Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2725D1EA94B611F098840B8EDAE4EC9C.roa
File: 2725D1EA94B611F098840B8EDAE4EC9C.roa (raw, json)
Hash identifier: 1ecALyDs51hn3DzRQgKvV0nNuXb3pt0n/VT7kWMoBMk=
Subject key identifier: 50:01:54:BA:9B:5B:D4:30:09:97:BE:1E:66:5A:23:CD:B4:B5:BC:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017C22
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2725D1EA94B611F098840B8EDAE4EC9C.roa
Signing time: Thu 18 Sep 2025 17:37:31 +0000
ROA not before: Thu 18 Sep 2025 17:37:27 +0000
ROA not after: Mon 27 Oct 2025 17:37:27 +0000
asID: 64013
IP address blocks: 156.234.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97314 (0x17c22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 18 17:37:27 2025 GMT
Not After : Oct 27 17:37:27 2025 GMT
Subject: CN=68cc435b-bf9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:92:09:5d:ba:3d:df:af:19:46:51:5e:fc:83:
c1:ec:f3:8d:38:96:86:ed:79:da:e3:88:04:3d:af:
4f:25:c7:0b:09:59:23:41:39:c6:6a:83:82:f2:1b:
20:32:e2:3f:20:f0:b2:89:ca:7b:f5:27:c6:76:a9:
6e:33:b8:5c:b8:c7:1a:09:64:a8:06:f8:f6:a3:d4:
76:04:15:1d:90:a0:63:07:7a:e9:1c:74:3c:a9:33:
aa:e9:0c:9e:34:2d:c9:6e:73:0b:85:cf:fa:78:75:
45:e9:67:b6:4a:6e:f8:1f:72:1f:9b:90:b9:b0:0e:
53:93:64:34:6d:37:80:16:b4:43:b0:d7:0c:cd:03:
94:bd:31:aa:60:af:5d:f7:04:cd:ec:77:16:dd:a7:
6b:56:f7:01:c4:7e:ce:67:27:dd:30:27:04:75:c3:
24:5a:66:aa:b9:6b:56:42:32:5e:5e:e9:20:e4:c4:
f9:8c:ac:d5:b1:e4:d5:85:0d:27:5f:22:17:b1:21:
4c:01:ce:02:e3:c2:c9:91:ab:76:36:12:9b:e3:54:
a8:28:cf:5f:ca:dc:9d:39:14:fa:80:e7:9f:8e:7f:
1f:93:00:4b:b1:b3:b1:49:00:b2:b9:29:17:0d:04:
19:a4:25:20:03:fc:eb:df:64:7e:c6:16:d1:ac:0c:
d4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:01:54:BA:9B:5B:D4:30:09:97:BE:1E:66:5A:23:CD:B4:B5:BC:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2725D1EA94B611F098840B8EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:a7:46:3a:32:32:b3:9d:ec:18:23:cf:fd:6d:fe:6e:47:93:
dc:0c:e5:61:75:ca:62:af:66:2f:a8:bd:91:dc:36:d2:5e:fe:
f3:a8:26:36:ae:f2:0d:0c:e5:d0:a5:b6:e0:ab:be:48:81:19:
56:c0:db:04:e9:07:1b:f6:e3:a4:3a:20:da:29:9c:04:21:36:
e7:36:20:11:e5:26:96:83:6e:6d:8c:43:ce:32:0a:ae:8d:29:
12:1b:97:c3:d5:0f:c2:b7:e1:59:43:75:9b:69:21:de:3e:5f:
23:eb:a6:0c:9d:eb:1a:6a:44:49:b6:60:8d:94:59:47:4c:5d:
ac:81:d0:48:cb:85:0b:df:7d:65:9e:6c:19:19:56:d5:bf:57:
d1:7d:c0:0d:71:91:67:a2:66:ef:96:83:70:e8:ee:e5:d9:d5:
e4:9f:a6:47:ce:d5:ef:94:63:70:e4:16:fc:c4:eb:63:72:27:
2d:5b:69:17:f5:47:ec:09:f3:94:e2:5f:d2:e3:88:03:a6:c4:
f5:46:d2:d3:6a:f5:5a:63:97:0c:85:38:a6:48:96:f8:ea:76:
a2:d9:91:4c:16:cd:f7:40:36:d7:9a:b8:99:77:60:16:90:8d:
df:e4:e0:81:a9:d2:0a:23:24:1a:f4:66:68:6f:a1:89:fd:bb:
71:b9:48:0d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAXwiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE4MTczNzI3WhcNMjUxMDI3MTczNzI3WjAYMRYw
FAYDVQQDEw02OGNjNDM1Yi1iZjljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr5IJXbo9368ZRlFe/IPB7PONOJaG7Xna44gEPa9PJccLCVkjQTnGaoOC
8hsgMuI/IPCyicp79SfGdqluM7hcuMcaCWSoBvj2o9R2BBUdkKBjB3rpHHQ8qTOq
6QyeNC3JbnMLhc/6eHVF6We2Sm74H3Ifm5C5sA5Tk2Q0bTeAFrRDsNcMzQOUvTGq
YK9d9wTN7HcW3adrVvcBxH7OZyfdMCcEdcMkWmaquWtWQjJeXukg5MT5jKzVseTV
hQ0nXyIXsSFMAc4C48LJkat2NhKb41SoKM9fytydORT6gOefjn8fkwBLsbOxSQCy
uSkXDQQZpCUgA/zr32R+xhbRrAzUGQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFAB
VLqbW9QwCZe+HmZaI820tbw3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNzI1RDFFQTk0QjYxMUYwOTg4NDBCOEVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAIqnRjoyMrOd7Bgjz/1t/m5Hk9wM5WF1ymKvZi+ovZHcNtJe/vOoJjau8g0M
5dCltuCrvkiBGVbA2wTpBxv246Q6INopnAQhNuc2IBHlJpaDbm2MQ84yCq6NKRIb
l8PVD8K34VlDdZtpId4+XyPrpgyd6xpqREm2YI2UWUdMXayB0EjLhQvffWWebBkZ
VtW/V9F9wA1xkWeiZu+Wg3Do7uXZ1eSfpkfO1e+UY3DkFvzE62NyJy1baRf1R+wJ
85TiX9LjiAOmxPVG0tNq9VpjlwyFOKZIlvjqdqLZkUwWzfdANteauJl3YBaQjd/k
4IGp0gojJBr0ZmhvoYn9u3G5SA0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:26 2025 by rpki-client