Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AEECE6AC3CF11F09F1443D8DAE4EC9C.roa
File: 2AEECE6AC3CF11F09F1443D8DAE4EC9C.roa (raw, json)
Hash identifier: 1Pp38qiQ9ridgWG/QMgwszg+vjw7tWY42y5Wx7aoGQU=
Subject key identifier: 9F:1B:17:2E:83:7A:B8:94:7F:5A:D0:6E:98:18:1E:C5:2F:2E:B1:7D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018805
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AEECE6AC3CF11F09F1443D8DAE4EC9C.roa
Signing time: Mon 17 Nov 2025 16:05:00 +0000
ROA not before: Mon 17 Nov 2025 16:04:55 +0000
ROA not after: Sat 27 Dec 2025 16:04:55 +0000
asID: 3257
IP address blocks: 156.225.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 19 Nov 2025 14:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100357 (0x18805)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 16:04:55 2025 GMT
Not After : Dec 27 16:04:55 2025 GMT
Subject: CN=691b47ac-35f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:30:22:ea:7d:a6:93:98:e3:96:80:45:53:ed:
50:1e:55:a3:6a:96:54:c8:a7:df:0c:77:40:2c:2c:
a1:8f:b0:ab:6e:5d:bd:b3:2e:cd:51:e7:d8:78:b0:
ca:a3:9e:4c:ef:c4:3d:4f:9c:31:e8:a9:6a:d9:73:
89:75:60:11:ac:cf:98:3a:9e:91:2b:fc:d4:c6:7f:
fb:eb:c6:67:9d:99:40:76:04:7f:b0:7b:b3:89:30:
47:48:d2:79:e1:02:4e:48:bc:99:a1:7a:75:6a:48:
f0:c6:23:b4:a7:6e:27:ac:cf:de:51:73:f9:f8:1f:
2a:f2:3c:c2:35:b5:d3:10:78:ee:89:57:fa:1f:56:
2a:bf:bf:8c:d3:7d:44:23:c8:7d:14:83:43:15:c3:
f2:02:58:ef:44:d0:e5:1f:74:a1:69:de:62:88:36:
7a:fe:bf:03:52:9a:6f:98:12:c4:5c:fe:21:fc:6a:
8b:c9:88:4a:b9:66:f2:d5:7f:a4:0c:f1:77:28:e5:
37:ce:b7:d0:f7:0e:3d:37:34:17:a3:65:cb:8b:9f:
e4:d2:8a:08:bf:39:c1:36:b4:9f:70:6f:e9:0e:12:
f7:b2:f3:35:2d:b4:36:b0:ee:6b:5e:31:f7:39:30:
f3:e0:34:14:7d:30:aa:44:ad:8f:63:55:77:07:2e:
6e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:1B:17:2E:83:7A:B8:94:7F:5A:D0:6E:98:18:1E:C5:2F:2E:B1:7D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2AEECE6AC3CF11F09F1443D8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.15.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:14:77:8a:aa:d1:97:38:da:e5:b3:67:ee:e4:e4:3e:b1:ab:
4e:6d:47:c9:f8:65:10:53:6b:42:7e:81:18:ad:94:cf:63:77:
34:ed:29:27:2c:c7:f9:52:82:38:c0:28:08:f8:eb:43:1a:73:
7c:41:94:8c:fd:79:fd:35:74:70:35:38:78:1f:67:60:5b:d8:
72:1a:dc:5e:91:ee:5e:79:0e:d2:ac:11:60:6f:1f:3e:e5:72:
4b:cd:7f:ae:16:29:9f:43:4d:45:06:50:3e:1c:78:f5:31:06:
83:f6:8b:46:ce:b0:10:9d:dd:5c:80:17:c1:51:91:60:c1:4d:
c4:09:77:20:7b:1c:f8:e4:12:97:1e:c7:b4:f5:5f:7f:dc:32:
20:27:bb:12:1d:7d:bd:e8:8e:d6:85:b5:69:1a:60:37:0d:39:
50:ce:92:4a:70:b7:c0:f1:f5:9a:43:45:df:2d:92:9a:a1:b6:
a8:06:fd:c2:54:a0:83:f2:a2:d6:99:cf:d5:a6:54:6c:80:59:
96:3d:91:9b:cf:21:b6:30:5b:e3:ed:fa:c9:44:7c:da:55:d1:
b9:d7:77:85:2f:aa:49:87:22:98:c0:11:f7:db:3b:8a:86:1d:
9b:2b:a8:cf:ec:15:4f:e3:d0:64:32:d5:d9:e2:62:62:38:c2:
6f:40:e3:ae
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYgFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMTE3MTYwNDU1WhcNMjUxMjI3MTYwNDU1WjAYMRYw
FAYDVQQDEw02OTFiNDdhYy0zNWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4jAi6n2mk5jjloBFU+1QHlWjapZUyKffDHdALCyhj7Crbl29sy7NUefY
eLDKo55M78Q9T5wx6Klq2XOJdWARrM+YOp6RK/zUxn/768ZnnZlAdgR/sHuziTBH
SNJ54QJOSLyZoXp1akjwxiO0p24nrM/eUXP5+B8q8jzCNbXTEHjuiVf6H1Yqv7+M
031EI8h9FINDFcPyAljvRNDlH3Shad5iiDZ6/r8DUppvmBLEXP4h/GqLyYhKuWby
1X+kDPF3KOU3zrfQ9w49NzQXo2XLi5/k0ooIvznBNrSfcG/pDhL3svM1LbQ2sO5r
XjH3OTDz4DQUfTCqRK2PY1V3By5u0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ8b
Fy6DeriUf1rQbpgYHsUvLrF9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQUVFQ0U2QUMzQ0YxMUYwOUYxNDQzRDhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEPMA0GCSqGSIb3DQEBCwUA
A4IBAQBMFHeKqtGXONrls2fu5OQ+satObUfJ+GUQU2tCfoEYrZTPY3c07SknLMf5
UoI4wCgI+OtDGnN8QZSM/Xn9NXRwNTh4H2dgW9hyGtxeke5eeQ7SrBFgbx8+5XJL
zX+uFimfQ01FBlA+HHj1MQaD9otGzrAQnd1cgBfBUZFgwU3ECXcgexz45BKXHse0
9V9/3DIgJ7sSHX296I7WhbVpGmA3DTlQzpJKcLfA8fWaQ0XfLZKaobaoBv3CVKCD
8qLWmc/VplRsgFmWPZGbzyG2MFvj7frJRHzaVdG513eFL6pJhyKYwBH32zuKhh2b
K6jP7BVP49BkMtXZ4mJiOMJvQOOu
-----END CERTIFICATE-----
Generated at Mon Nov 17 23:50:24 2025 by rpki-client