Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A1301829AAC11F0B56CCBB0DAE4EC9C.roa
File: 3A1301829AAC11F0B56CCBB0DAE4EC9C.roa (raw, json)
Hash identifier: UT/Eo3kAFTuIBIG+r1hFJ3yRICtE02LHd4gBUNG2qgo=
Subject key identifier: CB:F1:BD:31:6D:15:7A:23:56:06:18:79:0E:16:BD:FB:52:55:3D:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D57
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A1301829AAC11F0B56CCBB0DAE4EC9C.roa
Signing time: Fri 26 Sep 2025 07:41:35 +0000
ROA not before: Fri 26 Sep 2025 07:41:28 +0000
ROA not after: Wed 29 Oct 2025 07:41:28 +0000
asID: 20473
IP address blocks: 156.231.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 15 Oct 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97623 (0x17d57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 26 07:41:28 2025 GMT
Not After : Oct 29 07:41:28 2025 GMT
Subject: CN=68d643af-8cbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8e:e3:af:ef:3c:b3:86:71:2f:e5:cb:7a:83:
61:93:7e:9a:e7:7d:64:91:db:13:75:70:c3:ea:e6:
fa:af:c0:3c:9b:f8:84:68:80:c0:7b:cf:e1:3d:ff:
8b:33:4a:9b:5e:e6:fc:d4:ed:20:d8:ef:97:d1:8b:
0c:2f:06:08:69:6f:6b:2f:52:fc:a8:d7:de:db:fc:
40:2f:be:3f:73:9d:4e:e8:70:7e:6d:e0:1d:2a:2f:
2d:e6:fe:2f:64:61:58:32:b8:4b:ac:ff:3b:3d:68:
af:65:e4:99:da:af:a0:41:16:8c:1b:8d:f5:2f:67:
b5:7a:f8:4e:54:f1:8e:32:d8:45:1f:bd:60:56:95:
86:c0:84:74:98:aa:77:93:d8:8d:fc:89:3e:de:6e:
42:88:2d:e8:6a:bf:87:d0:fc:4d:0f:d7:6d:d8:66:
09:a5:3c:38:4b:2f:8b:1f:fe:16:83:95:4c:52:fa:
03:90:6a:7d:dc:cb:b6:a0:a9:ad:6f:e8:af:f4:4a:
7d:5d:d7:0a:80:fa:e4:f2:63:fd:72:5c:49:00:fa:
85:9a:c3:cf:bb:c2:2d:fa:e2:d5:18:be:ed:7a:69:
72:c9:9e:61:6a:ba:9e:0f:84:76:f3:24:3f:39:83:
3a:f6:c1:e3:2c:5a:12:7b:d2:bf:c0:5e:76:67:8f:
69:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F1:BD:31:6D:15:7A:23:56:06:18:79:0E:16:BD:FB:52:55:3D:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A1301829AAC11F0B56CCBB0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.165.0/24
Signature Algorithm: sha256WithRSAEncryption
89:79:a3:f9:09:63:e1:10:2e:a2:95:f9:d2:2f:36:cb:42:18:
52:6f:1f:4e:b6:70:87:8f:ec:60:9c:23:f9:cd:33:e8:c1:c6:
a7:8b:eb:e9:33:fc:fa:da:a3:0b:4a:aa:8f:28:c0:da:fa:7c:
09:0b:9b:12:1f:56:f7:88:97:ca:82:a5:78:01:b9:e9:42:a1:
25:0f:85:fa:d9:8e:d0:e7:3d:44:fe:fa:95:49:74:c3:c1:77:
25:8a:ac:60:63:d2:c9:9d:04:ea:93:ac:ab:8c:9c:e1:c3:74:
b0:16:63:a3:ad:57:57:74:c1:d1:3a:85:f9:dd:7b:42:5b:ed:
fc:02:ce:23:67:39:08:6e:d6:14:07:e4:da:aa:40:0b:8b:86:
6b:e9:3b:ac:1c:02:aa:25:65:6f:7d:b6:0b:82:3d:47:da:b3:
62:8d:6b:56:bb:39:64:bc:a6:a1:d5:93:85:cc:9e:42:04:30:
38:bb:e9:29:a9:0d:70:e5:85:76:69:33:f6:bf:c3:b2:dd:22:
8e:e0:95:99:e4:b1:4b:16:1d:7d:20:19:ea:a7:c4:58:94:83:
9a:fe:96:28:ee:dd:27:0a:64:9e:55:c1:6e:2b:fd:79:e1:09:
90:a3:49:c0:d6:28:59:a7:00:95:9c:0f:a4:47:ad:40:d4:97:
63:72:01:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX1XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI2MDc0MTI4WhcNMjUxMDI5MDc0MTI4WjAYMRYw
FAYDVQQDEw02OGQ2NDNhZi04Y2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7Y7jr+88s4ZxL+XLeoNhk36a531kkdsTdXDD6ub6r8A8m/iEaIDAe8/h
Pf+LM0qbXub81O0g2O+X0YsMLwYIaW9rL1L8qNfe2/xAL74/c51O6HB+beAdKi8t
5v4vZGFYMrhLrP87PWivZeSZ2q+gQRaMG431L2e1evhOVPGOMthFH71gVpWGwIR0
mKp3k9iN/Ik+3m5CiC3oar+H0PxND9dt2GYJpTw4Sy+LH/4Wg5VMUvoDkGp93Mu2
oKmtb+iv9Ep9XdcKgPrk8mP9clxJAPqFmsPPu8It+uLVGL7temlyyZ5harqeD4R2
8yQ/OYM69sHjLFoSe9K/wF52Z49p0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMvx
vTFtFXojVgYYeQ4WvftSVT3yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTEzMDE4MjlBQUMxMUYwQjU2Q0NCQjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOelMA0GCSqGSIb3DQEBCwUA
A4IBAQCJeaP5CWPhEC6ilfnSLzbLQhhSbx9OtnCHj+xgnCP5zTPowcani+vpM/z6
2qMLSqqPKMDa+nwJC5sSH1b3iJfKgqV4AbnpQqElD4X62Y7Q5z1E/vqVSXTDwXcl
iqxgY9LJnQTqk6yrjJzhw3SwFmOjrVdXdMHROoX53XtCW+38As4jZzkIbtYUB+Ta
qkALi4Zr6TusHAKqJWVvfbYLgj1H2rNijWtWuzlkvKah1ZOFzJ5CBDA4u+kpqQ1w
5YV2aTP2v8Oy3SKO4JWZ5LFLFh19IBnqp8RYlIOa/pYo7t0nCmSeVcFuK/154QmQ
o0nA1ihZpwCVnA+kR61A1JdjcgF/
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:06:45 2025 by rpki-client