Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05345DB0999111F0B48AD5F1DAE4EC9C.roa
File: 05345DB0999111F0B48AD5F1DAE4EC9C.roa (raw, json)
Hash identifier: 40kA4sZ8jYhGNrPh3l8UoGUDghogB4/3fl+qI04daiA=
Subject key identifier: 41:A2:3E:CA:8E:B2:DA:F4:AE:DC:99:98:A4:86:42:F9:A0:63:35:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D2D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05345DB0999111F0B48AD5F1DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 21:54:19 +0000
ROA not before: Wed 24 Sep 2025 21:54:14 +0000
ROA not after: Sat 23 May 2026 21:54:14 +0000
asID: 136744
IP address blocks: 156.235.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 18 Oct 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97581 (0x17d2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 21:54:14 2025 GMT
Not After : May 23 21:54:14 2026 GMT
Subject: CN=68d4688b-6268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:9d:6f:e0:5b:5d:90:14:bd:ed:c5:c4:32:
ac:1b:57:74:f1:d4:c1:b0:4e:dd:15:66:38:ba:71:
a4:a3:4b:12:d9:c0:f0:01:29:17:32:d1:90:ee:7d:
d8:84:47:f8:61:72:d9:0c:61:11:70:e0:1d:0c:fe:
a9:c5:16:54:19:f3:b1:55:53:98:ef:91:7c:79:05:
f7:3a:3c:0f:69:c0:5f:a7:20:ae:c7:a5:60:d6:6b:
94:bf:21:d1:98:ed:51:9b:4f:dd:15:98:90:dc:dc:
9e:b3:8a:41:f7:ff:74:4d:99:0c:5b:58:83:b8:1f:
4a:ec:99:04:df:0c:40:39:ff:56:94:29:26:c0:44:
04:fd:97:b7:df:03:8c:8e:e1:bb:4d:85:39:3c:b0:
eb:46:b8:51:e0:a5:bf:f4:ca:f3:a6:91:ad:a4:58:
65:7d:0b:19:63:10:1c:0b:e0:f5:19:b3:23:cb:ba:
11:54:5f:53:f5:02:77:f0:c7:14:b7:c9:2c:04:18:
45:a0:b5:af:cf:6b:40:73:14:2c:ef:30:98:49:bb:
78:a3:13:87:92:4b:78:f9:b6:f9:b7:bf:8d:83:94:
2f:37:08:17:58:c0:23:87:c6:e1:d7:af:aa:22:e8:
9e:30:1a:6a:c0:47:35:83:58:3a:ca:6e:51:7b:b5:
6b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A2:3E:CA:8E:B2:DA:F4:AE:DC:99:98:A4:86:42:F9:A0:63:35:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/05345DB0999111F0B48AD5F1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.28.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:57:99:2b:4a:47:15:4c:9f:b0:98:e6:2c:cf:bd:1a:dc:21:
13:47:7c:7b:1a:d5:b2:96:8a:3a:ad:88:ae:20:31:62:9f:70:
ff:60:63:14:d8:db:43:b1:9c:74:c6:09:5a:f0:da:e2:a0:a5:
3c:06:6c:f8:82:1a:1d:b6:fd:c1:74:c8:5c:ad:39:7d:5d:8a:
9c:60:10:4b:71:38:02:c6:60:40:37:ba:98:4d:37:bb:d0:4f:
2f:27:d8:70:81:76:47:c2:30:20:72:d1:cd:06:19:10:06:cb:
8e:44:5c:28:ce:47:f8:9c:4b:4d:a0:a0:1f:1c:56:17:03:98:
93:35:58:19:7c:a6:6c:83:1a:31:9b:a7:b0:9b:0d:48:7e:83:
a9:f9:2b:e3:69:1b:4c:6a:de:0e:ad:51:04:10:16:fb:4e:31:
33:d8:be:d4:33:1e:f8:df:42:80:0c:b2:2d:b7:4a:f6:f6:d7:
18:88:fe:ec:93:0c:5c:a2:5e:4c:da:ef:53:71:b1:f0:c5:09:
b2:7b:15:61:70:c2:8c:f8:07:32:ee:ec:7b:ce:ca:80:a2:1d:
ad:cf:75:f3:44:80:71:2d:b4:5a:92:72:04:2b:62:56:2d:46:
e2:e0:46:5a:be:63:b8:34:26:b5:0d:9c:84:16:ba:b2:11:94:
71:ce:c9:78
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX0tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MjE1NDE0WhcNMjYwNTIzMjE1NDE0WjAYMRYw
FAYDVQQDEw02OGQ0Njg4Yi02MjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzQ6db+BbXZAUve3FxDKsG1d08dTBsE7dFWY4unGko0sS2cDwASkXMtGQ
7n3YhEf4YXLZDGERcOAdDP6pxRZUGfOxVVOY75F8eQX3OjwPacBfpyCux6Vg1muU
vyHRmO1Rm0/dFZiQ3Nyes4pB9/90TZkMW1iDuB9K7JkE3wxAOf9WlCkmwEQE/Ze3
3wOMjuG7TYU5PLDrRrhR4KW/9MrzppGtpFhlfQsZYxAcC+D1GbMjy7oRVF9T9QJ3
8McUt8ksBBhFoLWvz2tAcxQs7zCYSbt4oxOHkkt4+bb5t7+Ng5QvNwgXWMAjh8bh
16+qIuieMBpqwEc1g1g6ym5Re7VrpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEGi
PsqOstr0rtyZmKSGQvmgYzWBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNTM0NURCMDk5OTExMUYwQjQ4QUQ1RjFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOscMA0GCSqGSIb3DQEBCwUA
A4IBAQBMV5krSkcVTJ+wmOYsz70a3CETR3x7GtWyloo6rYiuIDFin3D/YGMU2NtD
sZx0xgla8NrioKU8Bmz4ghodtv3BdMhcrTl9XYqcYBBLcTgCxmBAN7qYTTe70E8v
J9hwgXZHwjAgctHNBhkQBsuORFwozkf4nEtNoKAfHFYXA5iTNVgZfKZsgxoxm6ew
mw1IfoOp+SvjaRtMat4OrVEEEBb7TjEz2L7UMx7430KADLItt0r29tcYiP7skwxc
ol5M2u9TcbHwxQmyexVhcMKM+Acy7ux7zsqAoh2tz3XzRIBxLbRaknIEK2JWLUbi
4EZavmO4NCa1DZyEFrqyEZRxzsl4
-----END CERTIFICATE-----
Generated at Thu Oct 16 06:07:40 2025 by rpki-client