Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3D32F2293A111F0B2A6DE99DAE4EC9C.roa
File: B3D32F2293A111F0B2A6DE99DAE4EC9C.roa (raw, json)
Hash identifier: gd509bvwXLbZz1yISKJ7oBnB5kep8o0dp/AliTCAiAo=
Subject key identifier: FB:DE:E5:2C:63:81:45:27:DB:C0:08:73:17:63:2C:E4:40:AE:69:3F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017BA8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3D32F2293A111F0B2A6DE99DAE4EC9C.roa
Signing time: Wed 17 Sep 2025 08:38:37 +0000
ROA not before: Wed 17 Sep 2025 08:38:31 +0000
ROA not after: Mon 03 Nov 2025 08:38:31 +0000
asID: 18013
IP address blocks: 156.234.0.0/24 maxlen: 24
156.234.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97192 (0x17ba8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 08:38:31 2025 GMT
Not After : Nov 3 08:38:31 2025 GMT
Subject: CN=68ca738d-2e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7b:6a:ed:56:28:17:97:64:8a:47:13:cf:a9:
13:99:e1:9b:c9:89:02:33:37:16:92:d1:91:2b:1c:
86:50:b5:a9:73:c7:cd:89:2a:e3:bf:3d:4b:e6:a5:
c9:ae:cc:af:08:62:aa:3e:5a:dd:d5:1e:23:7f:61:
c0:09:5c:3d:c8:69:47:24:db:7b:ce:18:8a:c1:16:
e9:41:e9:fc:cf:ed:83:6e:d2:91:9a:3e:59:98:29:
8d:d3:96:c8:78:27:42:ac:6a:10:3d:d7:f0:53:f4:
f3:d0:64:82:05:be:68:d9:21:62:6d:75:71:96:d3:
10:d2:37:55:49:c5:7c:ad:79:87:ef:2a:01:9b:0f:
eb:e7:b9:22:a7:0a:fb:bc:e9:9e:2b:d9:85:74:6e:
80:a1:d2:a8:85:1c:63:e8:13:6e:67:3e:37:72:83:
69:8b:1d:f1:d3:c8:6d:8b:9d:96:24:a8:a9:5b:70:
19:bb:f7:e1:42:b8:c0:a0:b7:6d:6f:c2:4d:df:34:
13:ed:21:39:9c:4c:74:8e:99:2b:03:95:dc:69:02:
f3:f8:b9:9e:62:d1:ef:e8:08:fb:6f:0e:d9:46:2a:
76:db:e3:80:27:37:60:14:c1:ef:b6:97:6b:eb:ee:
ad:e5:8c:02:53:18:10:a0:24:a7:be:85:6d:3e:ac:
32:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DE:E5:2C:63:81:45:27:DB:C0:08:73:17:63:2C:E4:40:AE:69:3F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B3D32F2293A111F0B2A6DE99DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.0.0/24
156.234.7.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b4:04:27:17:d0:ff:67:49:5f:19:68:b3:42:7c:40:be:ae:
d5:1f:9c:24:aa:c0:6f:cc:30:f2:22:8e:88:a8:01:48:51:ea:
4c:47:66:74:d3:7a:8b:56:64:f6:2e:25:83:e6:ef:1b:a9:ba:
a4:3f:82:6f:30:e2:b0:a9:6c:67:34:a1:a9:ed:51:1f:ac:4c:
98:50:17:50:51:72:c6:1b:70:62:28:4a:96:87:09:32:10:18:
16:ba:d1:6f:e3:80:a2:79:30:d7:00:63:c3:ee:2d:bf:75:db:
3b:c0:64:a5:63:e1:37:70:88:2c:ef:82:54:7f:45:d1:fa:28:
2e:17:97:73:3d:66:83:9f:a9:78:1a:99:f9:ab:64:84:be:85:
6e:27:36:f4:10:fa:0b:32:93:c7:5c:e4:d7:ff:9e:a4:51:a4:
c2:7a:b6:2a:f3:11:6d:1c:40:2f:0e:fc:f5:e5:a7:da:d5:be:
6e:f5:33:42:ea:21:ed:6c:6c:85:22:43:f4:8c:31:3b:af:4e:
52:1c:fe:27:8e:82:7c:c7:63:08:83:27:37:f9:f7:7a:38:5e:
f7:ec:85:f2:64:fe:6e:eb:ca:8e:2f:84:bb:cd:57:8d:40:4a:
75:ab:f0:dd:59:03:49:a7:45:9a:db:f8:dd:b0:70:27:52:9b:
aa:38:96:67
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXuoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE3MDgzODMxWhcNMjUxMTAzMDgzODMxWjAYMRYw
FAYDVQQDEw02OGNhNzM4ZC0yZTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyHtq7VYoF5dkikcTz6kTmeGbyYkCMzcWktGRKxyGULWpc8fNiSrjvz1L
5qXJrsyvCGKqPlrd1R4jf2HACVw9yGlHJNt7zhiKwRbpQen8z+2DbtKRmj5ZmCmN
05bIeCdCrGoQPdfwU/Tz0GSCBb5o2SFibXVxltMQ0jdVScV8rXmH7yoBmw/r57ki
pwr7vOmeK9mFdG6AodKohRxj6BNuZz43coNpix3x08hti52WJKipW3AZu/fhQrjA
oLdtb8JN3zQT7SE5nEx0jpkrA5XcaQLz+LmeYtHv6Aj7bw7ZRip22+OAJzdgFMHv
tpdr6+6t5YwCUxgQoCSnvoVtPqwy9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPve
5SxjgUUn28AIcxdjLORArmk/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CM0QzMkYyMjkzQTExMUYwQjJBNkRFOTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOoAAwQAnOoHMA0GCSqGSIb3
DQEBCwUAA4IBAQCQtAQnF9D/Z0lfGWizQnxAvq7VH5wkqsBvzDDyIo6IqAFIUepM
R2Z003qLVmT2LiWD5u8bqbqkP4JvMOKwqWxnNKGp7VEfrEyYUBdQUXLGG3BiKEqW
hwkyEBgWutFv44CieTDXAGPD7i2/dds7wGSlY+E3cIgs74JUf0XR+iguF5dzPWaD
n6l4Gpn5q2SEvoVuJzb0EPoLMpPHXOTX/56kUaTCerYq8xFtHEAvDvz15afa1b5u
9TNC6iHtbGyFIkP0jDE7r05SHP4njoJ8x2MIgyc3+fd6OF737IXyZP5u68qOL4S7
zVeNQEp1q/DdWQNJp0Wa2/jdsHAnUpuqOJZn
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:43 2025 by rpki-client