Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5155ED6C9D5B11F08232C084DAE4EC9C.roa
File: 5155ED6C9D5B11F08232C084DAE4EC9C.roa (raw, json)
Hash identifier: 5ME0tSzMGg2FXJaWJZYfpU5s6I4VVF+8bTHXzlH04L4=
Subject key identifier: A9:DF:83:97:B5:66:8F:74:E4:42:60:44:7A:6B:45:F4:83:17:10:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017DD3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5155ED6C9D5B11F08232C084DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 17:39:58 +0000
ROA not before: Mon 29 Sep 2025 17:39:52 +0000
ROA not after: Fri 31 Oct 2025 17:39:52 +0000
asID: 202656
IP address blocks: 156.236.105.0/24 maxlen: 24
156.236.106.0/24 maxlen: 24
156.236.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97747 (0x17dd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 17:39:52 2025 GMT
Not After : Oct 31 17:39:52 2025 GMT
Subject: CN=68dac46e-26ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:08:0a:a3:87:f7:1b:82:d6:94:ae:2e:9a:30:
a3:45:ca:ca:26:14:af:dd:a5:ea:ce:97:37:9c:06:
76:76:64:b4:a3:26:0c:68:9d:50:b2:62:28:e3:77:
74:62:98:33:f4:ad:52:cd:49:e3:23:bb:01:11:1f:
f4:de:3f:2f:88:ff:c2:da:5f:75:4e:ac:e8:d1:d6:
84:bc:ac:44:3e:98:2a:fb:c1:f1:97:a4:71:ff:aa:
97:b4:0f:26:b7:10:9e:d7:0c:3c:1c:05:7e:66:f2:
96:bd:97:2b:a9:68:ed:99:8c:45:f7:b1:b7:ef:e3:
ef:1b:ae:d2:b8:f8:0b:8d:c4:fc:31:0e:1b:9e:e6:
0a:e1:1c:77:b4:1e:37:35:41:2c:65:c6:29:52:d5:
95:fd:72:10:33:3f:0f:fb:e9:3a:70:02:c9:34:ae:
d4:8c:25:68:2a:7b:bb:64:ca:b6:16:ce:8a:37:8b:
7d:ba:56:3c:05:11:d4:ca:86:94:7c:33:fd:c1:20:
d1:16:01:cb:4b:b6:2b:40:93:8d:f5:dd:d1:90:93:
1f:51:d9:0d:fc:27:7c:f5:31:11:f6:83:7c:26:2c:
e3:00:3e:e7:c0:5a:f2:2b:5a:f7:46:b4:fe:67:30:
b9:8c:b1:80:70:66:6e:23:62:44:9e:50:54:0d:b8:
f9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DF:83:97:B5:66:8F:74:E4:42:60:44:7A:6B:45:F4:83:17:10:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5155ED6C9D5B11F08232C084DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.105.0-156.236.107.255
Signature Algorithm: sha256WithRSAEncryption
13:7a:b3:97:4e:9f:42:5a:d3:60:f8:26:b7:d6:10:c5:d7:73:
02:c3:76:6a:6c:41:b9:3e:e0:b3:4e:03:be:fe:ed:c8:07:8e:
26:16:cb:4a:52:89:00:86:62:21:50:0f:a1:0b:96:ba:10:a1:
f2:07:7b:10:d8:1e:26:e5:05:86:e7:05:d2:72:28:65:a6:24:
8c:80:bc:e3:71:0a:f6:09:92:d2:c9:bd:af:71:ed:44:cb:fc:
87:84:0d:26:e6:59:19:ab:10:24:a3:04:88:c3:43:78:f7:05:
4b:07:08:e5:9f:eb:54:fe:60:63:57:2d:23:59:a2:94:bc:e8:
f2:a7:99:12:b7:e3:2b:af:e5:a4:18:d9:cc:74:7a:18:e0:4a:
33:a1:4d:95:32:f8:7b:eb:8f:17:6e:85:21:66:0e:a0:e5:95:
60:4a:e9:2f:6b:77:a1:4f:df:98:c9:14:7f:db:bb:42:fc:d3:
d2:6b:5f:de:95:1d:09:51:91:4c:5c:f0:ee:ae:19:65:d0:cd:
ca:77:63:ae:23:a5:ac:d6:cb:cb:b9:4e:06:73:dc:08:c2:f9:
64:eb:9c:35:0e:f6:ea:a7:1d:b3:a6:2a:d5:31:8d:cb:43:5d:
1c:16:31:09:c0:da:d8:b4:cc:4e:db:43:07:ac:34:59:41:f3:
c5:e2:cd:53
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAX3TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI5MTczOTUyWhcNMjUxMDMxMTczOTUyWjAYMRYw
FAYDVQQDEw02OGRhYzQ2ZS0yNmVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsQgKo4f3G4LWlK4umjCjRcrKJhSv3aXqzpc3nAZ2dmS0oyYMaJ1QsmIo
43d0Ypgz9K1SzUnjI7sBER/03j8viP/C2l91Tqzo0daEvKxEPpgq+8Hxl6Rx/6qX
tA8mtxCe1ww8HAV+ZvKWvZcrqWjtmYxF97G37+PvG67SuPgLjcT8MQ4bnuYK4Rx3
tB43NUEsZcYpUtWV/XIQMz8P++k6cALJNK7UjCVoKnu7ZMq2Fs6KN4t9ulY8BRHU
yoaUfDP9wSDRFgHLS7YrQJON9d3RkJMfUdkN/Cd89TER9oN8JizjAD7nwFryK1r3
RrT+ZzC5jLGAcGZuI2JEnlBUDbj5ywIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKnf
g5e1Zo905EJgRHprRfSDFxDRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81MTU1RUQ2QzlENUIxMUYwODIzMkMwODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc7GkDBAKc7GgwDQYJKoZI
hvcNAQELBQADggEBABN6s5dOn0Ja02D4JrfWEMXXcwLDdmpsQbk+4LNOA77+7cgH
jiYWy0pSiQCGYiFQD6ELlroQofIHexDYHiblBYbnBdJyKGWmJIyAvONxCvYJktLJ
va9x7UTL/IeEDSbmWRmrECSjBIjDQ3j3BUsHCOWf61T+YGNXLSNZopS86PKnmRK3
4yuv5aQY2cx0ehjgSjOhTZUy+HvrjxduhSFmDqDllWBK6S9rd6FP35jJFH/bu0L8
09JrX96VHQlRkUxc8O6uGWXQzcp3Y64jpazWy8u5TgZz3AjC+WTrnDUO9uqnHbOm
KtUxjctDXRwWMQnA2ti0zE7bQwesNFlB88XizVM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:06 2025 by rpki-client