Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CF9E20C889C11F0914CF0ECDAE4EC9C.roa
File: 8CF9E20C889C11F0914CF0ECDAE4EC9C.roa (raw, json)
Hash identifier: 7ecmK1G9BzKiqyN9IJgt3/OGtjonagm8tRqk6w3uDyU=
Subject key identifier: 4B:A7:E6:2A:65:C0:A2:73:29:BB:D0:32:CF:C9:D6:FC:57:0C:5F:2E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01775A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CF9E20C889C11F0914CF0ECDAE4EC9C.roa
Signing time: Wed 03 Sep 2025 08:04:01 +0000
ROA not before: Wed 03 Sep 2025 08:03:57 +0000
ROA not after: Tue 07 Oct 2025 08:03:57 +0000
asID: 20326
IP address blocks: 156.229.26.0/24 maxlen: 24
156.242.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96090 (0x1775a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 3 08:03:57 2025 GMT
Not After : Oct 7 08:03:57 2025 GMT
Subject: CN=68b7f671-99c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:2b:0f:69:bb:43:21:21:28:84:47:af:fb:
33:83:dc:38:c0:79:03:e2:fc:08:56:51:f9:c2:a1:
6c:6b:da:df:f1:8e:8e:99:be:f0:60:fb:2f:4f:f2:
3f:2e:ab:51:1c:ec:b3:5d:75:6d:de:1f:0c:ee:df:
61:ea:9e:ef:c9:0d:87:c2:34:80:a4:f8:90:13:a2:
4a:5e:b0:3f:33:20:b1:37:04:9b:97:5a:b2:7f:9e:
fa:1a:a5:83:ee:cf:7b:96:9b:7e:47:87:ee:f7:df:
75:10:f1:66:81:ee:9e:ec:f8:9a:09:13:d7:2f:ef:
7e:d5:fe:f8:40:58:b8:39:e9:f3:d8:f6:a9:dd:98:
1d:24:86:d3:14:3a:20:68:9e:58:23:04:5d:51:16:
16:e4:95:e0:83:7d:38:e6:29:7b:27:ff:db:65:aa:
7b:69:a4:3d:51:0a:34:28:b2:d5:b4:47:80:9b:9e:
d2:36:12:88:77:58:cb:0f:e3:80:7f:11:5c:7b:14:
cd:71:1e:66:c7:3b:26:f2:c1:72:7c:df:74:7a:97:
78:bb:8e:9b:3c:22:bd:65:2f:f1:35:d6:8e:57:9f:
12:32:5c:35:dd:a8:2b:c3:81:ac:03:b0:1e:b0:66:
3b:af:79:c6:91:7c:90:f9:95:ed:1e:da:39:52:e9:
34:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A7:E6:2A:65:C0:A2:73:29:BB:D0:32:CF:C9:D6:FC:57:0C:5F:2E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8CF9E20C889C11F0914CF0ECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.26.0/24
156.242.124.0/24
Signature Algorithm: sha256WithRSAEncryption
32:95:4d:73:fe:69:11:60:8f:ab:79:33:9c:1f:dc:92:20:2d:
84:b0:15:23:23:ae:e2:5d:6a:61:c8:32:5b:b9:7c:98:4d:4d:
6b:e4:96:f4:e9:db:c9:30:ac:90:d0:ee:0c:05:fe:6c:cb:06:
f5:83:e7:31:1f:fd:5d:1c:3f:8b:8f:77:70:a7:66:72:44:c3:
b5:44:1b:92:e3:bc:33:17:d7:ff:57:09:81:2a:a2:81:e8:70:
2e:09:6b:ef:0a:ee:64:3f:e6:a6:97:15:67:5a:45:1e:59:a4:
6b:4f:f0:a3:0e:85:99:d6:d9:98:3e:78:d1:11:67:50:91:7a:
e8:a5:82:2a:85:a8:08:ab:fc:62:4f:5d:9c:a5:07:e9:14:96:
94:04:84:a9:17:ea:c4:51:aa:08:bb:92:0b:61:d1:89:fe:95:
df:62:91:db:3c:a7:10:f2:31:e5:9d:bf:33:68:d0:a2:d0:e7:
fa:b0:7d:55:df:3b:7a:67:1e:8f:60:6a:33:b4:42:67:98:fc:
60:f9:6b:9c:12:c0:54:d7:4b:aa:db:12:fd:9b:6b:26:e5:14:
25:6f:82:fb:e3:b7:cd:dd:91:cf:44:81:6f:e5:a4:81:9c:72:
6d:e3:1f:1f:5d:a1:86:0b:84:a1:04:4c:dd:4d:e4:98:59:22:
8d:79:cb:e3
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXdaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAzMDgwMzU3WhcNMjUxMDA3MDgwMzU3WjAYMRYw
FAYDVQQDEw02OGI3ZjY3MS05OWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmJkrD2m7QyEhKIRHr/szg9w4wHkD4vwIVlH5wqFsa9rf8Y6Omb7wYPsv
T/I/LqtRHOyzXXVt3h8M7t9h6p7vyQ2HwjSApPiQE6JKXrA/MyCxNwSbl1qyf576
GqWD7s97lpt+R4fu9991EPFmge6e7PiaCRPXL+9+1f74QFi4Oenz2Pap3ZgdJIbT
FDogaJ5YIwRdURYW5JXgg3045il7J//bZap7aaQ9UQo0KLLVtEeAm57SNhKId1jL
D+OAfxFcexTNcR5mxzsm8sFyfN90epd4u46bPCK9ZS/xNdaOV58SMlw13agrw4Gs
A7AesGY7r3nGkXyQ+ZXtHto5Uuk0zQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEun
5iplwKJzKbvQMs/J1vxXDF8uMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Q0Y5RTIwQzg4OUMxMUYwOTE0Q0YwRUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOUaAwQAnPJ8MA0GCSqGSIb3
DQEBCwUAA4IBAQAylU1z/mkRYI+reTOcH9ySIC2EsBUjI67iXWphyDJbuXyYTU1r
5Jb06dvJMKyQ0O4MBf5sywb1g+cxH/1dHD+Lj3dwp2ZyRMO1RBuS47wzF9f/VwmB
KqKB6HAuCWvvCu5kP+amlxVnWkUeWaRrT/CjDoWZ1tmYPnjREWdQkXropYIqhagI
q/xiT12cpQfpFJaUBISpF+rEUaoIu5ILYdGJ/pXfYpHbPKcQ8jHlnb8zaNCi0Of6
sH1V3zt6Zx6PYGoztEJnmPxg+WucEsBU10uq2xL9m2sm5RQlb4L747fN3ZHPRIFv
5aSBnHJt4x8fXaGGC4ShBEzdTeSYWSKNecvj
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:21:58 2025 by rpki-client