Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/242E1DD4A76311F09BF2F099DAE4EC9C.roa
File: 242E1DD4A76311F09BF2F099DAE4EC9C.roa (raw, json)
Hash identifier: TyHw/VmypM4eXbKQXuL+QZJzrvbLZDOuUmo280Ri2HQ=
Subject key identifier: 92:95:A0:14:00:9F:37:79:E1:7A:5A:CC:6B:8C:77:24:0F:B7:3A:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01801E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/242E1DD4A76311F09BF2F099DAE4EC9C.roa
Signing time: Sun 12 Oct 2025 12:01:10 +0000
ROA not before: Sun 12 Oct 2025 12:01:05 +0000
ROA not after: Thu 27 Nov 2025 12:01:05 +0000
asID: 138415
IP address blocks: 156.234.0.0/16 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98334 (0x1801e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 12 12:01:05 2025 GMT
Not After : Nov 27 12:01:05 2025 GMT
Subject: CN=68eb9886-87d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e0:78:cf:dc:9e:92:5c:f7:16:67:d7:d0:66:
4b:24:76:24:7e:9f:9c:14:98:76:b8:c3:36:f2:52:
c0:6f:dc:ae:39:ac:9d:aa:0b:b3:43:88:76:d1:5a:
a4:a3:be:8f:64:2c:1b:ce:89:ad:d3:a4:cb:01:85:
d8:7e:41:18:d4:d7:27:c6:fa:df:cd:7f:f9:b5:cb:
25:37:cf:d6:1d:e6:a0:54:78:c7:3a:17:5e:f2:9e:
aa:98:fd:70:23:3c:54:b7:4b:4d:85:22:46:ee:6f:
c0:f0:22:17:8f:6b:c5:fc:8d:3f:53:ef:5d:35:30:
bd:65:93:1a:cd:11:71:60:87:37:95:c2:05:f3:c5:
ca:2a:2b:4d:79:cc:2d:ce:77:58:32:e0:1c:44:f0:
f7:55:38:da:64:3b:19:e3:4d:e2:55:9a:9f:d0:a8:
1d:6d:f5:87:5c:65:19:a3:f4:8e:0d:a9:d5:2f:ae:
e3:20:fc:59:43:30:dc:b7:95:d1:a0:30:6d:84:db:
84:12:7e:d7:62:73:68:c2:25:21:a7:26:fd:71:f7:
06:bc:a2:06:a0:61:c2:47:4c:ff:ae:9e:35:95:46:
81:5b:4f:43:b1:85:e4:72:6a:04:df:56:4c:cb:a9:
7c:b2:05:4d:22:dd:3d:4f:7d:0c:9f:77:96:71:15:
b7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:95:A0:14:00:9F:37:79:E1:7A:5A:CC:6B:8C:77:24:0F:B7:3A:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/242E1DD4A76311F09BF2F099DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:c8:ec:49:f3:fd:dd:23:40:5b:47:bf:0c:bd:2c:a6:ec:99:
b3:db:28:90:ca:89:12:80:bd:0c:90:37:17:f1:48:82:79:e9:
d2:61:3e:26:d3:00:4a:15:5a:21:22:6b:19:74:be:a8:e9:f2:
31:1c:0e:5c:e7:32:63:8f:b3:19:34:8f:ba:fd:a0:7a:ac:8c:
4f:a1:00:91:d6:5a:f8:a5:99:5f:1a:08:de:96:e6:6d:c8:de:
32:c8:83:13:5e:12:9c:ba:75:88:56:b7:b3:d2:8f:ee:8b:01:
35:d8:5e:71:45:27:ab:c1:89:0f:12:6c:0d:a0:04:0d:92:d5:
58:47:15:f5:c9:c5:2b:09:01:5a:43:a5:c4:91:d3:b4:a4:4b:
e7:af:b6:16:ec:98:b1:f8:4b:d3:fd:86:a6:fb:d5:ae:35:17:
ac:db:dd:c6:c9:4d:34:a7:09:ac:47:20:c6:37:ac:d3:45:55:
7c:a4:06:36:a0:36:da:3e:c5:32:77:ae:03:3a:85:48:7c:70:
ef:7e:ef:6b:8c:31:5e:52:c5:0a:41:e4:47:20:f6:28:45:d5:
05:f0:21:2e:7e:88:76:c9:90:b8:4f:d6:e2:2d:a5:db:12:95:
9f:6a:73:bf:e7:94:33:c2:e1:e0:d2:ce:95:17:37:7d:0b:42:
55:77:81:74
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAYAeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDEyMTIwMTA1WhcNMjUxMTI3MTIwMTA1WjAYMRYw
FAYDVQQDEw02OGViOTg4Ni04N2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw+B4z9yeklz3FmfX0GZLJHYkfp+cFJh2uMM28lLAb9yuOaydqguzQ4h2
0Vqko76PZCwbzomt06TLAYXYfkEY1NcnxvrfzX/5tcslN8/WHeagVHjHOhde8p6q
mP1wIzxUt0tNhSJG7m/A8CIXj2vF/I0/U+9dNTC9ZZMazRFxYIc3lcIF88XKKitN
ecwtzndYMuAcRPD3VTjaZDsZ403iVZqf0KgdbfWHXGUZo/SODanVL67jIPxZQzDc
t5XRoDBthNuEEn7XYnNowiUhpyb9cfcGvKIGoGHCR0z/rp41lUaBW09DsYXkcmoE
31ZMy6l8sgVNIt09T30Mn3eWcRW3kwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFJKV
oBQAnzd54XpazGuMdyQPtzqjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNDJFMURENEE3NjMxMUYwOUJGMkYwOTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBACbI7Enz/d0jQFtHvwy9LKbsmbPbKJDKiRKAvQyQNxfxSIJ56dJhPibTAEoV
WiEiaxl0vqjp8jEcDlznMmOPsxk0j7r9oHqsjE+hAJHWWvilmV8aCN6W5m3I3jLI
gxNeEpy6dYhWt7PSj+6LATXYXnFFJ6vBiQ8SbA2gBA2S1VhHFfXJxSsJAVpDpcSR
07SkS+evthbsmLH4S9P9hqb71a41F6zb3cbJTTSnCaxHIMY3rNNFVXykBjagNto+
xTJ3rgM6hUh8cO9+72uMMV5SxQpB5Ecg9ihF1QXwIS5+iHbJkLhP1uItpdsSlZ9q
c7/nlDPC4eDSzpUXN30LQlV3gXQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:10 2025 by rpki-client