Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/680F926C9DD111F0B374138FDAE4EC9C.roa
File: 680F926C9DD111F0B374138FDAE4EC9C.roa (raw, json)
Hash identifier: EuFd4Lt75UC/9y0b2cVqE1GUbU20Q2w3l2YLKQ9JzWI=
Subject key identifier: 77:4C:01:24:2D:43:BC:17:F5:7B:F8:A0:9C:BE:A2:B7:87:E2:CF:61
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017E17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/680F926C9DD111F0B374138FDAE4EC9C.roa
Signing time: Tue 30 Sep 2025 07:45:17 +0000
ROA not before: Tue 30 Sep 2025 07:45:12 +0000
ROA not after: Fri 31 Oct 2025 07:45:12 +0000
asID: 44559
IP address blocks: 156.243.232.0/24 maxlen: 24
156.244.209.0/24 maxlen: 24
156.244.210.0/24 maxlen: 24
156.244.211.0/24 maxlen: 24
156.248.6.0/24 maxlen: 24
156.248.7.0/24 maxlen: 24
156.248.20.0/24 maxlen: 24
156.248.21.0/24 maxlen: 24
156.248.23.0/24 maxlen: 24
156.249.19.0/24 maxlen: 24
156.249.80.0/24 maxlen: 24
156.249.81.0/24 maxlen: 24
156.249.83.0/24 maxlen: 24
156.249.97.0/24 maxlen: 24
156.249.98.0/24 maxlen: 24
156.249.99.0/24 maxlen: 24
156.249.100.0/24 maxlen: 24
156.249.103.0/24 maxlen: 24
156.249.112.0/24 maxlen: 24
156.249.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97815 (0x17e17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 30 07:45:12 2025 GMT
Not After : Oct 31 07:45:12 2025 GMT
Subject: CN=68db8a8d-248d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bc:de:c9:dc:7c:fc:dd:69:7f:1d:0a:2f:ea:
1e:f0:43:a3:f2:e6:a4:5f:83:c6:96:32:2c:14:b4:
fd:c5:78:fb:9a:ab:68:2f:1e:3a:e7:82:85:1f:2b:
d6:8c:4f:1c:bf:b5:b5:a4:b5:66:22:a0:cf:b9:be:
b0:42:76:12:f4:9f:9a:bf:c4:1d:0b:52:30:1c:8d:
51:e0:8a:0c:8b:e2:f9:e3:43:8a:a0:9c:8c:93:07:
a2:41:02:f2:83:86:fb:6f:43:51:ca:d2:ae:f0:88:
c1:a2:3b:08:36:4a:bf:86:51:89:25:61:26:d8:97:
f6:86:9e:9f:98:1c:e4:26:ef:b4:68:58:ae:d7:0b:
4d:3c:f0:a8:af:8f:8a:9f:a5:e5:1a:2a:ea:88:1f:
9b:1d:8a:8c:9f:a1:db:8b:4b:af:ed:44:4e:a5:a2:
e6:fa:c2:82:16:27:4c:ab:87:ff:27:af:ca:72:52:
bc:85:ef:fd:71:24:45:10:6f:64:4b:30:4e:ad:a7:
78:b6:2c:b8:98:da:00:3e:90:da:3e:2d:a1:71:23:
72:25:a7:d1:33:92:40:45:07:27:34:07:c3:5e:b4:
24:ac:65:76:94:0d:6c:c7:52:72:55:3c:c7:2b:3a:
f1:f5:c2:fe:f7:67:be:19:8e:7b:4a:c6:ca:11:50:
2d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:4C:01:24:2D:43:BC:17:F5:7B:F8:A0:9C:BE:A2:B7:87:E2:CF:61
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/680F926C9DD111F0B374138FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.232.0/24
156.244.209.0-156.244.211.255
156.248.6.0/23
156.248.20.0/23
156.248.23.0/24
156.249.19.0/24
156.249.80.0/23
156.249.83.0/24
156.249.97.0-156.249.100.255
156.249.103.0/24
156.249.112.0/23
Signature Algorithm: sha256WithRSAEncryption
66:1e:3f:76:7d:a4:7e:83:34:20:c3:09:29:b1:ec:cb:13:5b:
e0:a1:44:d7:c7:b5:9d:10:11:19:53:c0:04:88:90:2b:04:93:
15:5c:ff:62:4b:c9:a7:5a:36:62:77:52:f2:e8:6d:0d:ac:a5:
aa:f8:cf:c1:c4:be:b1:30:f4:8b:e4:57:aa:6d:52:ad:1b:95:
89:41:c9:f9:56:e5:6e:3c:c9:a0:c4:ff:9b:8e:ba:2e:b4:7b:
78:6c:28:ed:52:63:f0:cd:81:07:ed:ff:bc:57:6d:81:62:0b:
2b:09:9e:ac:13:2c:07:b6:d3:78:ca:6a:4c:48:f1:9b:2b:65:
43:fd:8a:70:5d:5a:8d:6e:0c:c0:ae:34:10:25:bc:2c:61:87:
d6:34:63:39:c2:d9:60:c2:0f:4f:3d:88:73:20:69:ca:5a:4b:
be:5f:c7:8a:e7:a8:d5:26:72:04:4a:3b:54:51:fe:a2:8a:4e:
28:5e:b4:df:10:62:0d:95:71:fb:6e:c8:98:6e:68:43:c7:7a:
3d:fe:74:f1:1b:91:d6:8b:7f:17:eb:a0:ac:e6:d9:74:e4:59:
c0:9b:b4:7d:f2:0b:0a:94:85:39:4c:40:86:b9:7c:e8:69:22:
6a:f7:11:f4:d8:02:86:54:86:f4:0c:2d:15:a8:4a:48:48:b3:
2f:2c:10:65
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIDAX4XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTMwMDc0NTEyWhcNMjUxMDMxMDc0NTEyWjAYMRYw
FAYDVQQDEw02OGRiOGE4ZC0yNDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxrzeydx8/N1pfx0KL+oe8EOj8uakX4PGljIsFLT9xXj7mqtoLx4654KF
HyvWjE8cv7W1pLVmIqDPub6wQnYS9J+av8QdC1IwHI1R4IoMi+L540OKoJyMkwei
QQLyg4b7b0NRytKu8IjBojsINkq/hlGJJWEm2Jf2hp6fmBzkJu+0aFiu1wtNPPCo
r4+Kn6XlGirqiB+bHYqMn6Hbi0uv7UROpaLm+sKCFidMq4f/J6/KclK8he/9cSRF
EG9kSzBOrad4tiy4mNoAPpDaPi2hcSNyJafRM5JARQcnNAfDXrQkrGV2lA1sx1Jy
VTzHKzrx9cL+92e+GY57SsbKEVAtuwIDAQABo4IC7jCCAuowHQYDVR0OBBYEFHdM
ASQtQ7wX9Xv4oJy+oreH4s9hMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82ODBGOTI2QzlERDExMUYwQjM3NDEzOEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAnPPoMAwDBACc9NEDBAKc9NAD
BAGc+AYDBAGc+BQDBACc+BcDBACc+RMDBAGc+VADBACc+VMwDAMEAJz5YQMEAJz5
ZAMEAJz5ZwMEAZz5cDANBgkqhkiG9w0BAQsFAAOCAQEAZh4/dn2kfoM0IMMJKbHs
yxNb4KFE18e1nRARGVPABIiQKwSTFVz/YkvJp1o2YndS8uhtDaylqvjPwcS+sTD0
i+RXqm1SrRuViUHJ+VblbjzJoMT/m466LrR7eGwo7VJj8M2BB+3/vFdtgWILKwme
rBMsB7bTeMpqTEjxmytlQ/2KcF1ajW4MwK40ECW8LGGH1jRjOcLZYMIPTz2IcyBp
ylpLvl/Hiueo1SZyBEo7VFH+oopOKF603xBiDZVx+27ImG5oQ8d6Pf508RuR1ot/
F+ugrObZdORZwJu0ffILCpSFOUxAhrl86GkiavcR9NgChlSG9AwtFahKSEizLywQ
ZQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:52 2025 by rpki-client