Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634AB3AE94B411F0B3259881DAE4EC9C.roa
File: 634AB3AE94B411F0B3259881DAE4EC9C.roa (raw, json)
Hash identifier: nFasI6bDtWKpBKpMzrdp8fWga9g4M3m96U86Ja8JmRQ=
Subject key identifier: 76:A1:CE:D3:13:B0:17:ED:47:B2:D4:07:E8:F6:99:39:F5:E9:38:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017C1A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634AB3AE94B411F0B3259881DAE4EC9C.roa
Signing time: Thu 18 Sep 2025 17:24:53 +0000
ROA not before: Thu 18 Sep 2025 17:24:48 +0000
ROA not after: Mon 27 Oct 2025 17:24:48 +0000
asID: 134823
IP address blocks: 156.234.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97306 (0x17c1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 18 17:24:48 2025 GMT
Not After : Oct 27 17:24:48 2025 GMT
Subject: CN=68cc4065-1790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:34:54:25:c5:91:c2:ac:57:20:d9:60:f3:d8:
9c:f9:5a:7c:62:fe:75:50:c1:21:82:3a:5e:f5:2c:
a7:6c:c8:88:8c:e2:c0:49:ce:6f:08:26:41:f0:61:
09:07:fc:27:ab:9f:b2:8a:e1:13:22:d5:cb:96:22:
e3:da:b4:cb:9e:35:a9:d1:3e:01:0a:b6:cd:7a:8a:
82:cc:d5:2e:02:00:76:ad:bb:48:74:da:96:3c:77:
c0:f4:25:e1:f0:c4:7c:5e:5b:bb:7d:a7:ca:ba:ba:
5c:88:2d:ac:4c:a0:e7:53:6e:40:88:c8:e0:47:19:
b2:2e:76:9f:8f:75:35:cb:ec:cb:c7:3b:29:96:15:
4e:16:a8:f4:25:f2:f3:70:6e:f8:45:c2:1c:50:4b:
25:a5:29:8f:b4:47:29:8a:b8:7d:ff:2c:a3:16:a1:
b8:6c:6b:7f:63:fb:44:59:74:d7:e7:dd:dd:c4:86:
c9:64:75:c2:fc:3c:88:04:4b:4c:ab:6d:13:96:0f:
94:ac:9c:28:93:85:e2:df:34:c8:b7:60:09:03:72:
40:eb:8f:2f:40:a2:22:3e:bd:a1:e8:2a:36:34:db:
95:d4:7f:9e:a4:6d:f5:28:31:0f:4c:58:84:c7:aa:
b7:6d:85:99:02:78:3f:4b:13:27:de:b0:8d:cf:ca:
99:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A1:CE:D3:13:B0:17:ED:47:B2:D4:07:E8:F6:99:39:F5:E9:38:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/634AB3AE94B411F0B3259881DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.228.0/22
Signature Algorithm: sha256WithRSAEncryption
09:39:a0:7b:e1:53:e7:99:51:d7:4f:d2:a5:ae:51:b3:38:0f:
14:f0:ae:98:72:2a:b2:ff:77:b1:a3:9e:f5:a5:4e:8e:5c:a6:
17:79:53:d8:6b:de:04:d4:75:0b:be:5e:0d:53:d3:ca:a9:4c:
a7:e9:1c:e1:2b:44:fb:ae:2f:57:fb:b2:fd:3a:30:b3:8c:72:
b5:7b:40:f0:00:9f:56:39:6e:f1:23:c4:d9:89:cc:f8:e5:4d:
22:d9:bf:5a:00:0d:ba:09:78:45:0a:b4:db:22:a5:bf:e0:5a:
17:50:00:00:8d:2f:6c:31:71:79:06:76:76:89:ae:86:83:f8:
0c:1c:67:87:8a:a4:76:0d:33:6f:87:e6:2f:30:25:4c:db:5b:
7d:c9:70:aa:d1:99:bc:eb:78:01:be:37:8c:2b:b2:e3:63:85:
cb:ab:e6:28:eb:4c:41:d9:67:1f:a5:62:a8:c8:47:7c:3f:e8:
d3:a5:22:73:59:01:39:33:da:dd:09:7f:68:5b:54:1d:d4:dc:
64:bb:39:6b:57:e6:37:80:ef:91:af:e5:08:f5:80:aa:73:50:
00:ea:7f:49:6f:a7:7f:7b:41:8b:75:fe:32:17:be:08:3c:48:
08:5d:8f:6d:cc:95:a8:86:e4:47:9e:3f:35:b8:35:9e:ab:03:
59:48:70:78
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXwaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE4MTcyNDQ4WhcNMjUxMDI3MTcyNDQ4WjAYMRYw
FAYDVQQDEw02OGNjNDA2NS0xNzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuTRUJcWRwqxXINlg89ic+Vp8Yv51UMEhgjpe9SynbMiIjOLASc5vCCZB
8GEJB/wnq5+yiuETItXLliLj2rTLnjWp0T4BCrbNeoqCzNUuAgB2rbtIdNqWPHfA
9CXh8MR8Xlu7fafKurpciC2sTKDnU25AiMjgRxmyLnafj3U1y+zLxzsplhVOFqj0
JfLzcG74RcIcUEslpSmPtEcpirh9/yyjFqG4bGt/Y/tEWXTX593dxIbJZHXC/DyI
BEtMq20Tlg+UrJwok4Xi3zTIt2AJA3JA648vQKIiPr2h6Co2NNuV1H+epG31KDEP
TFiEx6q3bYWZAng/SxMn3rCNz8qZFQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHah
ztMTsBftR7LUB+j2mTn16TjEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzRBQjNBRTk0QjQxMUYwQjMyNTk4ODFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOrkMA0GCSqGSIb3DQEBCwUA
A4IBAQAJOaB74VPnmVHXT9KlrlGzOA8U8K6Yciqy/3exo571pU6OXKYXeVPYa94E
1HULvl4NU9PKqUyn6RzhK0T7ri9X+7L9OjCzjHK1e0DwAJ9WOW7xI8TZicz45U0i
2b9aAA26CXhFCrTbIqW/4FoXUAAAjS9sMXF5BnZ2ia6Gg/gMHGeHiqR2DTNvh+Yv
MCVM21t9yXCq0Zm863gBvjeMK7LjY4XLq+Yo60xB2WcfpWKoyEd8P+jTpSJzWQE5
M9rdCX9oW1Qd1NxkuzlrV+Y3gO+Rr+UI9YCqc1AA6n9Jb6d/e0GLdf4yF74IPEgI
XY9tzJWohuRHnj81uDWeqwNZSHB4
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:42 2025 by rpki-client