Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829662408B4411F083DDA4ADDAE4EC9C.roa
File: 829662408B4411F083DDA4ADDAE4EC9C.roa (raw, json)
Hash identifier: 474ggeyv09JbYQPKAwdsk1MTHxLi0I8UpIhdHQ3Ju5s=
Subject key identifier: 1B:FE:6D:13:4A:A5:B0:BE:FE:45:66:F0:5D:8D:F1:A7:F8:8F:8A:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017951
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829662408B4411F083DDA4ADDAE4EC9C.roa
Signing time: Sat 06 Sep 2025 17:11:22 +0000
ROA not before: Sat 06 Sep 2025 17:11:17 +0000
ROA not after: Fri 05 Dec 2025 17:11:17 +0000
asID: 138152
IP address blocks: 156.232.6.0/23 maxlen: 24
156.232.9.0/24 maxlen: 24
156.232.10.0/24 maxlen: 24
156.232.11.0/24 maxlen: 24
156.232.13.0/24 maxlen: 24
156.236.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96593 (0x17951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 6 17:11:17 2025 GMT
Not After : Dec 5 17:11:17 2025 GMT
Subject: CN=68bc6b3a-2bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:08:bf:16:d6:8c:d3:22:e4:b8:97:3a:0f:d7:
c3:47:72:93:63:ac:c2:e4:8c:e7:eb:c2:33:49:38:
68:fa:ea:ac:44:aa:8c:b0:56:56:d5:8a:cc:a1:ed:
e8:f7:b0:2f:b0:3e:b8:a5:c0:bc:dc:25:38:5b:df:
6a:70:7d:61:bf:e5:75:79:76:44:c4:cf:39:f0:e8:
c6:b9:51:f4:d7:d0:c7:e0:85:ef:18:c6:00:bc:a6:
4b:d3:18:2d:6f:30:29:b2:27:bc:fe:0e:01:ee:21:
b4:ca:24:c4:96:43:69:9f:df:10:1a:e2:97:cc:02:
b5:b5:06:7c:0c:30:0f:93:18:d7:0f:29:49:a5:da:
2c:48:56:6a:3f:4f:2a:7b:6e:4d:86:5e:76:65:bd:
21:9c:53:54:15:8a:1a:3d:2a:46:c0:96:93:56:6b:
81:fd:da:00:af:ec:b2:92:0e:05:fb:30:49:96:cc:
d5:3d:ca:e5:ae:1d:d7:7a:7e:86:dd:e1:7f:58:5a:
be:ad:99:6a:bd:5d:c8:f4:ed:81:64:9e:cb:a7:33:
87:7e:c2:ea:b4:d4:b9:b7:7e:08:16:11:c5:ec:75:
f8:25:dc:7a:04:50:ce:39:08:59:9a:97:fc:14:a1:
48:d7:0d:97:a6:9f:94:5e:47:6b:c6:21:35:ef:17:
3e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FE:6D:13:4A:A5:B0:BE:FE:45:66:F0:5D:8D:F1:A7:F8:8F:8A:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/829662408B4411F083DDA4ADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.6.0/23
156.232.9.0-156.232.11.255
156.232.13.0/24
156.236.72.0/22
Signature Algorithm: sha256WithRSAEncryption
74:47:1c:a4:62:55:e0:e7:b6:b7:ee:44:66:69:30:c2:7d:14:
fd:e2:05:34:00:01:6f:ed:10:37:18:6c:c6:5d:e3:44:0e:d7:
d1:24:77:a8:e1:72:fc:93:ce:60:91:95:d7:a4:56:04:a5:a0:
7f:c5:c4:6b:da:23:fd:5f:1d:ab:8c:64:0a:00:90:a0:ec:0e:
db:4d:c1:94:24:a5:78:97:ac:72:30:df:c7:6b:19:15:d3:26:
3a:7f:dc:6a:a0:08:70:61:08:70:2d:c6:3c:12:3f:30:e4:6d:
62:0d:44:c2:18:5b:ad:bf:33:f5:65:fa:56:bd:f3:37:d0:97:
4a:e6:11:cd:5d:63:78:b0:19:e7:17:62:99:f5:3f:53:1c:b3:
34:43:5f:69:18:a8:67:c6:d5:10:12:88:49:58:5a:98:2b:e1:
49:85:aa:f5:fd:6f:af:c3:9b:71:2b:67:ac:6d:90:10:22:8a:
65:cd:dc:3c:29:d7:9a:83:a9:1d:a0:68:37:8a:6d:f8:fa:62:
ba:04:03:34:cf:05:b7:6a:60:ca:70:01:c7:5f:1c:a0:54:14:
9d:61:89:64:a2:13:12:35:7f:02:18:6e:df:de:70:00:ba:cd:
d4:5f:11:15:8a:9c:0a:47:11:e2:95:2f:20:a5:c0:68:73:4a:
c8:78:9a:3f
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAXlRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA2MTcxMTE3WhcNMjUxMjA1MTcxMTE3WjAYMRYw
FAYDVQQDEw02OGJjNmIzYS0yYmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlQi/FtaM0yLkuJc6D9fDR3KTY6zC5Izn68IzSTho+uqsRKqMsFZW1YrM
oe3o97AvsD64pcC83CU4W99qcH1hv+V1eXZExM858OjGuVH019DH4IXvGMYAvKZL
0xgtbzApsie8/g4B7iG0yiTElkNpn98QGuKXzAK1tQZ8DDAPkxjXDylJpdosSFZq
P08qe25Nhl52Zb0hnFNUFYoaPSpGwJaTVmuB/doAr+yykg4F+zBJlszVPcrlrh3X
en6G3eF/WFq+rZlqvV3I9O2BZJ7LpzOHfsLqtNS5t34IFhHF7HX4Jdx6BFDOOQhZ
mpf8FKFI1w2Xpp+UXkdrxiE17xc+GQIDAQABo4ICvDCCArgwHQYDVR0OBBYEFBv+
bRNKpbC+/kVm8F2N8af4j4oQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84Mjk2NjI0MDhCNDQxMUYwODNEREE0QUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBnOgGMAwDBACc6AkDBAKc6AgD
BACc6A0DBAKc7EgwDQYJKoZIhvcNAQELBQADggEBAHRHHKRiVeDntrfuRGZpMMJ9
FP3iBTQAAW/tEDcYbMZd40QO19Ekd6jhcvyTzmCRldekVgSloH/FxGvaI/1fHauM
ZAoAkKDsDttNwZQkpXiXrHIw38drGRXTJjp/3GqgCHBhCHAtxjwSPzDkbWINRMIY
W62/M/Vl+la98zfQl0rmEc1dY3iwGecXYpn1P1McszRDX2kYqGfG1RASiElYWpgr
4UmFqvX9b6/Dm3ErZ6xtkBAiimXN3Dwp15qDqR2gaDeKbfj6YroEAzTPBbdqYMpw
AcdfHKBUFJ1hiWSiExI1fwIYbt/ecAC6zdRfERWKnApHEeKVLyClwGhzSsh4mj8=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:48 2025 by rpki-client