Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/89274126998911F0888323C3DAE4EC9C.roa
File: 89274126998911F0888323C3DAE4EC9C.roa (raw, json)
Hash identifier: yIRAQTNi9B5A61m06h06hfCwrh2ZDDVUkvcXPU0LHAM=
Subject key identifier: 0E:D9:3D:84:29:E6:8D:C1:5B:33:48:56:BB:0B:1F:B9:46:7A:3F:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D27
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/89274126998911F0888323C3DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 21:00:44 +0000
ROA not before: Wed 24 Sep 2025 21:00:39 +0000
ROA not after: Tue 04 Nov 2025 21:00:39 +0000
asID: 401696
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97575 (0x17d27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 21:00:39 2025 GMT
Not After : Nov 4 21:00:39 2025 GMT
Subject: CN=68d45bfc-dbe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:32:44:f5:09:5c:c0:0d:39:65:b2:75:be:56:
e4:cf:88:6b:9b:68:b6:eb:a6:30:32:bd:d6:0c:fd:
24:4a:b3:77:0a:14:97:8b:35:44:4d:b1:17:13:c6:
2d:79:1b:12:60:d1:03:ab:e2:1a:76:7a:b8:1b:f7:
ec:4e:2f:95:08:9b:00:1b:9b:6d:ae:88:81:c8:3a:
2c:c4:d8:f8:bb:90:bf:6e:33:a2:58:15:e7:4d:46:
c0:2a:4e:b3:0b:ff:3e:75:2c:e2:75:f5:7a:a4:b9:
67:3f:7c:67:71:80:bd:1f:fd:0c:12:9f:1f:63:dc:
fc:2d:ca:75:c2:62:88:f6:d6:d3:54:ed:cd:8b:da:
64:dd:79:b3:db:c0:87:d4:73:ee:01:e1:a6:42:30:
77:ff:4f:72:1b:46:5b:52:dd:27:06:c3:e3:e2:17:
46:0d:57:70:49:3a:7a:43:b5:7c:a7:b3:cc:a2:d0:
34:6a:50:14:a6:5e:e6:36:21:ae:89:44:0d:19:2e:
23:9d:6a:a2:e1:8c:30:e4:8f:7b:70:26:9a:36:7b:
ad:fd:15:d5:0b:3f:70:e6:1c:d2:1a:8f:28:35:4b:
3f:29:f3:22:04:09:c7:af:cf:7c:06:30:30:1f:de:
d1:9f:85:f7:5a:4a:da:e4:50:c2:9a:92:23:65:df:
88:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D9:3D:84:29:E6:8D:C1:5B:33:48:56:BB:0B:1F:B9:46:7A:3F:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/89274126998911F0888323C3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
51:90:25:91:26:4b:5b:07:97:4e:ae:ad:92:b6:e4:dc:b5:cc:
25:6f:77:1a:db:9a:2d:43:74:1d:2c:d5:0a:3e:bf:98:38:99:
76:0e:f4:32:78:7a:e5:1b:12:db:6c:18:82:85:8d:4f:01:10:
6e:b8:6b:9e:8f:09:8d:ee:3b:13:76:53:2b:37:93:57:e3:be:
e0:71:8e:51:be:5c:16:12:9f:65:9b:bb:1a:48:ff:0f:8d:e6:
5a:25:1a:19:e6:b9:3a:ea:3f:b5:93:9a:4b:b2:d2:b1:a0:e9:
c6:13:cc:e6:2c:e8:35:bc:06:21:ca:74:3a:79:bd:27:40:d6:
44:9d:55:6a:79:d2:24:92:b4:c7:e8:07:95:5c:38:06:11:7d:
37:55:d3:44:db:3f:78:5d:da:42:22:fb:1e:a9:21:2e:1f:fb:
2e:61:ee:34:3d:c1:8c:af:f7:17:33:05:0b:0f:e6:16:e8:60:
f1:80:11:56:f5:49:df:e0:c5:93:34:74:10:e4:86:14:44:ee:
9c:07:eb:f7:9e:76:ed:7a:4f:d5:da:e8:e4:b0:50:77:3b:e2:
56:f5:72:ff:29:61:c6:96:8f:43:a0:98:e8:01:0f:52:69:cc:
14:2b:fd:ed:69:64:fb:5b:d8:d6:3e:84:76:77:17:40:ea:5e:
56:46:b5:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX0nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MjEwMDM5WhcNMjUxMTA0MjEwMDM5WjAYMRYw
FAYDVQQDEw02OGQ0NWJmYy1kYmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2DJE9QlcwA05ZbJ1vlbkz4hrm2i266YwMr3WDP0kSrN3ChSXizVETbEX
E8YteRsSYNEDq+Iadnq4G/fsTi+VCJsAG5ttroiByDosxNj4u5C/bjOiWBXnTUbA
Kk6zC/8+dSzidfV6pLlnP3xncYC9H/0MEp8fY9z8Lcp1wmKI9tbTVO3Ni9pk3Xmz
28CH1HPuAeGmQjB3/09yG0ZbUt0nBsPj4hdGDVdwSTp6Q7V8p7PMotA0alAUpl7m
NiGuiUQNGS4jnWqi4Yww5I97cCaaNnut/RXVCz9w5hzSGo8oNUs/KfMiBAnHr898
BjAwH97Rn4X3Wkra5FDCmpIjZd+IlwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA7Z
PYQp5o3BWzNIVrsLH7lGej8cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84OTI3NDEyNjk5ODkxMUYwODg4MzIzQzNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQBRkCWRJktbB5dOrq2StuTctcwlb3ca25otQ3QdLNUKPr+YOJl2DvQyeHrl
GxLbbBiChY1PARBuuGuejwmN7jsTdlMrN5NX477gcY5RvlwWEp9lm7saSP8PjeZa
JRoZ5rk66j+1k5pLstKxoOnGE8zmLOg1vAYhynQ6eb0nQNZEnVVqedIkkrTH6AeV
XDgGEX03VdNE2z94XdpCIvseqSEuH/suYe40PcGMr/cXMwULD+YW6GDxgBFW9Unf
4MWTNHQQ5IYURO6cB+v3nnbtek/V2ujksFB3O+JW9XL/KWHGlo9DoJjoAQ9SacwU
K/3taWT7W9jWPoR2dxdA6l5WRrWQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:52 2025 by rpki-client