Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13F407F8A9B111F097E701F0DAE4EC9C.roa
File: 13F407F8A9B111F097E701F0DAE4EC9C.roa (raw, json)
Hash identifier: tlk2daKTGhdqhxSgyd5ktRwd4FctYzOFLyefB6rR23U=
Subject key identifier: 39:1B:69:8B:E3:DE:C2:EF:31:7B:F3:B6:23:F1:D3:16:DD:76:51:B4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0180B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13F407F8A9B111F097E701F0DAE4EC9C.roa
Signing time: Wed 15 Oct 2025 10:24:06 +0000
ROA not before: Wed 15 Oct 2025 10:24:01 +0000
ROA not after: Thu 20 Nov 2025 10:24:01 +0000
asID: 19318
IP address blocks: 156.233.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98481 (0x180b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 15 10:24:01 2025 GMT
Not After : Nov 20 10:24:01 2025 GMT
Subject: CN=68ef7646-fd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:71:b9:df:0b:4a:cb:32:9c:e2:b6:54:ef:c9:
a5:a7:08:e6:5f:e4:15:d0:ee:46:06:c5:81:e9:22:
58:91:b0:13:9d:ef:b5:bf:8c:5b:f5:a6:b2:7b:fe:
c0:12:5b:e0:54:cb:3a:3f:4c:95:e7:03:05:ea:00:
e3:1c:2c:96:d4:92:86:3c:14:a0:ad:85:08:c0:69:
e2:39:92:e7:9b:a5:98:fd:4d:0e:42:ed:8e:32:43:
53:c0:ef:59:54:86:03:59:11:3f:a4:a5:a3:ad:26:
b1:b9:0e:b6:50:b4:7f:45:da:19:8e:fe:07:58:8f:
3f:3d:fa:a8:79:eb:11:1f:3b:02:bf:e0:5e:76:21:
a6:80:f1:27:09:1b:71:1b:41:74:f1:6d:3d:5b:69:
06:f5:77:6e:ce:9e:9e:e7:ed:b8:f6:b1:ab:73:21:
d7:ae:67:fe:e0:90:27:fb:78:b1:fc:b5:6e:96:ee:
ab:76:25:5c:cd:39:2c:57:c3:64:1e:59:c3:7b:32:
25:72:01:2f:b9:8e:ff:c7:35:b7:43:c1:41:10:bb:
d3:a0:29:c2:b7:b9:d1:0d:d0:cc:b7:11:03:f2:be:
4f:77:13:b2:36:51:09:23:29:7d:75:b9:a0:e1:59:
d2:bd:dd:29:0d:68:ac:cf:13:b0:5a:fd:b9:51:17:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:1B:69:8B:E3:DE:C2:EF:31:7B:F3:B6:23:F1:D3:16:DD:76:51:B4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13F407F8A9B111F097E701F0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.72.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:aa:21:a9:3b:a7:51:fa:1e:0b:c4:d6:55:85:9d:d1:88:26:
c7:4e:70:83:12:d8:10:74:a4:c7:fd:10:19:7e:fb:7b:18:e4:
09:1a:0b:8f:d8:ba:07:11:b5:bf:ca:f6:eb:67:3a:e3:5f:38:
1e:9c:bd:70:b0:59:a6:49:58:14:01:d9:a0:af:f3:48:a8:22:
8f:f8:c3:04:ed:49:40:fc:36:c1:f3:4b:91:36:88:20:e3:06:
87:0f:97:84:dc:69:70:c3:22:f2:ad:94:e9:9b:7a:8d:60:b5:
34:06:bb:ff:51:15:af:eb:83:4a:40:36:b2:84:b5:8a:d6:31:
8d:d0:25:ac:69:31:67:d9:59:a3:11:bf:75:28:9e:f5:cc:2a:
e1:c9:c4:a8:5c:05:34:d4:e4:c6:c0:2c:39:5b:a3:22:e3:d2:
26:82:51:91:51:6f:21:f4:50:79:75:9a:51:9f:7f:a9:5e:f8:
e4:e6:13:45:81:03:0b:40:96:47:7c:d2:3f:a1:d4:32:75:4b:
20:fe:a6:a4:72:db:ec:bc:97:f8:de:38:7f:b8:95:0e:32:6d:
0d:d9:b3:55:a0:28:3d:65:cd:22:a6:35:65:64:5d:a8:5a:08:
a0:1c:ad:68:eb:5c:91:07:97:4a:e6:83:3a:44:c8:98:65:46:
7f:e0:46:f2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYCxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDE1MTAyNDAxWhcNMjUxMTIwMTAyNDAxWjAYMRYw
FAYDVQQDEw02OGVmNzY0Ni1mZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApXG53wtKyzKc4rZU78mlpwjmX+QV0O5GBsWB6SJYkbATne+1v4xb9aay
e/7AElvgVMs6P0yV5wMF6gDjHCyW1JKGPBSgrYUIwGniOZLnm6WY/U0OQu2OMkNT
wO9ZVIYDWRE/pKWjrSaxuQ62ULR/RdoZjv4HWI8/PfqoeesRHzsCv+BediGmgPEn
CRtxG0F08W09W2kG9Xduzp6e5+249rGrcyHXrmf+4JAn+3ix/LVulu6rdiVczTks
V8NkHlnDezIlcgEvuY7/xzW3Q8FBELvToCnCt7nRDdDMtxED8r5PdxOyNlEJIyl9
dbmg4VnSvd0pDWiszxOwWv25URcT/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDkb
aYvj3sLvMXvztiPx0xbddlG0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xM0Y0MDdGOEE5QjExMUYwOTdFNzAxRjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOlIMA0GCSqGSIb3DQEBCwUA
A4IBAQCMqiGpO6dR+h4LxNZVhZ3RiCbHTnCDEtgQdKTH/RAZfvt7GOQJGguP2LoH
EbW/yvbrZzrjXzgenL1wsFmmSVgUAdmgr/NIqCKP+MME7UlA/DbB80uRNogg4waH
D5eE3GlwwyLyrZTpm3qNYLU0Brv/URWv64NKQDayhLWK1jGN0CWsaTFn2VmjEb91
KJ71zCrhycSoXAU01OTGwCw5W6Mi49ImglGRUW8h9FB5dZpRn3+pXvjk5hNFgQML
QJZHfNI/odQydUsg/qakctvsvJf43jh/uJUOMm0N2bNVoCg9Zc0ipjVlZF2oWgig
HK1o61yRB5dK5oM6RMiYZUZ/4Eby
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:54 2025 by rpki-client