Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2409972E920B11F0B0CD54D1DAE4EC9C.roa
File: 2409972E920B11F0B0CD54D1DAE4EC9C.roa (raw, json)
Hash identifier: T9IL/g0sDkzccUuEyZu2Fqvaf0XYoFgSz2ScQZhOprY=
Subject key identifier: 93:23:1C:24:E3:4E:7A:C5:0B:4E:64:7B:36:97:22:6E:41:D6:72:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017B31
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2409972E920B11F0B0CD54D1DAE4EC9C.roa
Signing time: Mon 15 Sep 2025 08:08:20 +0000
ROA not before: Mon 15 Sep 2025 08:08:15 +0000
ROA not after: Tue 21 Oct 2025 08:08:15 +0000
asID: 18779
IP address blocks: 156.225.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97073 (0x17b31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 15 08:08:15 2025 GMT
Not After : Oct 21 08:08:15 2025 GMT
Subject: CN=68c7c974-3f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:41:92:cb:f6:09:d5:d3:c7:b8:e4:fa:ad:
95:be:f7:93:37:cc:7d:d4:bf:31:3d:c1:4a:3a:38:
3a:a1:a3:26:37:46:79:26:a5:f0:66:df:92:af:bf:
d8:c6:0c:8d:ec:94:6c:ec:5f:cb:5d:46:3e:9b:22:
84:0d:04:9b:4e:17:c5:ca:3d:1e:dd:ba:61:b0:8c:
d8:4f:19:64:0d:37:b8:60:a2:5e:73:d7:5d:cd:19:
bc:84:87:64:1e:a2:73:27:73:09:a4:02:53:fe:26:
e4:c3:6d:b7:82:e9:77:03:e1:c2:8b:65:25:63:5e:
3b:cc:16:c7:59:d7:e9:a4:4f:cb:b5:33:db:a8:46:
56:79:69:19:15:ff:55:6a:d3:5c:90:25:2d:9c:89:
f1:b8:d5:22:84:2d:aa:f7:af:60:f0:34:58:85:52:
64:33:a4:4e:b3:7f:ad:25:33:5f:a8:da:8b:35:81:
8b:1b:34:1a:82:83:5f:be:30:9c:da:c9:d4:97:89:
49:f1:2c:68:84:9d:b7:55:ab:b6:e0:4d:b4:91:fb:
17:a2:74:96:e0:1d:e2:c8:84:d8:61:05:49:b8:08:
2f:e4:77:ad:e5:88:8b:72:79:29:19:d2:24:b3:7c:
70:03:81:1e:8e:91:7c:a0:d8:6e:ec:e9:01:9c:d4:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:23:1C:24:E3:4E:7A:C5:0B:4E:64:7B:36:97:22:6E:41:D6:72:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2409972E920B11F0B0CD54D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.178.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d9:db:d4:bb:09:61:74:95:f9:d6:1b:c7:9f:a9:9d:cd:7a:
02:a3:c8:a1:4b:14:55:f9:db:6a:ec:eb:70:10:32:74:9d:74:
6c:34:b2:92:85:36:fe:73:d4:af:f3:d1:07:52:a8:0b:27:69:
f4:34:50:22:9f:f0:79:1e:d8:d6:b7:35:6a:bd:6c:68:b8:2c:
e9:bf:70:41:4a:8a:f2:8c:36:5c:dc:cb:bc:ec:4a:96:43:ed:
2c:6c:c0:54:37:d3:44:fb:31:6c:2b:5c:17:00:cc:71:03:32:
8c:7a:b1:bb:5d:2d:ca:81:4f:7e:13:f0:eb:c7:39:11:0f:87:
c9:c0:1b:54:6a:d0:33:e0:ca:0d:19:51:6b:17:f4:5a:c3:1c:
1c:38:28:ec:a3:7e:85:c9:a1:a7:92:fb:58:85:32:fe:e0:81:
7e:aa:c2:53:dd:83:05:e4:c9:88:88:e9:21:6c:69:4f:17:9c:
c9:90:42:20:1f:cc:84:28:fb:94:3b:1c:aa:4d:52:5c:66:7a:
f5:27:11:92:2a:b5:b7:30:5a:7d:59:27:0c:03:f7:b9:7d:2c:
86:9c:9a:58:65:73:3f:c5:77:2f:d8:89:b2:db:7a:2c:36:b9:
a5:b7:eb:49:c7:e5:81:01:f6:d1:6f:4b:36:00:06:55:23:dc:
75:52:3d:29
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXsxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE1MDgwODE1WhcNMjUxMDIxMDgwODE1WjAYMRYw
FAYDVQQDEw02OGM3Yzk3NC0zZjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvDpBksv2CdXTx7jk+q2VvveTN8x91L8xPcFKOjg6oaMmN0Z5JqXwZt+S
r7/YxgyN7JRs7F/LXUY+myKEDQSbThfFyj0e3bphsIzYTxlkDTe4YKJec9ddzRm8
hIdkHqJzJ3MJpAJT/ibkw223gul3A+HCi2UlY147zBbHWdfppE/LtTPbqEZWeWkZ
Ff9VatNckCUtnInxuNUihC2q969g8DRYhVJkM6ROs3+tJTNfqNqLNYGLGzQagoNf
vjCc2snUl4lJ8SxohJ23Vau24E20kfsXonSW4B3iyITYYQVJuAgv5Het5YiLcnkp
GdIks3xwA4EejpF8oNhu7OkBnNSAywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJMj
HCTjTnrFC05kezaXIm5B1nLoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDA5OTcyRTkyMEIxMUYwQjBDRDU0RDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOGyMA0GCSqGSIb3DQEBCwUA
A4IBAQCZ2dvUuwlhdJX51hvHn6mdzXoCo8ihSxRV+dtq7OtwEDJ0nXRsNLKShTb+
c9Sv89EHUqgLJ2n0NFAin/B5HtjWtzVqvWxouCzpv3BBSoryjDZc3Mu87EqWQ+0s
bMBUN9NE+zFsK1wXAMxxAzKMerG7XS3KgU9+E/DrxzkRD4fJwBtUatAz4MoNGVFr
F/RawxwcOCjso36FyaGnkvtYhTL+4IF+qsJT3YMF5MmIiOkhbGlPF5zJkEIgH8yE
KPuUOxyqTVJcZnr1JxGSKrW3MFp9WScMA/e5fSyGnJpYZXM/xXcv2Imy23osNrml
t+tJx+WBAfbRb0s2AAZVI9x1Uj0p
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:00 2025 by rpki-client