Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/849E074E88A811F08A6395BADAE4EC9C.roa
File: 849E074E88A811F08A6395BADAE4EC9C.roa (raw, json)
Hash identifier: 8h2D7zN35p8t6x0xsARhaQAz57kDhkalHwUuN1UIMH0=
Subject key identifier: 85:05:19:4A:05:79:94:3C:1D:D0:58:E8:AD:29:8C:3F:F9:67:37:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017767
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/849E074E88A811F08A6395BADAE4EC9C.roa
Signing time: Wed 03 Sep 2025 09:29:41 +0000
ROA not before: Wed 03 Sep 2025 09:29:36 +0000
ROA not after: Wed 08 Oct 2025 09:29:36 +0000
asID: 200373
IP address blocks: 156.228.85.0/24 maxlen: 24
156.228.86.0/24 maxlen: 24
156.228.87.0/24 maxlen: 24
156.228.88.0/24 maxlen: 24
156.228.89.0/24 maxlen: 24
156.228.90.0/24 maxlen: 24
156.228.91.0/24 maxlen: 24
156.228.92.0/24 maxlen: 24
156.228.93.0/24 maxlen: 24
156.228.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96103 (0x17767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 3 09:29:36 2025 GMT
Not After : Oct 8 09:29:36 2025 GMT
Subject: CN=68b80a85-ab92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cf:44:4a:25:78:18:c9:e0:d6:fe:69:c6:4a:
62:97:f0:8c:02:96:66:6e:bf:65:53:40:45:e3:54:
0f:67:21:ec:e0:24:30:50:da:92:c0:cd:83:db:2a:
c4:e4:09:01:76:b8:1c:a4:d7:ba:48:c7:e1:a0:b8:
a9:7f:58:b6:78:62:85:11:85:2f:79:ed:8d:a8:12:
69:48:32:c7:97:da:4f:b3:29:48:34:7a:c8:e8:55:
ee:73:cc:bf:ee:56:60:d1:18:15:c2:5f:29:0c:63:
cf:12:e1:25:2d:b8:11:b9:9e:d5:0f:cb:57:9d:98:
61:72:ac:dc:47:6e:d7:23:9a:a4:95:f7:3a:11:15:
d7:1f:d2:ee:b0:c8:6e:d2:f1:27:c2:cb:af:06:95:
95:29:a7:96:b0:53:e8:03:d0:d2:5c:f9:02:b1:1b:
2a:ae:72:f4:fc:03:68:59:71:be:88:c1:d6:98:68:
6f:4c:90:bf:ab:a3:b5:c4:d0:17:73:00:f6:be:32:
24:70:24:52:0c:fa:14:03:e5:1f:7b:1a:15:61:07:
74:da:78:63:5b:4f:3d:6e:f7:7d:f5:f8:31:63:65:
66:ca:a9:ea:4c:55:38:d7:2e:17:43:dc:ec:93:30:
df:f0:cc:4a:e1:a8:a1:91:b6:c1:d0:75:da:f5:a2:
3b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:05:19:4A:05:79:94:3C:1D:D0:58:E8:AD:29:8C:3F:F9:67:37:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/849E074E88A811F08A6395BADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.85.0-156.228.94.255
Signature Algorithm: sha256WithRSAEncryption
17:df:ca:d7:c1:92:8e:1d:37:4e:9a:b1:75:51:6b:af:b7:98:
ac:c9:be:df:8b:cf:4f:37:da:7d:1c:ef:24:42:1d:df:56:e5:
d3:9a:41:77:1c:79:a9:f7:60:d6:2e:e4:8f:4f:4e:5f:08:77:
67:49:bc:eb:a4:2c:15:a7:c8:89:1a:b0:7c:45:1f:a9:43:8c:
5a:c8:0e:67:5a:cc:1e:5e:9c:f6:76:33:ac:94:80:d2:f9:18:
b5:87:8c:8e:c8:94:b7:a8:9b:33:16:7d:56:e9:33:69:4e:53:
bc:dd:92:a5:62:8c:dd:69:cd:ee:ca:91:64:f3:fe:df:5c:80:
b1:4f:61:04:07:06:85:56:d7:f1:79:84:0e:f4:f4:57:95:bb:
9e:c5:be:a0:f5:76:d3:53:0c:51:58:01:c6:c3:ad:81:b1:98:
1f:13:ce:95:98:bf:b8:ab:96:26:4a:31:25:3c:7a:b8:8f:3e:
65:04:c7:da:6e:3d:08:92:9a:cd:24:18:07:33:ed:c2:c9:69:
77:3e:61:d8:1f:0a:09:9c:15:25:a7:b0:a1:7d:17:cc:26:ae:
e6:2a:f0:4f:14:63:23:a2:5a:05:90:6c:8d:d4:3f:59:e7:bf:
67:a8:e9:37:28:2e:5b:8f:14:70:87:99:92:70:b6:50:a0:9f:
e2:bd:20:7c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAXdnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAzMDkyOTM2WhcNMjUxMDA4MDkyOTM2WjAYMRYw
FAYDVQQDEw02OGI4MGE4NS1hYjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0c9ESiV4GMng1v5pxkpil/CMApZmbr9lU0BF41QPZyHs4CQwUNqSwM2D
2yrE5AkBdrgcpNe6SMfhoLipf1i2eGKFEYUvee2NqBJpSDLHl9pPsylINHrI6FXu
c8y/7lZg0RgVwl8pDGPPEuElLbgRuZ7VD8tXnZhhcqzcR27XI5qklfc6ERXXH9Lu
sMhu0vEnwsuvBpWVKaeWsFPoA9DSXPkCsRsqrnL0/ANoWXG+iMHWmGhvTJC/q6O1
xNAXcwD2vjIkcCRSDPoUA+UfexoVYQd02nhjW089bvd99fgxY2VmyqnqTFU41y4X
Q9zskzDf8MxK4aihkbbB0HXa9aI7owIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIUF
GUoFeZQ8HdBY6K0pjD/5Zze8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NDlFMDc0RTg4QTgxMUYwOEE2Mzk1QkFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc5FUDBACc5F4wDQYJKoZI
hvcNAQELBQADggEBABffytfBko4dN06asXVRa6+3mKzJvt+Lz0832n0c7yRCHd9W
5dOaQXccean3YNYu5I9PTl8Id2dJvOukLBWnyIkasHxFH6lDjFrIDmdazB5enPZ2
M6yUgNL5GLWHjI7IlLeomzMWfVbpM2lOU7zdkqVijN1pze7KkWTz/t9cgLFPYQQH
BoVW1/F5hA709FeVu57FvqD1dtNTDFFYAcbDrYGxmB8TzpWYv7irliZKMSU8eriP
PmUEx9puPQiSms0kGAcz7cLJaXc+YdgfCgmcFSWnsKF9F8wmruYq8E8UYyOiWgWQ
bI3UP1nnv2eo6TcoLluPFHCHmZJwtlCgn+K9IHw=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:55 2025 by rpki-client