Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97291C26997B11F0ACC609ECDAE4EC9C.roa
File: 97291C26997B11F0ACC609ECDAE4EC9C.roa (raw, json)
Hash identifier: P8rSpbaEVKiKtEGgqhE/3MGObGDci15jTROSxCvcLJc=
Subject key identifier: FA:10:5B:CB:D5:40:92:BE:B8:1C:AE:2A:B1:52:EB:BD:87:86:E9:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D0D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97291C26997B11F0ACC609ECDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 19:20:55 +0000
ROA not before: Wed 24 Sep 2025 19:20:50 +0000
ROA not after: Sun 21 Dec 2025 19:20:50 +0000
asID: 135377
IP address blocks: 156.229.126.0/24 maxlen: 24
156.229.127.0/24 maxlen: 24
156.229.224.0/24 maxlen: 24
156.229.225.0/24 maxlen: 24
156.229.226.0/24 maxlen: 24
156.229.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97549 (0x17d0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 19:20:50 2025 GMT
Not After : Dec 21 19:20:50 2025 GMT
Subject: CN=68d44497-0fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c8:67:e7:71:d2:b2:78:2a:88:20:ea:0a:f1:
0a:fc:3f:a4:3a:ad:48:cb:0c:12:c5:26:8a:02:b1:
a5:74:bf:e2:5c:91:ef:94:47:27:59:c7:7c:e6:15:
04:63:9e:e0:78:ba:30:1c:3a:83:90:e9:5f:fa:97:
1d:53:3c:b6:41:80:0b:30:95:ac:06:1b:ab:1b:78:
7d:59:83:1f:88:cb:91:8d:1a:94:cd:60:f9:1b:d1:
e1:d8:f5:c3:e5:0e:64:30:ca:5f:42:f6:c9:c6:2c:
b6:e4:94:7c:f7:92:a2:08:84:b2:41:a8:ab:e9:cc:
ce:f7:f4:93:68:82:97:47:20:72:72:d8:33:d5:2b:
7b:84:9a:c0:91:66:dc:1a:b8:77:c0:48:02:7a:77:
c9:b5:b2:c3:70:6d:c3:79:7c:d9:09:54:10:16:9e:
3e:6b:94:31:a6:6d:24:b5:8e:89:c0:0d:46:99:0d:
7b:8b:3e:5f:a5:b8:00:29:b2:79:b6:3d:4e:99:7e:
7c:74:63:3a:57:74:02:73:ee:4f:66:66:a5:ab:41:
35:d5:88:18:53:87:89:d5:1e:b2:98:7d:69:10:38:
6a:c7:3a:84:5f:db:3a:e9:b6:de:9e:ce:8d:9a:c8:
48:64:70:fe:26:ed:3e:0b:ba:e5:0d:45:18:b5:32:
69:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:10:5B:CB:D5:40:92:BE:B8:1C:AE:2A:B1:52:EB:BD:87:86:E9:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/97291C26997B11F0ACC609ECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.126.0/23
156.229.224.0/22
Signature Algorithm: sha256WithRSAEncryption
15:0c:07:aa:49:5c:e3:9d:52:f7:c0:ff:6a:a3:fd:28:05:a8:
36:7d:94:2d:c7:13:3b:60:ed:af:58:f6:c0:4d:f6:1d:b0:f4:
bd:82:2c:39:dc:5a:38:52:15:6b:42:13:14:a9:6b:16:d0:15:
4d:32:ad:98:62:1d:72:fa:93:eb:06:a4:c8:fa:82:19:19:a7:
b4:ed:33:49:8e:62:20:95:7e:57:2e:34:23:cb:d6:d0:75:72:
9f:5f:fc:d9:55:76:5c:4e:6c:0d:39:43:55:7c:15:e1:7a:ae:
33:a2:d0:ec:e0:39:f1:2b:d0:0c:89:55:d9:4e:aa:c4:89:82:
ee:3e:04:d8:d1:0d:63:2e:6f:ae:11:8c:e6:f4:fc:e8:8c:0b:
49:aa:71:69:93:6c:75:bd:30:7f:bb:12:b9:88:a9:7c:53:e0:
21:d0:8c:52:2e:74:9d:e9:c6:02:9a:0c:a3:bc:c7:9d:cf:96:
6c:67:f1:07:b1:c1:c2:b2:16:6d:33:66:07:75:28:ce:9b:76:
15:3c:52:6c:20:b9:eb:81:5a:a8:95:76:92:25:85:16:44:6b:
c6:97:00:44:1a:fd:de:b2:80:b6:49:6b:ce:13:9d:06:ff:e8:
89:0b:7b:67:8e:20:d5:2b:e8:f2:d7:f7:0f:85:26:61:5c:c9:
9f:82:cc:fa
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAX0NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MTkyMDUwWhcNMjUxMjIxMTkyMDUwWjAYMRYw
FAYDVQQDEw02OGQ0NDQ5Ny0wZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtMhn53HSsngqiCDqCvEK/D+kOq1IywwSxSaKArGldL/iXJHvlEcnWcd8
5hUEY57geLowHDqDkOlf+pcdUzy2QYALMJWsBhurG3h9WYMfiMuRjRqUzWD5G9Hh
2PXD5Q5kMMpfQvbJxiy25JR895KiCISyQair6czO9/STaIKXRyByctgz1St7hJrA
kWbcGrh3wEgCenfJtbLDcG3DeXzZCVQQFp4+a5Qxpm0ktY6JwA1GmQ17iz5fpbgA
KbJ5tj1OmX58dGM6V3QCc+5PZmalq0E11YgYU4eJ1R6ymH1pEDhqxzqEX9s66bbe
ns6NmshIZHD+Ju0+C7rlDUUYtTJpfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPoQ
W8vVQJK+uByuKrFS672HhulRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85NzI5MUMyNjk5N0IxMUYwQUNDNjA5RUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOV+AwQCnOXgMA0GCSqGSIb3
DQEBCwUAA4IBAQAVDAeqSVzjnVL3wP9qo/0oBag2fZQtxxM7YO2vWPbATfYdsPS9
giw53Fo4UhVrQhMUqWsW0BVNMq2YYh1y+pPrBqTI+oIZGae07TNJjmIglX5XLjQj
y9bQdXKfX/zZVXZcTmwNOUNVfBXheq4zotDs4DnxK9AMiVXZTqrEiYLuPgTY0Q1j
Lm+uEYzm9PzojAtJqnFpk2x1vTB/uxK5iKl8U+Ah0IxSLnSd6cYCmgyjvMedz5Zs
Z/EHscHCshZtM2YHdSjOm3YVPFJsILnrgVqolXaSJYUWRGvGlwBEGv3esoC2SWvO
E50G/+iJC3tnjiDVK+jy1/cPhSZhXMmfgsz6
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:00 2025 by rpki-client