Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9822DA8ADB211F098FD23B6DAE4EC9C.roa
File: B9822DA8ADB211F098FD23B6DAE4EC9C.roa (raw, json)
Hash identifier: l1r80OT1Va3Dtiq1QuJDXV5Pk8wCkc59A64+tKR9tQ0=
Subject key identifier: D8:84:5F:DC:24:09:D9:91:C0:E3:24:64:4D:42:E8:17:4E:23:E5:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0181C1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9822DA8ADB211F098FD23B6DAE4EC9C.roa
Signing time: Mon 20 Oct 2025 12:45:58 +0000
ROA not before: Mon 20 Oct 2025 12:45:52 +0000
ROA not after: Fri 05 Dec 2025 12:45:52 +0000
asID: 142032
IP address blocks: 156.238.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 29 Oct 2025 10:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98753 (0x181c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 20 12:45:52 2025 GMT
Not After : Dec 5 12:45:52 2025 GMT
Subject: CN=68f62f06-0afe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d1:d9:15:8b:68:0c:0f:44:e6:c4:bd:4e:a2:
d9:1b:18:a8:36:30:3a:86:64:30:19:1a:67:70:7a:
5b:30:6a:cf:97:2c:5f:44:87:82:5b:df:12:d2:25:
74:1b:6e:c8:3e:3c:19:43:07:0e:91:10:35:80:58:
8c:e5:1e:ed:ff:a5:50:8e:e3:e2:4a:51:1a:8d:c2:
21:07:01:48:08:2d:c7:d0:90:92:5a:20:37:de:73:
f2:63:b6:53:ca:9a:e7:90:cc:13:05:cd:05:ff:49:
4a:da:93:f7:7b:41:3a:fa:4b:80:e9:32:e9:13:9e:
6d:45:e3:b2:a9:f1:5f:f9:72:48:ba:2f:3a:5f:cf:
79:dd:3e:77:c2:f0:d0:93:c5:88:be:cd:84:3a:d7:
bb:19:0b:0d:d0:ba:62:bd:55:e1:5a:7f:49:e7:b6:
36:7a:a9:99:13:7d:39:8c:fa:11:bb:79:4d:7c:50:
39:c2:91:17:63:30:e1:7f:cd:00:ca:3f:86:f6:da:
0c:f0:94:1d:9a:bc:70:a1:d1:16:44:ef:2d:40:db:
e3:9d:be:0b:32:e4:59:3c:6a:35:98:99:18:c7:a4:
0a:5c:0b:9a:40:b1:30:7e:ae:0b:7d:6e:45:d2:d7:
8f:87:64:d6:2c:31:17:9d:0d:4a:12:91:08:bf:9d:
2f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:84:5F:DC:24:09:D9:91:C0:E3:24:64:4D:42:E8:17:4E:23:E5:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9822DA8ADB211F098FD23B6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.224.0/19
Signature Algorithm: sha256WithRSAEncryption
97:c5:b3:00:fd:1f:2b:f7:a1:0a:00:bb:37:68:f8:9c:38:21:
79:66:c0:66:8a:e8:4d:9c:ff:a6:e2:54:51:a8:bb:0c:e5:9a:
ec:42:f8:1c:37:fd:d8:6c:2c:2e:96:5e:1b:86:6f:92:eb:11:
b9:c2:2a:24:17:c1:80:96:d1:61:2e:65:39:f4:23:d6:65:79:
4b:a8:46:1c:7f:8c:62:ef:e7:28:91:24:a8:02:e6:0a:b7:d4:
e5:ab:6c:49:f2:f6:bd:f7:b2:cc:ea:d7:31:79:2e:ca:53:74:
78:0d:db:c2:d8:6a:b6:1f:1a:0f:fb:92:e1:da:c9:1d:87:9f:
0b:d7:14:1e:5f:bb:45:3d:1c:f4:72:05:bb:c2:e8:1f:8e:8a:
dc:c4:f2:61:54:05:82:88:67:3e:81:ec:cd:92:a1:2c:80:45:
69:cd:17:9c:2b:72:a2:90:d1:6b:79:95:09:ff:e5:bf:2d:7b:
da:07:e6:cb:fc:4d:56:98:ce:43:2f:36:08:34:93:0c:b8:de:
c6:b6:d9:58:46:22:0f:42:cf:41:23:db:3d:60:e9:1a:93:93:
67:77:f2:56:ac:b7:8e:a7:e9:c9:b4:d8:0d:a2:8f:13:0f:eb:
9c:83:d9:62:b2:3c:33:bc:7e:38:46:f5:bd:17:3a:92:01:44:
f9:c6:47:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYHBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIwMTI0NTUyWhcNMjUxMjA1MTI0NTUyWjAYMRYw
FAYDVQQDEw02OGY2MmYwNi0wYWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsdHZFYtoDA9E5sS9TqLZGxioNjA6hmQwGRpncHpbMGrPlyxfRIeCW98S
0iV0G27IPjwZQwcOkRA1gFiM5R7t/6VQjuPiSlEajcIhBwFICC3H0JCSWiA33nPy
Y7ZTyprnkMwTBc0F/0lK2pP3e0E6+kuA6TLpE55tReOyqfFf+XJIui86X8953T53
wvDQk8WIvs2EOte7GQsN0LpivVXhWn9J57Y2eqmZE305jPoRu3lNfFA5wpEXYzDh
f80Ayj+G9toM8JQdmrxwodEWRO8tQNvjnb4LMuRZPGo1mJkYx6QKXAuaQLEwfq4L
fW5F0tePh2TWLDEXnQ1KEpEIv50viQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNiE
X9wkCdmRwOMkZE1C6BdOI+VbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTgyMkRBOEFEQjIxMUYwOThGRDIzQjZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnO7gMA0GCSqGSIb3DQEBCwUA
A4IBAQCXxbMA/R8r96EKALs3aPicOCF5ZsBmiuhNnP+m4lRRqLsM5ZrsQvgcN/3Y
bCwull4bhm+S6xG5wiokF8GAltFhLmU59CPWZXlLqEYcf4xi7+cokSSoAuYKt9Tl
q2xJ8va997LM6tcxeS7KU3R4DdvC2Gq2HxoP+5Lh2skdh58L1xQeX7tFPRz0cgW7
wugfjorcxPJhVAWCiGc+gezNkqEsgEVpzRecK3KikNFreZUJ/+W/LXvaB+bL/E1W
mM5DLzYINJMMuN7GttlYRiIPQs9BI9s9YOkak5Nnd/JWrLeOp+nJtNgNoo8TD+uc
g9lisjwzvH44RvW9FzqSAUT5xkc1
-----END CERTIFICATE-----
Generated at Tue Oct 28 00:43:00 2025 by rpki-client