Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67D72B34832311F0A20E5BBADAE4EC9C.roa
File: 67D72B34832311F0A20E5BBADAE4EC9C.roa (raw, json)
Hash identifier: n+WqPT8f3geIwwIXhYHzRqstB6+BtQCdFUDl6V0yRAo=
Subject key identifier: 35:68:99:8D:A6:4B:8B:79:09:CB:09:DC:69:57:75:74:B9:C2:66:EB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017153
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67D72B34832311F0A20E5BBADAE4EC9C.roa
Signing time: Wed 27 Aug 2025 08:54:14 +0000
ROA not before: Wed 27 Aug 2025 08:54:07 +0000
ROA not after: Tue 30 Sep 2025 08:54:07 +0000
asID: 152092
IP address blocks: 156.245.198.0/24 maxlen: 24
156.245.199.0/24 maxlen: 24
156.245.200.0/22 maxlen: 24
156.245.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94547 (0x17153)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 27 08:54:07 2025 GMT
Not After : Sep 30 08:54:07 2025 GMT
Subject: CN=68aec7b6-77f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:34:7e:ac:9e:c7:a4:de:a4:5c:8e:43:8b:8c:
4b:ab:46:5e:2a:a3:63:e3:a9:87:52:be:90:67:29:
12:53:dd:aa:1d:b7:b0:45:68:7a:a6:46:35:c0:e3:
5a:c1:11:c5:36:d6:ad:48:0a:f4:21:d6:f5:29:b5:
fe:e7:93:95:04:b0:fd:eb:87:49:1d:71:42:22:5a:
35:74:e3:e9:90:c9:66:fd:83:ae:fc:28:62:d8:73:
e4:32:2d:2e:ef:cb:ae:b4:44:51:b5:b6:73:62:9b:
a9:d7:e8:27:3d:c6:78:d1:90:4f:21:b1:97:b0:86:
f8:0b:27:b0:a3:31:88:92:5c:7e:df:7b:b0:ee:08:
3e:60:00:2f:e3:9d:af:cb:1c:cf:44:1a:7c:80:ba:
8d:a2:e5:7b:61:da:dc:fe:e9:10:30:ba:04:47:0e:
21:84:0d:23:75:ad:e4:6d:77:8a:40:5a:fe:6c:d7:
b6:cc:40:85:8a:a8:20:7f:1b:7b:db:ca:08:76:ea:
4a:c7:ce:7e:ff:90:e2:1b:c3:ca:80:d7:87:e3:32:
49:4c:88:c3:d5:54:c6:8e:51:2a:74:c0:13:52:cf:
a9:66:ec:ba:d8:44:b5:ff:3d:86:96:e8:33:02:59:
92:67:c3:b4:1c:0d:be:bb:3c:9e:c6:97:ab:ca:43:
19:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:68:99:8D:A6:4B:8B:79:09:CB:09:DC:69:57:75:74:B9:C2:66:EB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67D72B34832311F0A20E5BBADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.198.0-156.245.203.255
156.245.209.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:cd:b4:1a:ec:da:b3:4e:a0:cc:1c:69:f1:88:48:ad:61:d3:
3e:2e:8d:19:6a:9b:cc:af:9f:95:06:39:ad:4e:32:88:9a:97:
62:ce:89:cf:b2:9b:a4:08:fa:69:3f:1b:5f:a0:2c:80:ac:50:
88:bf:ca:d1:b0:2a:9f:85:03:0d:13:b8:8d:de:2b:73:0a:72:
65:99:96:03:4b:2e:ec:d4:51:69:c4:98:45:e1:a3:2e:dc:90:
fb:cd:09:dd:ac:0d:cd:2e:c2:c8:5b:b4:42:1f:52:42:cb:74:
e2:12:1f:6b:33:94:a4:4a:f7:f0:90:4c:31:06:ff:e1:07:b7:
4c:05:8b:68:61:12:c0:df:d5:bf:9c:f1:a9:6a:41:71:83:e5:
4c:d7:4b:d2:8c:11:c5:fe:44:49:3c:b5:1c:b0:61:a6:94:9e:
80:f0:09:32:f0:66:ad:89:1d:e2:f1:2a:d6:42:a1:60:4a:ba:
66:a9:42:21:d5:64:20:df:65:bb:d8:02:d0:ec:fd:87:f2:43:
e3:fd:cd:23:c9:02:ae:b3:50:3d:37:0b:8d:0f:56:fc:e8:4a:
a2:fe:2d:fb:d9:25:2d:b2:ee:e2:94:37:71:65:39:4c:11:86:
13:fa:d3:bf:fa:c4:64:07:a9:4c:71:fa:84:90:ab:f0:f7:9c:
83:af:93:4e
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAXFTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI3MDg1NDA3WhcNMjUwOTMwMDg1NDA3WjAYMRYw
FAYDVQQDEw02OGFlYzdiNi03N2Y1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzzR+rJ7HpN6kXI5Di4xLq0ZeKqNj46mHUr6QZykSU92qHbewRWh6pkY1
wONawRHFNtatSAr0Idb1KbX+55OVBLD964dJHXFCIlo1dOPpkMlm/YOu/Chi2HPk
Mi0u78uutERRtbZzYpup1+gnPcZ40ZBPIbGXsIb4CyewozGIklx+33uw7gg+YAAv
452vyxzPRBp8gLqNouV7Ydrc/ukQMLoERw4hhA0jda3kbXeKQFr+bNe2zECFiqgg
fxt728oIdupKx85+/5DiG8PKgNeH4zJJTIjD1VTGjlEqdMATUs+pZuy62ES1/z2G
lugzAlmSZ8O0HA2+uzyexperykMZ/QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDVo
mY2mS4t5CcsJ3GlXdXS5wmbrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0Q3MkIzNDgzMjMxMUYwQTIwRTVCQkFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGc9cYDBAKc9cgDBACc9dEw
DQYJKoZIhvcNAQELBQADggEBAB3NtBrs2rNOoMwcafGISK1h0z4ujRlqm8yvn5UG
Oa1OMoial2LOic+ym6QI+mk/G1+gLICsUIi/ytGwKp+FAw0TuI3eK3MKcmWZlgNL
LuzUUWnEmEXhoy7ckPvNCd2sDc0uwshbtEIfUkLLdOISH2szlKRK9/CQTDEG/+EH
t0wFi2hhEsDf1b+c8alqQXGD5UzXS9KMEcX+REk8tRywYaaUnoDwCTLwZq2JHeLx
KtZCoWBKumapQiHVZCDfZbvYAtDs/YfyQ+P9zSPJAq6zUD03C40PVvzoSqL+LfvZ
JS2y7uKUN3FlOUwRhhP607/6xGQHqUxx+oSQq/D3nIOvk04=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:24:32 2025 by rpki-client