Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/241B540893A711F0A5E974BCDAE4EC9C.roa
File: 241B540893A711F0A5E974BCDAE4EC9C.roa (raw, json)
Hash identifier: 2pFhc8Lv3ajl2Xw4CtHalTLch9DzqrYcMLfPrEzJWqY=
Subject key identifier: D5:71:D6:AA:D0:8E:50:32:E5:69:8D:1F:88:07:FD:20:F2:15:DB:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017BB6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/241B540893A711F0A5E974BCDAE4EC9C.roa
Signing time: Wed 17 Sep 2025 09:17:33 +0000
ROA not before: Wed 17 Sep 2025 09:17:28 +0000
ROA not after: Fri 24 Oct 2025 09:17:28 +0000
asID: 17497
IP address blocks: 156.225.14.0/24 maxlen: 24
156.229.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97206 (0x17bb6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 09:17:28 2025 GMT
Not After : Oct 24 09:17:28 2025 GMT
Subject: CN=68ca7cad-a167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e5:da:93:a9:1f:74:13:ea:81:4e:ca:eb:28:
0a:9a:9b:6e:24:f5:17:b7:88:81:a2:b8:52:13:76:
23:7f:6a:79:45:5b:51:6a:e2:96:35:db:f5:74:00:
b4:59:84:7e:e6:8a:32:70:1d:d2:78:29:08:92:5e:
20:a6:75:43:c7:68:68:f5:be:5e:5f:1a:83:d3:ce:
03:be:91:a2:95:ad:91:57:1c:ee:e7:32:6a:2d:91:
ed:bc:d0:11:c8:75:6b:03:fe:a2:7f:14:94:20:86:
e0:5c:d5:1b:e2:81:5c:9e:24:90:b6:fc:26:0e:b1:
f9:d9:5f:4b:1c:b8:6f:e1:76:c1:47:e7:3b:21:89:
43:b5:a8:cd:06:46:2f:e3:10:17:b4:e1:5e:83:49:
43:80:ae:0f:4d:73:d6:18:29:85:ed:19:5c:49:4f:
06:86:bf:a4:d8:5b:4a:35:52:ff:c0:24:09:bd:e8:
c5:99:39:0a:fb:0c:95:4e:19:7b:d5:1e:90:5f:b2:
e5:72:77:dd:2c:a0:33:0e:96:9f:81:7c:00:e6:54:
13:8a:5f:e9:b3:e5:a1:79:02:85:4e:65:cc:c2:f3:
f6:9b:47:8d:c7:98:e1:0c:97:4d:98:d4:c6:34:b0:
b6:8d:16:54:b3:36:c5:10:8f:e2:80:8f:77:ec:ad:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:71:D6:AA:D0:8E:50:32:E5:69:8D:1F:88:07:FD:20:F2:15:DB:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/241B540893A711F0A5E974BCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.14.0/24
156.229.27.0/24
Signature Algorithm: sha256WithRSAEncryption
41:2a:f2:c9:10:c2:16:da:55:f6:a1:90:a0:c9:bb:af:43:95:
f9:d5:05:c7:77:f7:77:7e:44:47:dd:68:d0:0e:5b:d1:c4:51:
cc:99:42:9c:70:45:b2:3c:cb:ea:e7:a2:2f:17:7f:3d:0d:f1:
0d:5e:51:40:be:4e:6e:11:78:06:26:59:6d:9b:37:93:69:87:
fb:32:80:3d:79:1a:7a:97:f0:bc:f0:82:ae:75:32:70:86:32:
2b:9b:24:9a:31:dc:fd:40:bd:c7:d5:25:e5:b7:ef:82:ba:2a:
0d:05:f4:57:76:ad:f5:79:61:f9:dc:3d:ce:8b:b5:73:3f:9e:
9f:e6:f7:d8:02:c5:6c:df:03:a3:42:2a:b2:b3:a4:79:18:df:
a7:49:f3:b4:88:86:a8:10:d6:64:f6:27:02:63:ed:ed:88:be:
ae:7b:aa:0b:10:5f:72:d3:3e:b6:67:db:0c:c2:8d:eb:b7:ee:
20:06:42:0b:05:c0:c2:cf:46:c9:70:64:2e:79:42:fe:dc:b9:
4c:bd:d5:cf:6b:f4:70:c5:ea:c2:87:50:5a:d4:40:a0:be:2f:
c0:d3:0a:45:e9:11:54:dd:3d:e8:e1:65:5a:e9:40:14:9c:2f:
58:54:47:ff:66:a6:25:37:f1:0d:df:1e:d6:0a:45:a9:d6:1d:
e6:62:a0:b4
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXu2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE3MDkxNzI4WhcNMjUxMDI0MDkxNzI4WjAYMRYw
FAYDVQQDEw02OGNhN2NhZC1hMTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+Xak6kfdBPqgU7K6ygKmptuJPUXt4iBorhSE3Yjf2p5RVtRauKWNdv1
dAC0WYR+5ooycB3SeCkIkl4gpnVDx2ho9b5eXxqD084DvpGila2RVxzu5zJqLZHt
vNARyHVrA/6ifxSUIIbgXNUb4oFcniSQtvwmDrH52V9LHLhv4XbBR+c7IYlDtajN
BkYv4xAXtOFeg0lDgK4PTXPWGCmF7RlcSU8Ghr+k2FtKNVL/wCQJvejFmTkK+wyV
Thl71R6QX7LlcnfdLKAzDpafgXwA5lQTil/ps+WheQKFTmXMwvP2m0eNx5jhDJdN
mNTGNLC2jRZUszbFEI/igI937K1TZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNVx
1qrQjlAy5WmNH4gH/SDyFdtJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDFCNTQwODkzQTcxMUYwQTVFOTc0QkNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOEOAwQAnOUbMA0GCSqGSIb3
DQEBCwUAA4IBAQBBKvLJEMIW2lX2oZCgybuvQ5X51QXHd/d3fkRH3WjQDlvRxFHM
mUKccEWyPMvq56IvF389DfENXlFAvk5uEXgGJlltmzeTaYf7MoA9eRp6l/C88IKu
dTJwhjIrmySaMdz9QL3H1SXlt++CuioNBfRXdq31eWH53D3Oi7VzP56f5vfYAsVs
3wOjQiqys6R5GN+nSfO0iIaoENZk9icCY+3tiL6ue6oLEF9y0z62Z9sMwo3rt+4g
BkILBcDCz0bJcGQueUL+3LlMvdXPa/RwxerCh1Ba1ECgvi/A0wpF6RFU3T3o4WVa
6UAUnC9YVEf/ZqYlN/EN3x7WCkWp1h3mYqC0
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:17 2025 by rpki-client