Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CE9AFE83FC11F0921306CADAE4EC9C.roa
File: A7CE9AFE83FC11F0921306CADAE4EC9C.roa (raw, json)
Hash identifier: LZtiwfsaVqRyqxfHX5ePE7c29ByMYRhcCbmL63ZnPdA=
Subject key identifier: 14:8C:F7:40:E1:83:27:F4:0E:1F:71:A1:F9:CA:B7:ED:D0:7E:09:F6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01727A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CE9AFE83FC11F0921306CADAE4EC9C.roa
Signing time: Thu 28 Aug 2025 10:49:22 +0000
ROA not before: Thu 28 Aug 2025 10:49:16 +0000
ROA not after: Wed 01 Oct 2025 10:49:16 +0000
asID: 44559
IP address blocks: 156.239.20.0/24 maxlen: 24
156.239.132.0/24 maxlen: 24
156.239.133.0/24 maxlen: 24
156.239.135.0/24 maxlen: 24
156.239.140.0/24 maxlen: 24
156.239.142.0/24 maxlen: 24
156.239.143.0/24 maxlen: 24
156.239.154.0/24 maxlen: 24
156.239.155.0/24 maxlen: 24
156.243.32.0/24 maxlen: 24
156.243.33.0/24 maxlen: 24
156.243.80.0/24 maxlen: 24
156.243.132.0/24 maxlen: 24
156.243.133.0/24 maxlen: 24
156.243.139.0/24 maxlen: 24
156.243.144.0/24 maxlen: 24
156.243.150.0/24 maxlen: 24
156.243.151.0/24 maxlen: 24
156.243.156.0/24 maxlen: 24
156.243.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94842 (0x1727a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 28 10:49:16 2025 GMT
Not After : Oct 1 10:49:16 2025 GMT
Subject: CN=68b03432-c885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c3:b0:c4:3c:7d:73:5f:49:73:2f:73:52:ea:
aa:b4:7f:a1:14:b8:f4:67:4b:9e:66:31:56:01:54:
1d:9a:11:15:16:64:34:ba:62:87:24:63:53:bd:64:
cb:5c:a8:0b:1a:6c:66:b8:2c:42:88:3c:88:4b:fb:
7e:e6:86:f3:d1:80:da:86:57:7c:cf:2c:df:df:c4:
84:b9:d1:c8:71:4c:1c:bb:9c:99:60:4b:9f:e1:b7:
99:17:82:55:26:42:1a:b0:6f:9c:05:48:8f:78:a6:
fe:b8:0d:b6:23:cc:26:10:3c:c5:19:c3:3f:14:6b:
c4:bf:89:31:fb:35:de:d3:d3:53:14:28:e0:4a:42:
70:1e:7b:a9:37:3f:5f:46:77:30:70:d3:72:cf:eb:
59:ce:1f:9a:80:fc:2f:40:86:35:93:a7:0f:e6:3f:
3f:b6:0d:a2:52:68:af:3c:15:a1:e3:56:6f:60:99:
eb:9c:2e:52:50:e5:2d:98:05:76:7b:c2:69:89:26:
97:f4:d5:ad:c0:d9:28:f0:e8:43:69:7b:00:b7:72:
c1:69:12:ac:aa:99:9f:fa:ce:b7:6a:a5:56:42:06:
73:a9:b9:9f:19:43:ae:37:01:0d:68:b5:78:67:56:
10:1b:86:37:20:00:98:64:29:68:27:51:d3:a8:fb:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:8C:F7:40:E1:83:27:F4:0E:1F:71:A1:F9:CA:B7:ED:D0:7E:09:F6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CE9AFE83FC11F0921306CADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.20.0/24
156.239.132.0/23
156.239.135.0/24
156.239.140.0/24
156.239.142.0/23
156.239.154.0/23
156.243.32.0/23
156.243.80.0/24
156.243.132.0/23
156.243.139.0/24
156.243.144.0/24
156.243.150.0/23
156.243.156.0/24
156.243.158.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:b1:87:21:0c:57:73:a6:31:e1:56:02:ca:12:51:fc:01:b0:
ce:7e:93:01:a2:28:9f:ee:0d:9d:0f:d5:42:d9:3e:d7:f9:29:
5c:01:7b:02:17:1d:c6:4e:af:af:0c:6e:59:77:46:15:b0:4c:
48:50:dd:5e:6f:52:ab:44:e9:0e:59:91:2f:3f:55:69:75:bb:
b4:29:0b:6b:23:dc:af:e0:4f:db:27:7f:94:62:6f:fa:83:d8:
ca:21:15:ae:8d:49:a1:7d:5e:9b:71:38:9e:9b:c3:f3:ef:c1:
1e:88:ca:77:46:21:42:00:cc:ad:de:a8:e2:4e:5e:99:aa:ae:
9e:cd:c1:84:39:5a:4e:f5:14:4d:96:fd:b9:25:e1:80:fb:7c:
7e:65:ff:d4:36:fc:c6:77:b5:7e:06:de:65:c4:b8:40:71:2f:
c0:fe:b0:d7:45:3a:8e:4d:b5:44:65:31:2f:32:77:93:05:8f:
fa:7e:2c:ac:69:0c:a6:21:9f:c5:2f:23:fe:7c:33:50:bc:68:
db:79:4b:73:57:d1:a0:d2:13:e8:15:d7:bd:8f:10:8f:1b:38:
b8:f6:0a:29:86:c1:a4:ef:3c:6d:47:78:68:63:d1:e3:61:77:
03:4c:34:a6:43:ec:fa:6a:b7:e9:11:75:a0:51:2c:32:14:72:
de:0d:f3:31
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIDAXJ6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODI4MTA0OTE2WhcNMjUxMDAxMTA0OTE2WjAYMRYw
FAYDVQQDEw02OGIwMzQzMi1jODg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9cOwxDx9c19Jcy9zUuqqtH+hFLj0Z0ueZjFWAVQdmhEVFmQ0umKHJGNT
vWTLXKgLGmxmuCxCiDyIS/t+5obz0YDahld8zyzf38SEudHIcUwcu5yZYEuf4beZ
F4JVJkIasG+cBUiPeKb+uA22I8wmEDzFGcM/FGvEv4kx+zXe09NTFCjgSkJwHnup
Nz9fRncwcNNyz+tZzh+agPwvQIY1k6cP5j8/tg2iUmivPBWh41ZvYJnrnC5SUOUt
mAV2e8JpiSaX9NWtwNko8OhDaXsAt3LBaRKsqpmf+s63aqVWQgZzqbmfGUOuNwEN
aLV4Z1YQG4Y3IACYZCloJ1HTqPvTGwIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFBSM
90Dhgyf0Dh9xofnKt+3Qfgn2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0NFOUFGRTgzRkMxMUYwOTIxMzA2Q0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAnO8UAwQBnO+EAwQAnO+HAwQA
nO+MAwQBnO+OAwQBnO+aAwQBnPMgAwQAnPNQAwQBnPOEAwQAnPOLAwQAnPOQAwQB
nPOWAwQAnPOcAwQAnPOeMA0GCSqGSIb3DQEBCwUAA4IBAQCNsYchDFdzpjHhVgLK
ElH8AbDOfpMBoiif7g2dD9VC2T7X+SlcAXsCFx3GTq+vDG5Zd0YVsExIUN1eb1Kr
ROkOWZEvP1Vpdbu0KQtrI9yv4E/bJ3+UYm/6g9jKIRWujUmhfV6bcTiem8Pz78Ee
iMp3RiFCAMyt3qjiTl6Zqq6ezcGEOVpO9RRNlv25JeGA+3x+Zf/UNvzGd7V+Bt5l
xLhAcS/A/rDXRTqOTbVEZTEvMneTBY/6fiysaQymIZ/FLyP+fDNQvGjbeUtzV9Gg
0hPoFde9jxCPGzi49gophsGk7zxtR3hoY9HjYXcDTDSmQ+z6arfpEXWgUSwyFHLe
DfMx
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:40 2025 by rpki-client