1b:5d:ac:
aa:9b:23:db:f3:24:da:c1:c9:b6:f7:d3:3e:19:7d:
f5:b9:a0:50:d7:cf:e5:eb:e8:ee:0e:6f:f8:23:2d:
30:b5:7a:dd:1f:30:ee:ee:a4:06:97:2c:58:82:12:
93:40:9c:e1:38:ca:ad:c0:19:6d:bc:1d:fa:1e:84:
c8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D0:1B:73:43:1D:EE:53:4B:56:EB:1C:2B:75:7E:6B:77:5E:B3:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/42F1FEC2896611F0805A4992DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.16.0-156.237.63.255
156.237.96.0/21
Signature Algorithm: sha256WithRSAEncryption
0e:a2:9f:3a:9c:0c:06:8b:25:cc:59:58:79:90:6f:48:32:76:
14:e5:23:10:0f:fe:bd:79:51:a4:25:70:7f:bb:e8:c3:d9:a7:
b2:f9:ef:cd:e8:e2:c2:89:79:bb:31:f9:f8:86:7f:65:ce:bd:
ed:02:67:f3:f2:c3:55:3d:fc:97:26:0f:0a:fc:ad:f6:53:cf:
95:86:fe:2c:2e:04:c4:3f:34:f7:02:ec:49:2c:63:9a:ed:a6:
a6:e5:8d:7e:76:75:59:4e:b1:5a:d5:bf:bd:d5:62:46:a4:30:
a1:35:f0:79:16:1b:6c:72:7a:f5:1b:b8:be:5c:6a:46:84:0f:
44:b0:a0:1d:36:9c:50:9d:a5:e7:8e:2a:41:f4:b3:01:54:6b:
9f:ee:63:77:a1:2a:35:a3:c4:a1:e6:51:fa:20:35:47:f3:bb:
3d:c1:57:a2:72:8b:bd:21:52:b4:89:70:03:13:9f:fa:77:72:
4c:93:a5:fd:50:3e:e0:8a:14:24:6a:0b:54:bb:8d:65:e3:20:
77:55:fd:0e:2e:0a:1c:b2:3e:d8:81:c5:e8:98:10:6a:48:4f:
83:db:cd:f9:f9:b6:17:9b:3b:e6:c6:b1:f9:83:3b:cd:03:ec:
9f:a9:10:7e:b4:eb:d7:d2:c8:87:03:fb:5c:e4:37:37:62:c6:
f5:76:89:aa
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAXg2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA0MDgwNzUwWhcNMjUxMDExMDgwNzUwWjAYMRYw
FAYDVQQDEw02OGI5NDhkYi01NWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsge9ZEDyxNOGyW0SE/C5ybMZOQ0t+9W2FKuthjLO6JhK+X5sEDS549sG
gcGST3g2yIdO9wsuRSGB/cVIzeFHbZ5+vL/j45QYW4kuQX0FK5HA+yfyG+U2xu38
NF6pYer6UDtQUqilUUVyj8pDDQrYyLwwt4lm6Jlv6JvNjEXBLQ0RzILGcb246DIX
BcHi7afsSiexaH5DFVb73qisTrY/TdWM2TnKI2ofkTzKh5wVF3i1y+tPctI5Ogic
IAsV4JMbXayqmyPb8yTawcm299M+GX31uaBQ18/l6+juDm/4Iy0wtXrdHzDu7qQG
lyxYghKTQJzhOMqtwBltvB36HoTIQQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDDQ
G3NDHe5TS1brHCt1fmt3XrNFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MkYxRkVDMjg5NjYxMUYwODA1QTQ5OTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBASc7RADBAac7QADBAOc7WAw
DQYJKoZIhvcNAQELBQADggEBAA6inzqcDAaLJcxZWHmQb0gydhTlIxAP/r15UaQl
cH+76MPZp7L5783o4sKJebsx+fiGf2XOve0CZ/Pyw1U9/JcmDwr8rfZTz5WG/iwu
BMQ/NPcC7EksY5rtpqbljX52dVlOsVrVv73VYkakMKE18HkWG2xyevUbuL5cakaE
D0SwoB02nFCdpeeOKkH0swFUa5/uY3ehKjWjxKHmUfogNUfzuz3BV6Jyi70hUrSJ
cAMTn/p3ckyTpf1QPuCKFCRqC1S7jWXjIHdV/Q4uChyyPtiBxeiYEGpIT4Pbzfn5
thebO+bGsfmDO80D7J+pEH6069fSyIcD+1zkNzdixvV2iao=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:25:55 2025 by rpki-client