Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34A91C309DEB11F0B5A924B2DAE4EC9C.roa
File: 34A91C309DEB11F0B5A924B2DAE4EC9C.roa (raw, json)
Hash identifier: CTRy7qXPNWTWd1E5cWmgOCPA5PIVYKw+Vla0XboDNqU=
Subject key identifier: 6A:C4:DE:97:9A:BB:D2:6D:DC:17:4F:BB:37:AA:FD:D5:4F:C7:8F:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017E2F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34A91C309DEB11F0B5A924B2DAE4EC9C.roa
Signing time: Tue 30 Sep 2025 10:49:58 +0000
ROA not before: Tue 30 Sep 2025 10:49:53 +0000
ROA not after: Wed 05 Nov 2025 10:49:53 +0000
asID: 48031
IP address blocks: 156.236.22.0/24 maxlen: 24
156.236.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97839 (0x17e2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 30 10:49:53 2025 GMT
Not After : Nov 5 10:49:53 2025 GMT
Subject: CN=68dbb5d6-f759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ea:73:3f:66:0b:d6:17:cc:60:e8:b0:bc:78:
9f:54:52:b9:a3:0d:b1:3b:c8:0e:7f:c1:08:d0:7e:
18:55:51:d8:50:bc:7e:a7:84:41:c0:65:24:b8:c8:
3f:50:0b:d9:d3:7f:8e:8d:e1:29:7c:08:ed:93:1c:
e3:e2:1d:86:74:63:f8:a7:bd:e1:be:2c:0b:9e:f3:
2a:ec:5f:45:2a:27:42:a5:36:d7:59:60:f0:2d:d7:
50:a5:67:31:f4:ca:b3:ca:7f:c1:ba:33:cf:4c:22:
8a:88:86:3d:a5:85:93:79:c6:8e:24:ee:ef:76:da:
d2:e2:1a:bc:14:bd:c1:ca:63:2a:eb:cd:5a:be:91:
74:32:c4:f9:a2:45:40:73:e6:cc:c1:1b:87:c3:da:
dc:8e:27:22:b2:1f:24:eb:2f:54:21:59:4b:c4:b4:
3e:68:27:47:ee:3f:39:c2:73:16:e2:9b:49:41:70:
47:37:da:65:a1:d7:ed:51:63:6b:ae:5c:4c:47:b2:
6f:44:11:50:27:cc:54:70:48:9c:60:5e:f5:10:3c:
14:9e:9d:8e:61:c0:22:56:8f:67:64:d2:24:99:3e:
9d:89:e4:8f:a2:41:db:72:62:12:a9:89:8c:5f:82:
dd:8a:ba:39:a8:8e:66:1d:a6:dd:e4:fc:1e:57:3c:
b5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C4:DE:97:9A:BB:D2:6D:DC:17:4F:BB:37:AA:FD:D5:4F:C7:8F:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/34A91C309DEB11F0B5A924B2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.22.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:d0:46:ed:b4:79:e5:62:af:7b:90:1c:93:fb:d6:66:73:5d:
f7:75:67:ef:9c:aa:32:bb:df:14:ae:7e:45:63:e6:56:bd:ce:
32:dd:8f:63:e6:6b:b5:f6:a9:33:01:c1:ee:55:e3:68:9f:7b:
d8:b3:0a:c8:02:b2:7b:f1:91:9b:91:c6:01:cc:9e:24:e8:c9:
73:cf:85:b6:7c:df:f5:c9:35:3b:75:50:48:42:80:28:bb:53:
e8:ff:6a:c3:74:16:74:21:a6:fc:54:0c:76:7c:f9:bf:f4:67:
0c:cc:5c:81:ed:4b:ae:27:ba:b9:c6:86:8c:39:32:c3:ca:de:
74:1a:88:6a:ae:c3:be:b2:39:ea:7d:1c:61:58:95:07:fb:c8:
41:31:85:f3:9f:da:4c:73:06:9f:fa:e2:95:a5:b7:3b:19:72:
93:71:87:3c:32:f9:e1:49:c8:85:4c:df:85:f4:c1:61:62:3e:
cb:40:53:80:7c:97:22:ff:37:05:42:73:c8:b6:fb:8a:19:d0:
ba:e3:08:cf:ae:8f:b8:70:60:d9:42:24:fa:85:12:9b:ed:ee:
8a:03:a1:b4:b1:cb:6b:68:8c:74:d9:86:69:10:e9:af:c2:83:
d1:b1:e5:68:af:8e:3c:f9:42:8a:7c:64:b9:e9:b6:c7:d0:72:
9b:e6:c9:28
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX4vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTMwMTA0OTUzWhcNMjUxMTA1MTA0OTUzWjAYMRYw
FAYDVQQDEw02OGRiYjVkNi1mNzU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0OpzP2YL1hfMYOiwvHifVFK5ow2xO8gOf8EI0H4YVVHYULx+p4RBwGUk
uMg/UAvZ03+OjeEpfAjtkxzj4h2GdGP4p73hviwLnvMq7F9FKidCpTbXWWDwLddQ
pWcx9Mqzyn/BujPPTCKKiIY9pYWTecaOJO7vdtrS4hq8FL3BymMq681avpF0MsT5
okVAc+bMwRuHw9rcjicish8k6y9UIVlLxLQ+aCdH7j85wnMW4ptJQXBHN9plodft
UWNrrlxMR7JvRBFQJ8xUcEicYF71EDwUnp2OYcAiVo9nZNIkmT6dieSPokHbcmIS
qYmMX4Ldiro5qI5mHabd5PweVzy1vQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGrE
3peau9Jt3BdPuzeq/dVPx48vMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNEE5MUMzMDlERUIxMUYwQjVBOTI0QjJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOwWMA0GCSqGSIb3DQEBCwUA
A4IBAQCl0EbttHnlYq97kByT+9Zmc133dWfvnKoyu98Urn5FY+ZWvc4y3Y9j5mu1
9qkzAcHuVeNon3vYswrIArJ78ZGbkcYBzJ4k6Mlzz4W2fN/1yTU7dVBIQoAou1Po
/2rDdBZ0Iab8VAx2fPm/9GcMzFyB7UuuJ7q5xoaMOTLDyt50GohqrsO+sjnqfRxh
WJUH+8hBMYXzn9pMcwaf+uKVpbc7GXKTcYc8MvnhSciFTN+F9MFhYj7LQFOAfJci
/zcFQnPItvuKGdC64wjPro+4cGDZQiT6hRKb7e6KA6G0sctraIx02YZpEOmvwoPR
seVor448+UKKfGS56bbH0HKb5sko
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:51 2025 by rpki-client