Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48B70EBC83EC11F099A901E0DAE4EC9C.roa
File: 48B70EBC83EC11F099A901E0DAE4EC9C.roa (raw, json)
Hash identifier: ZtXKfXV5xSKz4UUZ1W7vXajqngVzubkWjOcaJen7huk=
Subject key identifier: CD:E9:F9:AC:16:FB:CD:94:6A:24:80:4D:25:E6:F7:B1:11:CA:65:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017253
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48B70EBC83EC11F099A901E0DAE4EC9C.roa
Signing time: Thu 28 Aug 2025 08:52:11 +0000
ROA not before: Thu 28 Aug 2025 08:52:06 +0000
ROA not after: Tue 30 Sep 2025 08:52:06 +0000
asID: 137547
IP address blocks: 156.245.242.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94803 (0x17253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 28 08:52:06 2025 GMT
Not After : Sep 30 08:52:06 2025 GMT
Subject: CN=68b018bb-47d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:36:9b:0c:c9:87:38:74:13:06:58:14:af:e4:
60:7b:c2:bd:99:3f:5d:a1:ee:78:c1:ba:4c:92:37:
4d:3e:50:8a:1d:55:5f:8b:3f:1e:77:ba:fd:52:42:
7e:cf:0d:32:26:ff:fd:76:75:59:f4:e1:63:34:6f:
08:b4:c8:1b:9b:c6:25:fd:9a:26:21:d8:fa:ba:c9:
49:03:1b:e3:96:1b:7a:fe:a6:c5:01:6d:f6:54:ec:
f9:af:f9:2d:50:c0:6d:1e:08:b2:a4:5a:e9:00:54:
bf:13:c4:5a:d4:4d:f2:85:df:de:48:a4:40:80:f8:
eb:6b:22:a0:55:72:bc:47:f3:17:a4:ef:14:46:23:
67:83:27:3e:43:5c:fe:5a:04:9f:60:c3:2a:9b:5d:
47:4f:ae:ae:ca:96:a1:65:ad:13:80:fd:63:4e:c1:
77:47:42:b7:4d:d9:cf:d8:5c:5c:47:4a:7d:c8:f6:
33:14:af:83:b1:e5:ee:09:3d:ca:25:67:a4:1b:82:
bb:2e:f4:8e:5d:27:07:7a:7e:d3:dd:9d:3c:bf:61:
0f:e1:49:78:a2:8c:01:9c:37:21:9c:f4:83:58:44:
4d:39:16:b5:ce:e6:24:96:e5:97:19:ae:19:e1:13:
f8:6c:8e:17:00:bf:12:37:6a:6e:e1:d6:a8:72:48:
7a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E9:F9:AC:16:FB:CD:94:6A:24:80:4D:25:E6:F7:B1:11:CA:65:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/48B70EBC83EC11F099A901E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.242.0/23
Signature Algorithm: sha256WithRSAEncryption
00:04:86:7e:0c:79:3b:86:64:d4:c7:65:6c:be:f0:ea:3c:86:
b1:df:8b:6d:fb:7d:81:4e:7c:f7:da:4e:59:7d:35:94:12:cb:
d2:19:ab:89:9a:51:fd:bb:2d:0f:74:85:d7:d7:71:18:fe:13:
2c:90:9f:c0:76:e9:10:5a:2f:d7:73:d5:32:5c:bc:55:7a:74:
45:6a:c9:fc:63:41:9f:97:21:be:c9:83:04:33:6b:cf:af:f9:
69:d0:67:a0:8e:7a:02:de:ba:a8:89:bd:7b:18:57:6d:ce:13:
8c:4d:ec:64:63:dc:2a:76:28:f7:a5:c9:c1:a1:ac:de:2d:45:
b4:6b:e1:8a:5c:7a:61:b5:50:51:08:1e:c2:6a:c9:23:81:02:
cb:31:57:85:e4:b8:0f:1d:fc:e9:5a:65:4b:94:cf:ad:26:3a:
be:65:4b:f0:d7:1d:db:66:6c:56:b4:89:a6:e2:36:d7:53:a7:
38:61:fa:56:5e:6d:5f:e4:81:54:da:1d:cf:ba:87:e4:a6:70:
ed:9d:6c:11:23:da:71:bb:57:fc:bd:ba:c3:a9:3f:f9:07:8a:
4d:03:85:26:fc:6e:a8:b4:2d:2e:06:6f:e3:f5:70:ab:dc:14:
37:2a:cc:a3:f1:1b:0c:2d:d4:85:cb:bd:6a:9b:9d:20:9a:fa:
35:67:af:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXJTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI4MDg1MjA2WhcNMjUwOTMwMDg1MjA2WjAYMRYw
FAYDVQQDEw02OGIwMThiYi00N2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTabDMmHOHQTBlgUr+Rge8K9mT9doe54wbpMkjdNPlCKHVVfiz8ed7r9
UkJ+zw0yJv/9dnVZ9OFjNG8ItMgbm8Yl/ZomIdj6uslJAxvjlht6/qbFAW32VOz5
r/ktUMBtHgiypFrpAFS/E8Ra1E3yhd/eSKRAgPjrayKgVXK8R/MXpO8URiNngyc+
Q1z+WgSfYMMqm11HT66uypahZa0TgP1jTsF3R0K3TdnP2FxcR0p9yPYzFK+DseXu
CT3KJWekG4K7LvSOXScHen7T3Z08v2EP4Ul4oowBnDchnPSDWERNORa1zuYkluWX
Ga4Z4RP4bI4XAL8SN2pu4daockh6hQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM3p
+awW+82UaiSATSXm97ERymW5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OEI3MEVCQzgzRUMxMUYwOTlBOTAxRTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXyMA0GCSqGSIb3DQEBCwUA
A4IBAQAABIZ+DHk7hmTUx2VsvvDqPIax34tt+32BTnz32k5ZfTWUEsvSGauJmlH9
uy0PdIXX13EY/hMskJ/AdukQWi/Xc9UyXLxVenRFasn8Y0GflyG+yYMEM2vPr/lp
0GegjnoC3rqoib17GFdtzhOMTexkY9wqdij3pcnBoazeLUW0a+GKXHphtVBRCB7C
askjgQLLMVeF5LgPHfzpWmVLlM+tJjq+ZUvw1x3bZmxWtImm4jbXU6c4YfpWXm1f
5IFU2h3PuofkpnDtnWwRI9pxu1f8vbrDqT/5B4pNA4Um/G6otC0uBm/j9XCr3BQ3
Ksyj8RsMLdSFy71qm50gmvo1Z6+d
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:22:30 2025 by rpki-client