Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61A661AA996011F0AC80BDBEDAE4EC9C.roa
File: 61A661AA996011F0AC80BDBEDAE4EC9C.roa (raw, json)
Hash identifier: IbRGO99/W6BLljG/ua9lPyAH1ZIHgmAX9utGBSgATFU=
Subject key identifier: 95:AD:FB:0B:E7:27:A6:0D:CF:30:CB:0B:1E:5D:6B:96:75:6E:05:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017CEF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61A661AA996011F0AC80BDBEDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 16:06:09 +0000
ROA not before: Wed 24 Sep 2025 16:06:04 +0000
ROA not after: Wed 29 Oct 2025 16:06:04 +0000
asID: 23470
IP address blocks: 156.252.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 10 Oct 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97519 (0x17cef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 16:06:04 2025 GMT
Not After : Oct 29 16:06:04 2025 GMT
Subject: CN=68d416f0-7714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c1:39:eb:77:3a:85:b3:87:94:16:c1:4a:4f:
21:19:b5:b0:b9:cb:e1:7a:71:2c:48:a6:e4:b0:db:
5c:cd:a9:e6:18:f1:8a:46:46:8f:7b:5a:23:a1:6f:
1f:7c:5f:b6:92:6d:bc:e3:1b:c2:00:90:9a:a4:de:
12:22:53:52:f7:fc:1c:e0:57:94:c8:5c:cf:1e:0a:
c5:0c:af:54:79:66:03:9e:76:a8:35:bc:e1:8f:cf:
fb:af:aa:64:75:5e:85:5f:e2:62:8b:03:fe:78:28:
d8:da:f2:52:db:f7:e6:51:8d:f3:3a:01:dd:27:05:
58:57:d6:fb:fc:9d:84:09:07:c6:00:b2:dc:04:61:
08:e0:39:54:0c:43:e8:e0:76:95:46:3e:50:64:d4:
cd:92:47:4a:c2:a3:80:23:0f:37:df:96:da:ac:93:
83:67:7d:e8:13:53:10:1f:20:11:9a:9b:d1:9c:e0:
09:de:b2:63:5e:8a:55:8b:14:ec:3c:8c:61:1e:10:
fc:31:b2:53:ed:9f:88:3a:20:99:5f:df:2c:35:3c:
27:4c:37:4f:3c:da:4e:61:c6:88:85:58:7f:8e:b7:
dd:dc:6e:a3:24:da:de:54:ef:fe:2f:1f:a1:f2:b4:
db:e9:99:54:ff:58:c4:67:5c:27:3a:4c:60:d6:f8:
7f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AD:FB:0B:E7:27:A6:0D:CF:30:CB:0B:1E:5D:6B:96:75:6E:05:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/61A661AA996011F0AC80BDBEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.0.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:3e:15:f6:a3:87:c7:24:a6:7b:9c:c3:7f:2b:e6:1e:28:fb:
22:ee:c8:3d:26:3b:3c:cb:b3:4b:b3:2b:a4:9c:0b:8e:39:9f:
fc:36:4c:eb:b1:44:86:6e:f7:ac:2a:5c:99:23:60:b7:c2:f8:
30:9e:f9:79:e6:9e:a2:e1:50:6d:9d:2f:63:3b:e5:fd:79:54:
2a:6b:49:6e:2e:99:c0:d0:c5:42:bd:e4:14:bd:26:52:64:01:
e1:75:2b:49:79:bf:63:22:22:c6:61:a3:0d:54:20:1e:34:d6:
16:21:c8:65:d6:da:99:48:d8:53:65:c9:42:53:5b:36:b6:ef:
9d:38:03:9a:b7:c4:3f:59:c3:82:20:46:3b:6c:e5:a1:30:95:
c3:6a:d9:a0:22:b0:e3:81:4d:0d:3f:06:99:36:a4:ce:54:c2:
98:72:a0:c7:35:d9:a6:8d:8b:70:68:00:28:cf:8d:6d:0e:7a:
7e:80:38:78:49:e4:ac:16:11:71:05:8f:86:8e:3f:6d:11:26:
96:99:96:a8:1e:68:a2:d1:0e:4d:ba:06:8c:40:9a:a2:73:c8:
e7:c4:f4:5c:1c:7c:2e:7e:5f:b6:05:d6:c3:d3:9b:fe:68:6b:
55:c0:e4:d1:c2:a6:8e:d8:79:92:64:b3:a4:ea:50:33:47:c2:
21:84:0a:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXzvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MTYwNjA0WhcNMjUxMDI5MTYwNjA0WjAYMRYw
FAYDVQQDEw02OGQ0MTZmMC03NzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAocE563c6hbOHlBbBSk8hGbWwucvhenEsSKbksNtczanmGPGKRkaPe1oj
oW8ffF+2km284xvCAJCapN4SIlNS9/wc4FeUyFzPHgrFDK9UeWYDnnaoNbzhj8/7
r6pkdV6FX+JiiwP+eCjY2vJS2/fmUY3zOgHdJwVYV9b7/J2ECQfGALLcBGEI4DlU
DEPo4HaVRj5QZNTNkkdKwqOAIw8335barJODZ33oE1MQHyARmpvRnOAJ3rJjXopV
ixTsPIxhHhD8MbJT7Z+IOiCZX98sNTwnTDdPPNpOYcaIhVh/jrfd3G6jJNreVO/+
Lx+h8rTb6ZlU/1jEZ1wnOkxg1vh/6wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJWt
+wvnJ6YNzzDLCx5da5Z1bgWgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MUE2NjFBQTk5NjAxMUYwQUM4MEJEQkVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwAMA0GCSqGSIb3DQEBCwUA
A4IBAQBuPhX2o4fHJKZ7nMN/K+YeKPsi7sg9Jjs8y7NLsyuknAuOOZ/8NkzrsUSG
bvesKlyZI2C3wvgwnvl55p6i4VBtnS9jO+X9eVQqa0luLpnA0MVCveQUvSZSZAHh
dStJeb9jIiLGYaMNVCAeNNYWIchl1tqZSNhTZclCU1s2tu+dOAOat8Q/WcOCIEY7
bOWhMJXDatmgIrDjgU0NPwaZNqTOVMKYcqDHNdmmjYtwaAAoz41tDnp+gDh4SeSs
FhFxBY+Gjj9tESaWmZaoHmii0Q5NugaMQJqic8jnxPRcHHwufl+2BdbD05v+aGtV
wOTRwqaO2HmSZLOk6lAzR8IhhApY
-----END CERTIFICATE-----
Generated at Wed Oct 8 22:55:43 2025 by rpki-client