Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DCD970E90F011F0919E7D9ADAE4EC9C.roa
File: 2DCD970E90F011F0919E7D9ADAE4EC9C.roa (raw, json)
Hash identifier: +AZ4ZcBFd+wZOP1j/yP0Yza7A2JlH3oW5WTqDYB+6Yo=
Subject key identifier: F8:2B:7D:FA:6B:F6:F6:B5:03:B3:4B:55:C1:45:8A:54:C8:06:BA:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017AF1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DCD970E90F011F0919E7D9ADAE4EC9C.roa
Signing time: Sat 13 Sep 2025 22:22:49 +0000
ROA not before: Sat 13 Sep 2025 22:22:44 +0000
ROA not after: Mon 20 Oct 2025 22:22:44 +0000
asID: 214413
IP address blocks: 156.225.52.0/22 maxlen: 24
156.226.131.0/24 maxlen: 24
156.226.132.0/24 maxlen: 24
156.226.200.0/22 maxlen: 24
156.226.218.0/23 maxlen: 24
156.226.243.0/24 maxlen: 24
156.226.244.0/24 maxlen: 24
156.227.52.0/22 maxlen: 24
156.230.152.0/22 maxlen: 24
156.236.120.0/22 maxlen: 24
156.238.56.0/22 maxlen: 24
156.243.113.0/24 maxlen: 24
156.243.114.0/24 maxlen: 24
156.245.220.0/22 maxlen: 24
156.249.240.0/22 maxlen: 24
156.252.30.0/23 maxlen: 24
156.255.59.0/24 maxlen: 24
156.255.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 20 Oct 2025 22:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97009 (0x17af1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 13 22:22:44 2025 GMT
Not After : Oct 20 22:22:44 2025 GMT
Subject: CN=68c5eeb9-9e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:00:ec:0d:2d:b6:ca:82:90:4f:de:c3:f9:2b:
47:ac:58:b7:45:e9:1b:67:25:fd:68:e1:4a:d0:51:
2b:17:f2:31:1e:79:2d:59:ca:0a:d7:9c:c5:ba:24:
ee:9d:2d:48:fa:46:45:94:80:3e:db:a8:58:5a:55:
0a:d4:df:15:6e:bd:4c:53:23:88:19:ac:d9:1c:81:
77:95:aa:9e:9d:1a:dd:d3:a8:61:7b:76:a6:0f:30:
ed:a2:81:46:dc:3f:fa:d0:74:5d:bd:07:fc:ad:ec:
1f:1e:59:51:9b:d4:9c:a8:3b:9e:2a:9b:29:e4:ce:
a1:e6:92:9e:97:18:a9:76:05:1f:6e:44:be:7e:4a:
74:af:29:0e:f7:1c:1b:8d:e8:97:a3:cf:3a:f1:da:
d7:b8:90:35:f3:46:d9:cc:46:f9:d4:56:e5:f4:7b:
6c:95:66:24:f4:46:f7:e8:51:46:46:6d:bc:7e:97:
3e:c7:5c:63:ef:ff:f0:56:6b:4a:3d:88:0c:40:09:
bb:dc:2d:49:cf:20:b1:9a:62:c8:77:6b:ee:7a:bf:
36:77:8d:dc:f7:ab:cf:b9:97:c2:bb:35:fc:2f:72:
6a:a8:6d:1d:00:7c:17:b8:a8:9c:24:cd:c2:1f:bc:
24:46:80:c3:6c:9d:54:7e:0a:dc:ae:a3:5e:e1:bc:
27:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2B:7D:FA:6B:F6:F6:B5:03:B3:4B:55:C1:45:8A:54:C8:06:BA:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2DCD970E90F011F0919E7D9ADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.52.0/22
156.226.131.0-156.226.132.255
156.226.200.0/22
156.226.218.0/23
156.226.243.0-156.226.244.255
156.227.52.0/22
156.230.152.0/22
156.236.120.0/22
156.238.56.0/22
156.243.113.0-156.243.114.255
156.245.220.0/22
156.249.240.0/22
156.252.30.0/23
156.255.59.0-156.255.60.255
Signature Algorithm: sha256WithRSAEncryption
21:13:aa:e6:27:61:26:09:42:fc:3a:ba:cd:8d:c8:0d:8e:a8:
14:a7:1c:cf:cb:71:8b:00:64:94:7a:3f:16:0a:01:1f:90:fd:
eb:29:3f:e7:a9:81:78:0d:ad:83:49:94:57:b0:dc:25:ed:ae:
2f:0c:a4:e1:15:30:e2:47:80:dc:88:71:88:63:fb:2a:b0:9a:
44:10:87:77:44:24:51:5c:8d:e9:a6:65:e9:1a:67:45:44:3d:
b4:4c:0f:a8:66:d4:b2:0a:35:09:2b:7d:dd:74:d7:90:ac:20:
21:27:74:e0:87:79:70:d5:cc:ca:80:3a:4c:6a:86:58:33:f8:
c3:4e:e3:1f:ce:9e:f4:64:47:7b:dc:e3:ed:82:c9:c9:80:31:
35:1a:0e:3a:83:10:e6:b0:c5:e5:17:57:c7:58:e7:ff:28:97:
16:1e:7c:07:cb:dd:07:c0:12:cc:52:b1:b7:74:1b:00:02:be:
b2:ea:a0:27:05:00:f1:f0:e0:69:cb:e2:65:b9:b3:ec:c8:0a:
30:0b:54:19:48:3a:dd:e9:82:d6:15:f0:16:9b:55:b1:0b:94:
f0:3d:5f:71:63:88:fb:98:bf:3a:16:37:30:c2:a1:8a:c2:07:
a3:f8:78:03:c6:91:bd:bb:7b:b4:a1:b9:59:bb:d7:a1:e3:2a:
8a:75:00:4e
-----BEGIN CERTIFICATE-----
MIIF8DCCBNigAwIBAgIDAXrxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTEzMjIyMjQ0WhcNMjUxMDIwMjIyMjQ0WjAYMRYw
FAYDVQQDEw02OGM1ZWViOS05ZTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0gDsDS22yoKQT97D+StHrFi3RekbZyX9aOFK0FErF/IxHnktWcoK15zF
uiTunS1I+kZFlIA+26hYWlUK1N8Vbr1MUyOIGazZHIF3laqenRrd06hhe3amDzDt
ooFG3D/60HRdvQf8rewfHllRm9ScqDueKpsp5M6h5pKelxipdgUfbkS+fkp0rykO
9xwbjeiXo8868drXuJA180bZzEb51Fbl9HtslWYk9Eb36FFGRm28fpc+x1xj7//w
VmtKPYgMQAm73C1JzyCxmmLId2vuer82d43c96vPuZfCuzX8L3JqqG0dAHwXuKic
JM3CH7wkRoDDbJ1UfgrcrqNe4bwnfwIDAQABo4IDETCCAw0wHQYDVR0OBBYEFPgr
ffpr9va1A7NLVcFFilTIBro0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRENEOTcwRTkwRjAxMUYwOTE5RTdEOUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEApzhNDAMAwQAnOKDAwQAnOKE
AwQCnOLIAwQBnOLaMAwDBACc4vMDBACc4vQDBAKc4zQDBAKc5pgDBAKc7HgDBAKc
7jgwDAMEAJzzcQMEAJzzcgMEApz13AMEApz58AMEAZz8HjAMAwQAnP87AwQAnP88
MA0GCSqGSIb3DQEBCwUAA4IBAQAhE6rmJ2EmCUL8OrrNjcgNjqgUpxzPy3GLAGSU
ej8WCgEfkP3rKT/nqYF4Da2DSZRXsNwl7a4vDKThFTDiR4DciHGIY/sqsJpEEId3
RCRRXI3ppmXpGmdFRD20TA+oZtSyCjUJK33ddNeQrCAhJ3Tgh3lw1czKgDpMaoZY
M/jDTuMfzp70ZEd73OPtgsnJgDE1Gg46gxDmsMXlF1fHWOf/KJcWHnwHy90HwBLM
UrG3dBsAAr6y6qAnBQDx8OBpy+JlubPsyAowC1QZSDrd6YLWFfAWm1WxC5TwPV9x
Y4j7mL86FjcwwqGKwgej+HgDxpG9u3u0oblZu9eh4yqKdQBO
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:57 2025 by rpki-client