Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63E05392889211F0ADD0B5AEDAE4EC9C.roa
File: 63E05392889211F0ADD0B5AEDAE4EC9C.roa (raw, json)
Hash identifier: UmqkjV8pAqKsKZf8VeRak5zOf0seNNB5kBfAthXocTs=
Subject key identifier: BD:F9:B8:33:E2:41:FB:16:B5:A4:B6:7A:4B:01:8D:F7:1D:CA:E5:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017738
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63E05392889211F0ADD0B5AEDAE4EC9C.roa
Signing time: Wed 03 Sep 2025 06:51:17 +0000
ROA not before: Wed 03 Sep 2025 06:51:13 +0000
ROA not after: Thu 02 Oct 2025 06:51:13 +0000
asID: 5650
IP address blocks: 156.225.56.0/21 maxlen: 24
156.225.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96056 (0x17738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 3 06:51:13 2025 GMT
Not After : Oct 2 06:51:13 2025 GMT
Subject: CN=68b7e565-246d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:b2:08:5c:56:38:67:08:c7:5a:8d:f3:d0:
1b:f4:c6:61:a4:a7:37:88:2a:a4:25:85:03:63:4e:
ff:e4:22:6d:be:bd:3f:71:fa:c7:f7:b9:56:7c:a1:
aa:9e:c6:8a:34:0f:4f:7f:23:e2:63:ae:70:7e:95:
a1:e5:ac:c4:0d:ba:54:a4:b4:4e:2d:7f:cc:3f:79:
0b:61:a5:c3:ce:70:27:34:89:60:6b:9d:cf:93:04:
13:76:eb:9a:09:fd:af:63:b4:11:a1:d7:8f:d3:44:
08:fc:0d:1e:19:f6:ea:0a:8e:66:75:e4:8e:4d:cf:
57:31:a0:0f:3c:be:81:d2:2a:97:bf:7e:c4:f2:20:
a5:f3:88:00:01:74:77:e7:30:df:b1:35:3a:0a:8f:
58:da:7a:00:fe:ac:07:f5:49:be:c1:c5:28:23:cc:
17:67:54:17:3a:30:79:c9:67:76:55:8f:77:a2:96:
f0:c5:75:96:6c:35:e5:94:85:44:ff:5e:ee:02:b0:
e8:8c:8a:ba:e5:26:35:99:f6:f5:e5:02:1d:ee:f2:
88:d5:af:0d:76:cc:ca:fc:ef:76:4a:f6:12:e6:72:
2a:c8:a4:79:67:ca:82:66:5c:ab:44:c9:bd:1e:47:
7b:74:50:ef:df:d9:27:d5:5e:e6:ec:89:1a:a2:05:
19:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:F9:B8:33:E2:41:FB:16:B5:A4:B6:7A:4B:01:8D:F7:1D:CA:E5:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/63E05392889211F0ADD0B5AEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.56.0/21
156.225.184.0/21
Signature Algorithm: sha256WithRSAEncryption
63:eb:b2:6a:7d:22:17:5a:8c:19:77:17:83:ac:6e:f0:62:7a:
3d:99:28:48:d3:76:5b:65:c9:69:92:e8:83:ae:ae:04:9f:2d:
9d:bd:4e:4b:2b:df:02:3c:78:04:99:8d:66:ce:40:e1:f0:d9:
37:5b:4c:ef:95:1a:a7:4c:24:7b:9c:64:ad:a2:60:1d:1e:32:
20:6d:51:34:fc:19:84:f0:ba:11:d2:47:97:ae:a6:05:09:ee:
3b:5d:6b:8a:2b:d4:a5:46:88:a2:60:5f:1d:5d:b1:00:6b:86:
bc:46:4a:d0:bc:ff:7a:32:62:db:f8:c9:7d:57:15:1a:dc:bc:
d0:24:b8:17:a7:fa:9c:10:e9:81:6a:6d:e0:f5:ac:fa:fc:15:
63:11:3d:65:16:d1:c9:aa:a3:a7:ef:bc:b2:75:34:2d:19:1b:
aa:05:26:e0:b8:5e:03:7e:5e:c9:23:c9:bb:66:7a:cc:ff:0c:
81:ba:e2:d7:f8:02:5e:aa:5c:e1:35:8d:aa:90:b3:e1:76:81:
07:3d:b6:4b:0d:e2:fa:9b:fe:fe:ea:ce:a6:8f:5e:b7:a7:69:
3d:90:e7:7c:19:25:94:1d:da:52:9d:45:4f:17:2f:19:24:8b:
ca:7b:ce:f5:5d:2f:da:77:3e:d8:25:ae:08:01:df:3d:46:7e:
4a:96:d2:4c
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXc4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAzMDY1MTEzWhcNMjUxMDAyMDY1MTEzWjAYMRYw
FAYDVQQDEw02OGI3ZTU2NS0yNDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzJKyCFxWOGcIx1qN89Ab9MZhpKc3iCqkJYUDY07/5CJtvr0/cfrH97lW
fKGqnsaKNA9PfyPiY65wfpWh5azEDbpUpLROLX/MP3kLYaXDznAnNIlga53PkwQT
duuaCf2vY7QRodeP00QI/A0eGfbqCo5mdeSOTc9XMaAPPL6B0iqXv37E8iCl84gA
AXR35zDfsTU6Co9Y2noA/qwH9Um+wcUoI8wXZ1QXOjB5yWd2VY93opbwxXWWbDXl
lIVE/17uArDojIq65SY1mfb15QId7vKI1a8NdszK/O92SvYS5nIqyKR5Z8qCZlyr
RMm9Hkd7dFDv39kn1V7m7IkaogUZUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL35
uDPiQfsWtaS2eksBjfcdyuURMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82M0UwNTM5Mjg4OTIxMUYwQUREMEI1QUVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnOE4AwQDnOG4MA0GCSqGSIb3
DQEBCwUAA4IBAQBj67JqfSIXWowZdxeDrG7wYno9mShI03ZbZclpkuiDrq4Eny2d
vU5LK98CPHgEmY1mzkDh8Nk3W0zvlRqnTCR7nGStomAdHjIgbVE0/BmE8LoR0keX
rqYFCe47XWuKK9SlRoiiYF8dXbEAa4a8RkrQvP96MmLb+Ml9VxUa3LzQJLgXp/qc
EOmBam3g9az6/BVjET1lFtHJqqOn77yydTQtGRuqBSbguF4Dfl7JI8m7ZnrM/wyB
uuLX+AJeqlzhNY2qkLPhdoEHPbZLDeL6m/7+6s6mj163p2k9kOd8GSWUHdpSnUVP
Fy8ZJIvKe871XS/adz7YJa4IAd89Rn5KltJM
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:35 2025 by rpki-client