Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F933B0E953411F0AE7AAEC3DAE4EC9C.roa
File: 3F933B0E953411F0AE7AAEC3DAE4EC9C.roa (raw, json)
Hash identifier: KZLAVIcHK0d6A5sPKdRMLQEta5er8lFCL/6TeH8jLu4=
Subject key identifier: 12:3D:48:36:D5:AB:71:A9:5A:9B:28:4C:D4:9C:EA:C0:FB:78:01:6E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017C73
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F933B0E953411F0AE7AAEC3DAE4EC9C.roa
Signing time: Fri 19 Sep 2025 08:40:09 +0000
ROA not before: Fri 19 Sep 2025 08:40:04 +0000
ROA not after: Thu 23 Oct 2025 08:40:04 +0000
asID: 214025
IP address blocks: 156.229.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97395 (0x17c73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 19 08:40:04 2025 GMT
Not After : Oct 23 08:40:04 2025 GMT
Subject: CN=68cd16e9-34b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:78:ae:b1:3f:d3:8d:5f:2d:24:3b:fc:d8:
78:84:86:93:ba:41:73:d1:4c:aa:dd:19:33:4a:1e:
85:b4:51:fc:0e:53:46:41:19:ac:c5:2a:df:0a:12:
90:bf:b8:63:86:19:4a:13:87:37:b4:b7:8a:65:53:
da:e6:54:99:11:72:23:36:d2:0d:75:84:b4:b4:da:
58:f8:1c:db:f7:37:79:21:11:a8:66:f7:7b:fe:b9:
f2:e3:a6:e9:9d:92:91:db:ae:a3:0f:a8:46:e9:da:
62:c4:d8:f0:3a:31:2a:13:ed:93:0b:3f:75:f6:3d:
04:f8:85:6d:01:82:a2:57:b2:3c:a4:3a:f5:3b:40:
9f:d4:5b:03:c0:06:46:05:b4:8c:5b:cb:fc:ec:fe:
8a:59:11:72:80:19:94:f3:98:97:46:ad:be:c1:fd:
1a:55:f1:d7:5a:c1:22:fb:2f:63:eb:47:3d:e0:fb:
86:2d:e0:8b:5d:e0:2d:30:e9:49:9b:0c:d1:c2:bf:
3d:ed:b3:cd:24:bf:17:8e:6b:d5:a6:2a:fc:12:82:
fc:9e:42:39:bf:78:4a:ae:2f:94:34:0a:cd:7c:60:
e0:c3:c9:3c:e6:2f:9f:d9:aa:02:8a:0d:01:f9:b8:
ae:f6:70:d6:a2:18:13:54:6a:15:62:2b:d4:3e:82:
62:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3D:48:36:D5:AB:71:A9:5A:9B:28:4C:D4:9C:EA:C0:FB:78:01:6E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F933B0E953411F0AE7AAEC3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.0.0/24
Signature Algorithm: sha256WithRSAEncryption
43:9f:c1:91:73:09:4d:59:5a:43:6d:e0:22:bd:05:d5:71:12:
d9:81:c3:80:05:06:ae:ab:d3:05:16:2f:ff:0c:4b:19:fb:e8:
ac:86:a0:cd:99:f7:00:d5:38:1f:bf:3f:a5:67:6e:2f:d9:c4:
d7:93:d4:50:b6:12:30:17:e3:9c:57:3f:4a:37:f6:db:5d:52:
c3:9f:62:c6:62:e2:7e:ca:52:89:48:12:6e:2c:e5:60:3c:a9:
2d:35:ef:8b:53:b7:d0:20:c7:1f:42:c3:2a:f1:b8:66:f5:d8:
c3:71:16:12:65:65:dd:d0:33:34:b1:d9:02:17:6f:c3:70:b8:
7e:b4:2b:72:4e:41:15:59:51:ae:3a:3d:08:9a:7b:63:4a:22:
13:65:20:2d:6a:c1:1a:35:8f:c6:e6:28:be:c1:ab:ab:6c:6f:
3b:14:5f:b9:1b:9a:99:2c:92:be:83:e4:49:1c:66:b5:48:7f:
c3:cd:fc:b6:42:a1:35:49:49:b1:61:46:a2:03:73:24:40:9a:
bc:ff:3f:63:46:33:db:0e:d0:3f:b2:5b:71:20:49:f2:f0:bb:
6e:56:fb:f7:ed:a8:5d:c5:bb:6c:05:70:c3:7c:24:4e:bc:4b:
2d:18:e6:85:14:88:8a:4b:24:0d:88:e0:8b:dc:87:40:bb:5b:
8e:a2:f4:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXxzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE5MDg0MDA0WhcNMjUxMDIzMDg0MDA0WjAYMRYw
FAYDVQQDEw02OGNkMTZlOS0zNGI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlF4rrE/041fLSQ7/Nh4hIaTukFz0Uyq3RkzSh6FtFH8DlNGQRmsxSrf
ChKQv7hjhhlKE4c3tLeKZVPa5lSZEXIjNtINdYS0tNpY+Bzb9zd5IRGoZvd7/rny
46bpnZKR266jD6hG6dpixNjwOjEqE+2TCz919j0E+IVtAYKiV7I8pDr1O0Cf1FsD
wAZGBbSMW8v87P6KWRFygBmU85iXRq2+wf0aVfHXWsEi+y9j60c94PuGLeCLXeAt
MOlJmwzRwr897bPNJL8XjmvVpir8EoL8nkI5v3hKri+UNArNfGDgw8k85i+f2aoC
ig0B+biu9nDWohgTVGoVYivUPoJiQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBI9
SDbVq3GpWpsoTNSc6sD7eAFuMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjkzM0IwRTk1MzQxMUYwQUU3QUFFQzNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOUAMA0GCSqGSIb3DQEBCwUA
A4IBAQBDn8GRcwlNWVpDbeAivQXVcRLZgcOABQauq9MFFi//DEsZ++ishqDNmfcA
1Tgfvz+lZ24v2cTXk9RQthIwF+OcVz9KN/bbXVLDn2LGYuJ+ylKJSBJuLOVgPKkt
Ne+LU7fQIMcfQsMq8bhm9djDcRYSZWXd0DM0sdkCF2/DcLh+tCtyTkEVWVGuOj0I
mntjSiITZSAtasEaNY/G5ii+waurbG87FF+5G5qZLJK+g+RJHGa1SH/Dzfy2QqE1
SUmxYUaiA3MkQJq8/z9jRjPbDtA/sltxIEny8LtuVvv37ahdxbtsBXDDfCROvEst
GOaFFIiKSyQNiOCL3IdAu1uOovTY
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:22 2025 by rpki-client