Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FA6B13A87D111F0BF7469D1DAE4EC9C.roa
File: 9FA6B13A87D111F0BF7469D1DAE4EC9C.roa (raw, json)
Hash identifier: QidJURhbxIoPxBegkJuEyy6L6rGh7agwmUri2NRRrV8=
Subject key identifier: C2:2E:FB:A7:C7:A3:A0:12:19:4D:A8:F6:F3:F1:85:ED:69:E2:09:CB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017629
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FA6B13A87D111F0BF7469D1DAE4EC9C.roa
Signing time: Tue 02 Sep 2025 07:51:25 +0000
ROA not before: Tue 02 Sep 2025 07:51:20 +0000
ROA not after: Tue 07 Oct 2025 07:51:20 +0000
asID: 20326
IP address blocks: 156.229.26.0/24 maxlen: 24
156.242.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95785 (0x17629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 2 07:51:20 2025 GMT
Not After : Oct 7 07:51:20 2025 GMT
Subject: CN=68b6a1fd-9a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:91:b3:83:02:3b:1d:8a:52:6c:36:78:c3:3e:
e1:36:4f:00:81:fd:31:b0:e2:18:a6:5d:ce:32:4b:
9c:e9:56:99:6d:e8:9f:c6:78:61:8c:07:96:dd:df:
9f:2f:1e:6f:9e:81:20:3c:32:a9:23:95:3b:f5:8c:
27:56:dc:27:fc:7f:48:f5:c0:7e:9f:0b:41:2b:c9:
2c:16:88:ec:94:4a:cb:9d:4e:7a:59:d3:b5:b5:c7:
11:0a:97:ac:fd:cd:ae:fd:04:70:5a:86:c6:fa:7b:
93:8b:69:21:8d:17:47:13:70:34:51:05:b4:6a:6d:
06:ee:0e:06:68:e5:43:cf:ba:88:4a:85:8a:7f:e1:
e1:e5:bf:50:49:56:4b:e2:f2:56:c6:cf:e5:d5:34:
cf:d6:36:c2:19:f8:3e:f9:6a:43:6f:60:5c:76:8f:
49:08:52:4b:b1:8d:6e:a7:2a:e2:b7:b7:8d:c8:6c:
bc:c7:5b:4f:b0:42:7d:30:76:07:22:1c:57:c9:4c:
0d:1b:69:2d:c5:e1:c9:31:f5:11:69:95:a4:3d:3a:
6b:89:67:bf:e4:8e:9f:bd:67:ce:bb:9a:7a:98:f1:
d1:8d:0d:66:b0:f0:a3:20:be:52:37:17:c5:3e:b1:
95:4d:f9:5e:12:a8:9c:67:25:9d:2c:11:5a:4e:26:
0f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:2E:FB:A7:C7:A3:A0:12:19:4D:A8:F6:F3:F1:85:ED:69:E2:09:CB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9FA6B13A87D111F0BF7469D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.26.0/24
156.242.124.0/24
Signature Algorithm: sha256WithRSAEncryption
86:11:34:cc:c3:91:26:aa:ca:9e:61:65:5f:0b:dd:3d:53:9c:
90:7d:bf:dc:be:7c:6d:78:d5:df:b0:c1:d3:30:a5:8b:fa:68:
6d:34:10:b1:b2:b2:d2:cc:9b:16:22:f3:1d:83:1a:a9:2f:b9:
30:4c:0b:3d:ae:10:b8:07:d2:f9:b2:db:3f:ad:85:0f:49:68:
ae:51:cc:8e:f2:29:02:d3:8a:dd:8a:4e:e2:25:f0:24:f1:46:
e7:b8:35:f1:1e:44:ef:2b:86:38:06:dd:d1:b4:38:bd:62:51:
fa:49:15:9a:c3:68:17:a7:ae:3d:d5:55:e7:e5:16:40:8a:78:
d0:da:92:63:9d:f9:5d:11:52:66:b5:d1:5e:3d:9c:12:17:0f:
da:03:5a:51:71:92:97:a0:fb:43:0e:4d:14:14:ab:8c:b7:2a:
3c:d3:e6:df:a1:03:76:e5:97:9d:34:3a:76:bd:e0:60:e1:c8:
74:d2:d0:0e:d1:61:48:3b:de:b3:03:aa:59:5a:01:96:a1:1a:
f1:bc:35:11:5e:c6:2c:74:c7:36:b6:1f:a3:8e:3b:eb:da:bd:
f1:fa:ca:11:4d:f5:13:46:64:1e:3d:4a:6d:3d:3f:26:5f:ad:
a4:6f:65:b9:f1:19:10:7b:61:0c:fe:21:0e:c2:70:30:fd:9b:
99:7a:35:4e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXYpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAyMDc1MTIwWhcNMjUxMDA3MDc1MTIwWjAYMRYw
FAYDVQQDEw02OGI2YTFmZC05YTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqZGzgwI7HYpSbDZ4wz7hNk8Agf0xsOIYpl3OMkuc6VaZbeifxnhhjAeW
3d+fLx5vnoEgPDKpI5U79YwnVtwn/H9I9cB+nwtBK8ksFojslErLnU56WdO1tccR
Cpes/c2u/QRwWobG+nuTi2khjRdHE3A0UQW0am0G7g4GaOVDz7qISoWKf+Hh5b9Q
SVZL4vJWxs/l1TTP1jbCGfg++WpDb2Bcdo9JCFJLsY1upyrit7eNyGy8x1tPsEJ9
MHYHIhxXyUwNG2ktxeHJMfURaZWkPTpriWe/5I6fvWfOu5p6mPHRjQ1msPCjIL5S
NxfFPrGVTfleEqicZyWdLBFaTiYPDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMIu
+6fHo6ASGU2o9vPxhe1p4gnLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RkE2QjEzQTg3RDExMUYwQkY3NDY5RDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOUaAwQAnPJ8MA0GCSqGSIb3
DQEBCwUAA4IBAQCGETTMw5EmqsqeYWVfC909U5yQfb/cvnxteNXfsMHTMKWL+mht
NBCxsrLSzJsWIvMdgxqpL7kwTAs9rhC4B9L5sts/rYUPSWiuUcyO8ikC04rdik7i
JfAk8UbnuDXxHkTvK4Y4Bt3RtDi9YlH6SRWaw2gXp6491VXn5RZAinjQ2pJjnfld
EVJmtdFePZwSFw/aA1pRcZKXoPtDDk0UFKuMtyo80+bfoQN25ZedNDp2veBg4ch0
0tAO0WFIO96zA6pZWgGWoRrxvDURXsYsdMc2th+jjjvr2r3x+soRTfUTRmQePUpt
PT8mX62kb2W58RkQe2EM/iEOwnAw/ZuZejVO
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:53 2025 by rpki-client