Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB0FD308A76111F08923648FDAE4EC9C.roa
File: AB0FD308A76111F08923648FDAE4EC9C.roa (raw, json)
Hash identifier: x0cBmKSz0EdSbUs75ABB1h3vPXQzDDAqYKLYtCuSgHE=
Subject key identifier: 84:3D:D3:BF:A2:08:A2:08:B4:A0:8D:25:9D:33:8A:08:AC:E7:1B:2A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018018
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB0FD308A76111F08923648FDAE4EC9C.roa
Signing time: Sun 12 Oct 2025 11:50:37 +0000
ROA not before: Sun 12 Oct 2025 11:50:33 +0000
ROA not after: Tue 11 Aug 2026 11:50:33 +0000
asID: 138415
IP address blocks: 156.246.64.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98328 (0x18018)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 12 11:50:33 2025 GMT
Not After : Aug 11 11:50:33 2026 GMT
Subject: CN=68eb960d-ed32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:c3:92:e7:d9:32:3e:df:72:cd:9b:ea:fb:
d3:77:97:c5:42:c6:26:d7:d4:7f:a8:5f:55:dc:7c:
4f:51:84:09:5c:77:46:90:1d:5d:41:6b:3e:07:8d:
2f:b6:19:9b:aa:f8:0f:ff:0e:88:1b:ef:79:c5:66:
56:9d:0e:7b:ba:a4:aa:97:2e:5b:da:03:93:04:dc:
d9:92:08:74:c4:c2:a3:b0:82:3a:9f:8f:6a:00:99:
bc:c2:85:6a:94:54:91:db:a5:b7:0a:e4:75:b5:a1:
77:41:68:77:38:43:85:58:86:bb:a2:8a:32:3f:6b:
17:de:c6:cf:0f:81:1a:3f:34:60:be:41:3b:33:17:
6a:b5:c3:38:fc:d5:e2:1a:fc:bc:07:eb:82:6a:61:
b0:f4:f4:77:6f:e5:a1:12:46:97:4a:8a:cf:ac:ef:
59:bf:74:01:ce:05:77:87:e6:69:fa:9f:81:f8:84:
73:b6:44:ea:e0:de:5f:a0:6e:0e:ac:47:39:1d:07:
1a:ef:8f:8a:fe:ab:10:3f:e4:97:2a:d7:eb:7b:b2:
b6:37:da:1d:06:fc:a6:87:3e:71:22:b3:6f:a7:88:
ba:4f:33:77:22:df:e3:49:90:a6:32:ed:4a:e7:35:
b4:b3:92:85:85:ec:4c:92:17:0b:25:76:8a:c6:81:
65:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3D:D3:BF:A2:08:A2:08:B4:A0:8D:25:9D:33:8A:08:AC:E7:1B:2A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB0FD308A76111F08923648FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.64.0/21
Signature Algorithm: sha256WithRSAEncryption
41:8d:f3:9a:d9:5a:b0:55:d0:fd:67:25:00:25:53:ed:f0:c9:
a6:3d:0b:09:3e:dc:e1:2d:5b:cf:cb:8a:ee:e0:7a:3d:92:4f:
0f:f6:d0:5e:a1:fc:ff:91:8b:5a:fc:83:44:c8:eb:d0:e6:5b:
d2:ac:ae:8e:da:de:b0:8e:2e:10:ba:70:39:67:4c:b1:ec:fe:
24:4b:80:f8:e8:33:95:d2:24:71:91:f4:ca:7c:2f:30:af:22:
c0:d9:be:e0:78:9a:18:67:a2:6e:66:51:e6:c5:58:f1:7e:48:
e4:61:9c:3c:7b:35:77:0d:98:e5:6e:19:95:1f:e6:0e:c1:48:
cd:ba:1e:08:9b:6f:9d:48:03:8e:b8:db:35:67:7a:5d:e2:66:
ad:4c:6f:3d:fe:19:40:79:49:ee:e8:b1:45:6f:ea:42:20:6a:
8e:36:7c:a2:cd:fe:8f:49:40:17:26:10:47:ab:80:89:c9:84:
d1:bf:6b:4c:21:ee:af:fc:28:e1:9e:e6:83:72:c0:81:ac:21:
62:4c:c3:d1:1c:46:2a:43:9d:be:f5:61:c5:64:49:f1:aa:65:
e3:05:20:d9:ea:a1:bd:6e:9f:b9:33:75:d1:6c:b2:94:a4:05:
ed:ea:90:d5:bb:11:1c:c4:ea:a4:68:08:74:6d:5d:a1:15:d9:
31:eb:df:4a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYAYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDEyMTE1MDMzWhcNMjYwODExMTE1MDMzWjAYMRYw
FAYDVQQDEw02OGViOTYwZC1lZDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAupLDkufZMj7fcs2b6vvTd5fFQsYm19R/qF9V3HxPUYQJXHdGkB1dQWs+
B40vthmbqvgP/w6IG+95xWZWnQ57uqSqly5b2gOTBNzZkgh0xMKjsII6n49qAJm8
woVqlFSR26W3CuR1taF3QWh3OEOFWIa7oooyP2sX3sbPD4EaPzRgvkE7MxdqtcM4
/NXiGvy8B+uCamGw9PR3b+WhEkaXSorPrO9Zv3QBzgV3h+Zp+p+B+IRztkTq4N5f
oG4OrEc5HQca74+K/qsQP+SXKtfre7K2N9odBvymhz5xIrNvp4i6TzN3It/jSZCm
Mu1K5zW0s5KFhexMkhcLJXaKxoFlqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIQ9
07+iCKIItKCNJZ0zigis5xsqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjBGRDMwOEE3NjExMUYwODkyMzY0OEZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnPZAMA0GCSqGSIb3DQEBCwUA
A4IBAQBBjfOa2VqwVdD9ZyUAJVPt8MmmPQsJPtzhLVvPy4ru4Ho9kk8P9tBeofz/
kYta/INEyOvQ5lvSrK6O2t6wji4QunA5Z0yx7P4kS4D46DOV0iRxkfTKfC8wryLA
2b7geJoYZ6JuZlHmxVjxfkjkYZw8ezV3DZjlbhmVH+YOwUjNuh4Im2+dSAOOuNs1
Z3pd4matTG89/hlAeUnu6LFFb+pCIGqONnyizf6PSUAXJhBHq4CJyYTRv2tMIe6v
/CjhnuaDcsCBrCFiTMPRHEYqQ52+9WHFZEnxqmXjBSDZ6qG9bp+5M3XRbLKUpAXt
6pDVuxEcxOqkaAh0bV2hFdkx699K
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:08 2025 by rpki-client