Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F55E4B0844511F0BEF77D9EDAE4EC9C.roa
File: 4F55E4B0844511F0BEF77D9EDAE4EC9C.roa (raw, json)
Hash identifier: VBDQNboYmYaXL1ypJU7d2AuA+uFMEJrzX4fD9oPPXX0=
Subject key identifier: B0:70:9B:ED:37:C5:52:49:6B:9D:7E:21:22:D5:FF:01:4E:C8:F7:1D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0172DF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F55E4B0844511F0BEF77D9EDAE4EC9C.roa
Signing time: Thu 28 Aug 2025 19:29:27 +0000
ROA not before: Thu 28 Aug 2025 19:29:21 +0000
ROA not after: Wed 26 Nov 2025 19:29:21 +0000
asID: 9294
IP address blocks: 156.239.64.0/18 maxlen: 24
156.244.160.0/19 maxlen: 24
156.247.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94943 (0x172df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 28 19:29:21 2025 GMT
Not After : Nov 26 19:29:21 2025 GMT
Subject: CN=68b0ae17-76c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ee:9c:ae:c5:d1:98:6c:24:ca:5d:08:9e:3f:
c1:f9:a7:ee:0e:93:d3:ce:cb:3f:76:91:5f:bb:dd:
81:65:53:c7:29:6b:90:df:69:08:ef:7b:cf:26:a0:
16:bc:b2:bf:29:77:6f:a9:13:d0:62:a5:cf:c2:25:
08:ab:8e:0d:1d:c4:82:a2:25:ea:ab:cf:ae:d8:14:
33:f8:94:32:7f:63:91:85:92:e3:4e:71:51:4d:22:
ba:85:88:58:16:67:af:0e:d8:c1:9d:55:94:08:bf:
50:ff:5b:7e:c6:5c:bc:24:c5:51:5a:5b:ec:21:3a:
a9:01:61:d6:18:6e:48:f5:2b:73:5d:82:28:27:03:
18:2f:5a:14:5a:b0:1c:20:23:59:4c:3d:62:10:71:
40:fc:fe:e8:ad:54:73:ab:90:e3:07:b1:45:80:66:
bf:ba:10:48:6e:e4:4d:4a:51:a2:e5:ac:4e:af:ea:
e1:30:3b:db:59:02:97:74:21:d3:88:8d:b3:8f:af:
4a:1d:0b:90:ea:a9:2a:58:de:c1:45:ab:69:55:84:
e9:2a:5e:a2:ab:2e:e8:14:76:e4:08:80:57:cf:3c:
b4:c8:29:3b:d5:81:aa:a4:19:af:44:d5:7b:90:ba:
c0:0f:3e:ce:54:25:71:0a:5c:b3:57:37:2f:53:85:
c2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:70:9B:ED:37:C5:52:49:6B:9D:7E:21:22:D5:FF:01:4E:C8:F7:1D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F55E4B0844511F0BEF77D9EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.64.0/18
156.244.160.0/19
156.247.64.0/18
Signature Algorithm: sha256WithRSAEncryption
5d:a4:b5:86:0b:5a:1d:d2:5d:2d:2f:dd:c6:e2:16:39:ce:ee:
99:33:5c:3e:54:34:27:41:fd:d4:f6:c7:18:2e:41:01:18:28:
fe:63:94:96:4f:95:08:a2:c3:09:b5:70:9c:21:b9:e0:70:b0:
04:10:a6:cb:77:1c:df:66:a6:22:d2:70:69:6d:2d:e5:78:8d:
d7:fc:be:38:82:c5:e3:96:b0:68:77:40:60:e1:b2:15:16:51:
62:49:6b:91:4b:9f:dd:fa:8c:f2:84:1e:02:a6:fa:0c:f7:64:
3a:02:ca:c8:73:af:f0:bc:c4:42:7a:a9:33:3e:76:ba:94:14:
7c:d7:58:79:ac:6c:fa:32:7b:fa:df:0b:7c:78:96:90:fc:8a:
6f:d5:44:e4:dd:20:56:57:b8:b8:8f:04:04:bc:1d:5c:1f:00:
6c:dd:b8:89:ee:93:30:a8:50:8c:fc:5c:6a:46:9f:13:29:55:
87:b8:a9:b0:d0:92:15:3a:10:ae:1b:97:98:1d:7c:82:b7:86:
a3:bb:c8:90:bc:d8:b5:5b:ba:20:f2:e9:ca:b3:02:74:8c:1c:
3f:ad:cd:57:e2:09:46:18:43:be:1d:c8:c7:62:12:d8:56:8b:
ca:a1:d3:a2:46:75:93:12:de:d0:94:b9:c5:ed:c7:72:04:e2:
5f:f0:e4:f7
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAXLfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI4MTkyOTIxWhcNMjUxMTI2MTkyOTIxWjAYMRYw
FAYDVQQDEw02OGIwYWUxNy03NmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0u6crsXRmGwkyl0Inj/B+afuDpPTzss/dpFfu92BZVPHKWuQ32kI73vP
JqAWvLK/KXdvqRPQYqXPwiUIq44NHcSCoiXqq8+u2BQz+JQyf2ORhZLjTnFRTSK6
hYhYFmevDtjBnVWUCL9Q/1t+xly8JMVRWlvsITqpAWHWGG5I9StzXYIoJwMYL1oU
WrAcICNZTD1iEHFA/P7orVRzq5DjB7FFgGa/uhBIbuRNSlGi5axOr+rhMDvbWQKX
dCHTiI2zj69KHQuQ6qkqWN7BRatpVYTpKl6iqy7oFHbkCIBXzzy0yCk71YGqpBmv
RNV7kLrADz7OVCVxClyzVzcvU4XC2wIDAQABo4ICrjCCAqowHQYDVR0OBBYEFLBw
m+03xVJJa51+ISLV/wFOyPcdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RjU1RTRCMDg0NDUxMUYwQkVGNzdEOUVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGnO9AAwQFnPSgAwQGnPdAMA0G
CSqGSIb3DQEBCwUAA4IBAQBdpLWGC1od0l0tL93G4hY5zu6ZM1w+VDQnQf3U9scY
LkEBGCj+Y5SWT5UIosMJtXCcIbngcLAEEKbLdxzfZqYi0nBpbS3leI3X/L44gsXj
lrBod0Bg4bIVFlFiSWuRS5/d+ozyhB4CpvoM92Q6AsrIc6/wvMRCeqkzPna6lBR8
11h5rGz6Mnv63wt8eJaQ/Ipv1UTk3SBWV7i4jwQEvB1cHwBs3biJ7pMwqFCM/Fxq
Rp8TKVWHuKmw0JIVOhCuG5eYHXyCt4aju8iQvNi1W7og8unKswJ0jBw/rc1X4glG
GEO+HcjHYhLYVovKodOiRnWTEt7QlLnF7cdyBOJf8OT3
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:46 2025 by rpki-client