Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23894E669D6911F096857BDCDAE4EC9C.roa
File: 23894E669D6911F096857BDCDAE4EC9C.roa (raw, json)
Hash identifier: OnqFSlDuzLTh+t3OQJJd3EajNzSNHaUAXA/1kMtd3d4=
Subject key identifier: A6:B1:45:4D:96:67:93:37:13:A2:63:31:72:2F:02:DD:35:5D:93:3C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017DDF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23894E669D6911F096857BDCDAE4EC9C.roa
Signing time: Mon 29 Sep 2025 19:18:55 +0000
ROA not before: Mon 29 Sep 2025 19:18:50 +0000
ROA not after: Sat 01 Nov 2025 19:18:50 +0000
asID: 32043
IP address blocks: 156.228.48.0/22 maxlen: 24
156.228.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97759 (0x17ddf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 19:18:50 2025 GMT
Not After : Nov 1 19:18:50 2025 GMT
Subject: CN=68dadb9e-2de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6e:ef:44:ad:fb:0f:84:fe:c4:d7:64:b0:bb:
30:24:45:96:24:2d:b1:c8:60:35:ea:a9:80:26:c7:
30:81:5d:c0:f3:18:c2:92:9a:e6:8b:5f:7a:2d:a5:
a8:94:9e:8b:aa:3b:ba:cf:d5:1e:94:9d:e4:47:b5:
b5:d8:cb:56:99:98:9f:24:8b:25:cf:b6:92:14:ae:
4f:3d:7a:5b:2a:1d:ef:c3:0a:82:c0:2f:80:75:01:
b2:19:c0:4e:19:4f:2a:eb:6f:48:67:b1:23:70:c5:
c6:d4:59:61:cc:a2:80:7e:69:d4:27:4e:58:e5:b1:
37:68:94:09:87:91:06:cb:e2:97:3b:79:21:11:6f:
db:b1:b9:e5:17:17:30:05:52:c5:66:1d:a2:78:b5:
d2:43:a1:d0:1b:d7:cc:51:f0:32:2b:38:d6:43:d7:
15:71:8c:79:de:6c:f3:78:9d:dd:d3:89:c1:1e:47:
7d:5d:ab:2a:39:aa:39:6b:22:3e:f8:e5:c4:18:38:
98:bd:0c:8a:be:36:41:8e:28:69:27:55:d3:ba:d4:
9a:4d:12:86:ba:90:6a:ad:f7:22:4d:e2:dc:cb:9f:
0e:d9:8f:6e:68:60:de:e1:42:ea:7b:3f:68:74:a4:
c7:dc:db:c0:8c:35:c9:65:4c:76:c5:73:09:b3:f6:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B1:45:4D:96:67:93:37:13:A2:63:31:72:2F:02:DD:35:5D:93:3C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23894E669D6911F096857BDCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.48.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:a7:10:07:39:ec:b7:b2:5a:f5:ec:63:0e:21:0c:5b:95:f0:
4c:3f:89:72:89:cb:20:99:47:29:27:e4:09:10:3f:76:8b:54:
87:af:bf:d7:06:4e:2d:fb:cf:b0:93:95:3e:cc:09:c1:87:31:
f9:0b:c1:a2:4d:33:35:5a:1d:5b:0e:cd:57:08:1b:9e:53:18:
d6:21:9d:08:94:4d:eb:61:a4:a7:23:4a:dd:7b:b5:52:34:bf:
b1:fc:1c:5f:27:99:ed:cc:7f:c3:9e:5e:14:d6:93:4e:5d:84:
3e:3e:74:7b:62:78:f2:5c:0f:69:ac:7b:4b:21:af:69:e8:35:
21:15:1a:15:cf:f1:2c:af:b5:c8:6b:36:69:54:f4:c4:5b:74:
41:36:16:6b:ff:af:f0:05:78:0e:00:2e:6f:ca:42:37:4f:7b:
8e:39:3f:af:39:db:f5:79:1e:e3:bd:cd:fd:9e:1a:f1:d0:b7:
09:60:19:38:97:b7:5a:37:e4:74:db:3a:9c:83:ab:58:c4:e0:
d7:85:7a:f1:a6:68:97:f0:f6:32:c7:5f:89:fc:61:5a:8f:5f:
7b:28:9b:f1:aa:8d:a9:a3:f8:e8:a6:2a:bc:ef:4a:53:b6:df:
df:3d:86:d1:06:db:4e:ed:bb:a0:23:54:a4:3d:f3:db:5b:46:
bb:39:a7:5c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX3fMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI5MTkxODUwWhcNMjUxMTAxMTkxODUwWjAYMRYw
FAYDVQQDEw02OGRhZGI5ZS0yZGU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy27vRK37D4T+xNdksLswJEWWJC2xyGA16qmAJscwgV3A8xjCkprmi196
LaWolJ6Lqju6z9UelJ3kR7W12MtWmZifJIslz7aSFK5PPXpbKh3vwwqCwC+AdQGy
GcBOGU8q629IZ7EjcMXG1FlhzKKAfmnUJ05Y5bE3aJQJh5EGy+KXO3khEW/bsbnl
FxcwBVLFZh2ieLXSQ6HQG9fMUfAyKzjWQ9cVcYx53mzzeJ3d04nBHkd9XasqOao5
ayI++OXEGDiYvQyKvjZBjihpJ1XTutSaTRKGupBqrfciTeLcy58O2Y9uaGDe4ULq
ez9odKTH3NvAjDXJZUx2xXMJs/YBfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKax
RU2WZ5M3E6JjMXIvAt01XZM8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzg5NEU2NjlENjkxMUYwOTY4NTdCRENEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOQwMA0GCSqGSIb3DQEBCwUA
A4IBAQCcpxAHOey3slr17GMOIQxblfBMP4lyicsgmUcpJ+QJED92i1SHr7/XBk4t
+8+wk5U+zAnBhzH5C8GiTTM1Wh1bDs1XCBueUxjWIZ0IlE3rYaSnI0rde7VSNL+x
/BxfJ5ntzH/Dnl4U1pNOXYQ+PnR7YnjyXA9prHtLIa9p6DUhFRoVz/Esr7XIazZp
VPTEW3RBNhZr/6/wBXgOAC5vykI3T3uOOT+vOdv1eR7jvc39nhrx0LcJYBk4l7da
N+R02zqcg6tYxODXhXrxpmiX8PYyx1+J/GFaj197KJvxqo2po/jopiq870pTtt/f
PYbRBttO7bugI1SkPfPbW0a7Oadc
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:08 2025 by rpki-client