Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40DAFDD0998511F09BA525A7DAE4EC9C.roa
File: 40DAFDD0998511F09BA525A7DAE4EC9C.roa (raw, json)
Hash identifier: 8eu61zA5A07tUB0jVkZtBMBIlSkcXqPzUdEpkDeE9vk=
Subject key identifier: 7B:62:5B:7C:2F:2A:B0:9D:B3:74:D0:AC:79:16:10:80:9E:5F:3B:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40DAFDD0998511F09BA525A7DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 20:30:05 +0000
ROA not before: Wed 24 Sep 2025 20:29:56 +0000
ROA not after: Tue 04 Nov 2025 20:29:56 +0000
asID: 40779
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97563 (0x17d1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 20:29:56 2025 GMT
Not After : Nov 4 20:29:56 2025 GMT
Subject: CN=68d454cd-fc6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bc:17:7a:96:79:31:de:e6:ea:3e:f3:67:40:
b7:dc:ed:00:68:c5:0d:1a:f2:c0:ff:0e:2b:6a:37:
3c:9b:f5:49:6f:b9:85:e1:d3:0d:02:d6:b2:70:6e:
1b:da:c2:bd:80:87:09:e5:26:83:90:69:10:51:3b:
48:d5:1f:14:ad:86:46:88:8b:55:ac:01:0a:85:94:
04:8a:e2:80:a7:fd:dc:19:35:5d:c0:0d:22:8d:15:
68:66:c4:ad:9e:94:34:8f:16:a8:e5:2c:5e:85:b9:
42:45:40:8c:a9:90:a0:09:c1:d5:e8:aa:58:0b:79:
d6:a1:60:03:cc:5b:8a:bc:99:06:d5:93:fa:ce:90:
25:54:ca:40:7d:8b:61:11:74:2e:29:7f:8e:c0:81:
18:ae:bb:b0:23:3d:53:8b:41:1a:3b:bf:bc:9a:f7:
40:e6:94:a4:41:b0:a4:c0:00:99:cf:39:75:bc:c7:
32:e1:5e:20:7b:57:5e:71:06:bf:3c:99:c0:70:2b:
2c:08:e3:ca:4d:52:23:cc:5e:d8:7d:64:0f:67:da:
7a:ac:87:b3:24:ea:68:8c:7c:fe:3b:19:2d:28:fb:
4f:e2:71:71:09:8c:2a:5d:5f:f0:bd:5e:85:8d:02:
a3:0e:24:9a:4b:8a:b8:98:c0:3b:d6:ae:a9:fe:29:
6a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:62:5B:7C:2F:2A:B0:9D:B3:74:D0:AC:79:16:10:80:9E:5F:3B:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40DAFDD0998511F09BA525A7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:59:ce:0f:35:30:8e:db:fd:05:8e:37:6f:26:e5:a7:f4:73:
65:32:f7:31:d9:c2:ee:d2:00:55:3f:e4:af:82:a6:28:4d:97:
e6:68:59:f6:31:3d:cd:c6:65:2c:18:95:d8:6f:5d:b8:a4:9c:
57:af:81:c0:c2:08:f8:12:6f:fd:ee:d3:ca:49:94:8c:cd:28:
14:2d:f1:3e:d1:bb:16:2f:d0:ad:8a:9e:30:6f:f9:48:f6:bc:
84:d1:56:ca:32:16:3a:66:d6:d0:6b:a7:f5:91:b2:c8:1a:52:
f3:18:c4:3c:c2:46:1a:0c:2b:36:2c:8b:3e:ef:65:ba:12:95:
ff:02:97:60:4a:97:90:14:c7:23:f1:ed:68:57:f1:53:b2:f4:
c9:16:e2:42:bc:70:dd:48:7d:b8:fd:b0:3f:05:43:91:18:55:
f1:76:42:8d:d5:87:67:38:d3:4b:35:6e:b7:6a:40:bb:51:5d:
bb:bf:58:83:47:e2:bf:b5:7d:db:71:89:ca:33:c0:cb:c5:8c:
53:93:07:e7:75:4e:65:6d:7b:1d:f9:d5:ca:ce:91:92:17:0c:
51:ba:88:a5:1c:43:51:8a:70:49:50:ac:ac:8c:c0:79:ed:4f:
28:72:86:b4:a9:5a:b3:aa:42:3d:bf:ba:ab:ac:51:95:ff:7c:
ee:24:df:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX0bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MjAyOTU2WhcNMjUxMTA0MjAyOTU2WjAYMRYw
FAYDVQQDEw02OGQ0NTRjZC1mYzZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz7wXepZ5Md7m6j7zZ0C33O0AaMUNGvLA/w4rajc8m/VJb7mF4dMNAtay
cG4b2sK9gIcJ5SaDkGkQUTtI1R8UrYZGiItVrAEKhZQEiuKAp/3cGTVdwA0ijRVo
ZsStnpQ0jxao5SxehblCRUCMqZCgCcHV6KpYC3nWoWADzFuKvJkG1ZP6zpAlVMpA
fYthEXQuKX+OwIEYrruwIz1Ti0EaO7+8mvdA5pSkQbCkwACZzzl1vMcy4V4ge1de
cQa/PJnAcCssCOPKTVIjzF7YfWQPZ9p6rIezJOpojHz+OxktKPtP4nFxCYwqXV/w
vV6FjQKjDiSaS4q4mMA71q6p/ilqzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHti
W3wvKrCds3TQrHkWEICeXzuqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MERBRkREMDk5ODUxMUYwOUJBNTI1QTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQBuWc4PNTCO2/0FjjdvJuWn9HNlMvcx2cLu0gBVP+SvgqYoTZfmaFn2MT3N
xmUsGJXYb124pJxXr4HAwgj4Em/97tPKSZSMzSgULfE+0bsWL9Ctip4wb/lI9ryE
0VbKMhY6ZtbQa6f1kbLIGlLzGMQ8wkYaDCs2LIs+72W6EpX/ApdgSpeQFMcj8e1o
V/FTsvTJFuJCvHDdSH24/bA/BUORGFXxdkKN1YdnONNLNW63akC7UV27v1iDR+K/
tX3bcYnKM8DLxYxTkwfndU5lbXsd+dXKzpGSFwxRuoilHENRinBJUKysjMB57U8o
coa0qVqzqkI9v7qrrFGV/3zuJN8b
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:14 2025 by rpki-client