Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E866CDAAE5211F0A520B2C2DAE4EC9C.roa
File: 4E866CDAAE5211F0A520B2C2DAE4EC9C.roa (raw, json)
Hash identifier: YGk0UPM8o2YDrOInqG3VImdffKmaecOEy0wesAwXk9U=
Subject key identifier: 18:8C:C8:53:4B:85:C7:3D:FF:B3:6F:90:6D:54:ED:6A:00:B5:0A:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0181D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E866CDAAE5211F0A520B2C2DAE4EC9C.roa
Signing time: Tue 21 Oct 2025 07:48:18 +0000
ROA not before: Tue 21 Oct 2025 07:48:11 +0000
ROA not after: Mon 24 Nov 2025 07:48:11 +0000
asID: 134365
IP address blocks: 156.239.52.0/23 maxlen: 24
156.239.52.0/24 maxlen: 24
156.239.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 24 Oct 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98776 (0x181d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 21 07:48:11 2025 GMT
Not After : Nov 24 07:48:11 2025 GMT
Subject: CN=68f73ac2-d138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:28:39:84:32:cb:34:de:6e:64:f6:ea:d1:36:
b0:c0:8b:4f:3b:80:b3:3b:d5:de:6b:ab:33:8c:be:
de:cd:57:d1:fc:d5:e7:52:fc:38:cf:24:d0:b5:3f:
3b:93:87:33:dd:c8:b6:93:06:af:31:88:bb:6d:d5:
2f:12:66:60:07:19:44:be:b1:9f:94:56:67:dc:24:
27:07:f5:d4:9e:0c:43:41:c9:2f:99:be:58:f6:bf:
4c:36:ee:f2:a7:64:16:a4:d5:6a:f3:a2:cc:6b:72:
19:74:1d:12:97:2a:58:03:e9:96:39:49:d5:34:78:
b7:ba:68:b8:9e:6d:56:32:f9:8f:0f:99:b8:96:2f:
98:da:16:be:9c:bd:af:39:db:15:04:11:9e:07:6a:
39:d7:ca:d5:fe:29:28:cf:db:c7:79:7d:f0:b4:ad:
19:3a:79:12:3d:c9:b0:3a:f6:18:b3:17:bf:1f:26:
d6:ed:64:88:37:41:e4:1c:9b:a8:1a:d7:60:0c:82:
e1:5e:c1:7a:5e:b3:ca:f4:4f:b7:54:4d:29:f2:1d:
22:b5:22:0a:66:b1:d2:99:23:3a:4b:0f:68:cd:ff:
86:7d:0f:c1:15:7b:8d:bc:a2:27:48:15:2c:2d:7c:
1b:c1:7d:a5:19:6f:d9:cb:f4:b9:79:15:79:9a:3f:
52:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8C:C8:53:4B:85:C7:3D:FF:B3:6F:90:6D:54:ED:6A:00:B5:0A:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E866CDAAE5211F0A520B2C2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.52.0/23
Signature Algorithm: sha256WithRSAEncryption
04:4e:bc:52:9c:a8:19:c2:9e:99:50:f7:92:04:0a:9c:27:3c:
90:61:d2:29:9a:f8:da:1d:a8:2c:ce:da:2f:3e:a5:ac:59:98:
80:25:06:f1:98:c1:56:56:70:9f:bd:5c:e0:cd:e2:cb:19:db:
3b:ba:59:eb:98:d3:7d:7b:f7:9a:9e:97:cb:35:e3:4d:c3:79:
6b:11:6e:c5:44:30:0b:e7:90:c3:ee:93:dd:7f:90:71:2f:83:
71:b8:77:20:05:37:52:69:8d:24:74:d4:e3:f7:cc:af:40:8c:
bf:3c:88:d0:52:66:77:96:92:ac:00:ad:6d:28:f3:2b:4b:56:
f2:b3:b5:38:47:74:c4:2c:4e:f8:d6:4c:c6:fc:c0:c1:0b:85:
bb:c5:10:d3:22:07:01:0c:16:4b:58:65:cb:d4:a7:98:a1:be:
56:39:59:f2:da:1c:fc:ca:32:bd:be:69:76:9b:4c:e6:f1:e3:
90:8f:7f:4e:5c:f1:31:ba:f9:29:20:6c:f3:79:f1:99:de:46:
a8:8b:71:00:51:fa:a2:db:54:0b:16:83:a4:56:61:fc:39:8a:
87:a7:eb:9b:2f:12:5c:3f:8e:31:95:29:b6:58:33:12:5a:88:
a7:dd:99:42:6a:10:98:25:ed:5a:2d:7d:26:59:fe:db:2a:d5:
5d:e9:3e:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYHYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIxMDc0ODExWhcNMjUxMTI0MDc0ODExWjAYMRYw
FAYDVQQDEw02OGY3M2FjMi1kMTM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3yg5hDLLNN5uZPbq0TawwItPO4CzO9Xea6szjL7ezVfR/NXnUvw4zyTQ
tT87k4cz3ci2kwavMYi7bdUvEmZgBxlEvrGflFZn3CQnB/XUngxDQckvmb5Y9r9M
Nu7yp2QWpNVq86LMa3IZdB0SlypYA+mWOUnVNHi3umi4nm1WMvmPD5m4li+Y2ha+
nL2vOdsVBBGeB2o518rV/ikoz9vHeX3wtK0ZOnkSPcmwOvYYsxe/HybW7WSIN0Hk
HJuoGtdgDILhXsF6XrPK9E+3VE0p8h0itSIKZrHSmSM6Sw9ozf+GfQ/BFXuNvKIn
SBUsLXwbwX2lGW/Zy/S5eRV5mj9SBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBiM
yFNLhcc9/7NvkG1U7WoAtQoyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RTg2NkNEQUFFNTIxMUYwQTUyMEIyQzJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnO80MA0GCSqGSIb3DQEBCwUA
A4IBAQAETrxSnKgZwp6ZUPeSBAqcJzyQYdIpmvjaHagsztovPqWsWZiAJQbxmMFW
VnCfvVzgzeLLGds7ulnrmNN9e/eanpfLNeNNw3lrEW7FRDAL55DD7pPdf5BxL4Nx
uHcgBTdSaY0kdNTj98yvQIy/PIjQUmZ3lpKsAK1tKPMrS1bys7U4R3TELE741kzG
/MDBC4W7xRDTIgcBDBZLWGXL1KeYob5WOVny2hz8yjK9vml2m0zm8eOQj39OXPEx
uvkpIGzzefGZ3kaoi3EAUfqi21QLFoOkVmH8OYqHp+ubLxJcP44xlSm2WDMSWoin
3ZlCahCYJe1aLX0mWf7bKtVd6T4L
-----END CERTIFICATE-----
Generated at Wed Oct 22 16:56:36 2025 by rpki-client