Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD08A22C998011F095B1958CDAE4EC9C.roa
File: BD08A22C998011F095B1958CDAE4EC9C.roa (raw, json)
Hash identifier: oqRO6PPJ4PVOcWaOU8r4uxebPQIWKDGCpItWw/8Odvc=
Subject key identifier: 92:9E:F6:27:A0:DE:DF:66:FB:68:26:03:1D:B1:5F:56:1B:AB:AA:1C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D13
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD08A22C998011F095B1958CDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 19:57:46 +0000
ROA not before: Wed 24 Sep 2025 19:57:41 +0000
ROA not after: Tue 04 Nov 2025 19:57:41 +0000
asID: 20326
IP address blocks: 156.229.48.0/24 maxlen: 24
156.229.60.0/24 maxlen: 24
156.233.54.0/24 maxlen: 24
156.233.69.0/24 maxlen: 24
156.233.70.0/24 maxlen: 24
156.233.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97555 (0x17d13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 19:57:41 2025 GMT
Not After : Nov 4 19:57:41 2025 GMT
Subject: CN=68d44d3a-6806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:60:0a:59:e2:53:bc:ec:72:5d:e2:14:d7:da:
e1:72:cd:08:6c:bf:35:00:9a:c0:a4:a4:1a:ff:21:
26:20:52:a9:81:7e:22:ea:db:cd:aa:54:50:12:c7:
db:5a:5b:dd:ff:c9:4a:fa:02:f4:61:e0:ba:1c:60:
1b:85:d2:b8:51:4b:eb:fd:45:76:be:26:ba:ad:00:
97:1e:7a:73:f9:21:28:fe:ac:bb:8f:66:73:dc:d9:
57:71:2c:ee:70:33:3d:11:94:19:72:0f:9a:89:1d:
bc:af:26:4c:51:b1:29:de:e0:ee:76:d1:b2:53:0c:
1f:03:88:6a:92:f2:a1:62:24:cb:b8:7f:70:f4:2b:
5a:37:c3:d2:55:fe:46:8a:aa:3c:d6:06:32:88:2e:
80:8c:fe:93:86:42:69:d6:e5:e7:e6:da:ca:aa:c6:
d1:ef:34:f7:8d:8b:a3:f0:35:56:e9:7e:f3:ce:45:
ff:25:87:50:26:22:3b:32:89:ce:a0:96:22:f1:89:
4d:bb:f7:80:35:ed:37:e4:ba:9c:76:c5:8c:4b:1e:
4c:08:2a:a1:c9:fa:d8:69:59:23:8c:cd:eb:df:72:
a3:d9:9a:20:31:dc:a3:df:4d:b0:c6:81:95:40:1c:
33:b2:95:44:62:32:11:5c:9b:70:8f:cc:0e:eb:af:
cb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9E:F6:27:A0:DE:DF:66:FB:68:26:03:1D:B1:5F:56:1B:AB:AA:1C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD08A22C998011F095B1958CDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.48.0/24
156.229.60.0/24
156.233.54.0/24
156.233.69.0-156.233.70.255
156.233.102.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:34:10:cb:33:69:25:62:b7:7c:10:85:d9:c2:e9:8b:0a:b4:
f9:fd:8d:00:ef:81:c9:2d:10:55:7f:cf:af:7c:e6:7c:a3:78:
c2:72:f6:05:d7:eb:3c:ee:c6:1f:77:90:b8:b4:03:39:3e:c6:
a7:f2:37:86:41:c5:91:75:26:15:55:72:97:f2:54:23:f3:df:
75:4d:e4:62:8b:20:ed:8c:82:99:0c:16:6c:8e:6b:a3:4a:35:
1b:22:54:10:ff:65:38:f3:32:9e:82:19:47:21:30:6f:3d:19:
26:9b:47:dc:9b:4f:d5:38:e1:ab:6a:6f:38:8e:07:e2:d8:ac:
41:83:90:c1:99:f6:2e:d3:e5:76:91:63:9f:30:8f:91:da:ae:
2c:6a:f5:e3:41:bb:aa:b4:bb:03:41:16:e0:2c:07:83:33:b8:
0b:38:c5:c9:ce:56:90:3e:79:e6:48:83:80:d3:43:72:f1:b2:
e2:e6:9a:4b:f0:19:f6:22:e1:b4:81:51:12:26:a6:98:d0:f5:
c8:8f:30:52:c1:a7:e2:f3:07:c8:18:8a:51:c5:1d:7d:0f:6d:
24:03:6d:3a:03:a2:34:f3:36:94:9e:6b:96:7c:40:b4:99:ba:
11:b7:e3:14:c0:e5:dc:f2:79:96:e5:2e:c7:29:d3:cc:79:7b:
91:32:0f:7f
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAX0TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MTk1NzQxWhcNMjUxMTA0MTk1NzQxWjAYMRYw
FAYDVQQDEw02OGQ0NGQzYS02ODA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxWAKWeJTvOxyXeIU19rhcs0IbL81AJrApKQa/yEmIFKpgX4i6tvNqlRQ
EsfbWlvd/8lK+gL0YeC6HGAbhdK4UUvr/UV2via6rQCXHnpz+SEo/qy7j2Zz3NlX
cSzucDM9EZQZcg+aiR28ryZMUbEp3uDudtGyUwwfA4hqkvKhYiTLuH9w9CtaN8PS
Vf5Giqo81gYyiC6AjP6ThkJp1uXn5trKqsbR7zT3jYuj8DVW6X7zzkX/JYdQJiI7
MonOoJYi8YlNu/eANe035LqcdsWMSx5MCCqhyfrYaVkjjM3r33Kj2ZogMdyj302w
xoGVQBwzspVEYjIRXJtwj8wO66/LUQIDAQABo4ICwjCCAr4wHQYDVR0OBBYEFJKe
9ieg3t9m+2gmAx2xX1Ybq6ocMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRDA4QTIyQzk5ODAxMUYwOTVCMTk1OENEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAnOUwAwQAnOU8AwQAnOk2MAwD
BACc6UUDBACc6UYDBACc6WYwDQYJKoZIhvcNAQELBQADggEBAKM0EMszaSVit3wQ
hdnC6YsKtPn9jQDvgcktEFV/z6985nyjeMJy9gXX6zzuxh93kLi0Azk+xqfyN4ZB
xZF1JhVVcpfyVCPz33VN5GKLIO2MgpkMFmyOa6NKNRsiVBD/ZTjzMp6CGUchMG89
GSabR9ybT9U44atqbziOB+LYrEGDkMGZ9i7T5XaRY58wj5Harixq9eNBu6q0uwNB
FuAsB4MzuAs4xcnOVpA+eeZIg4DTQ3LxsuLmmkvwGfYi4bSBURImppjQ9ciPMFLB
p+LzB8gYilHFHX0PbSQDbToDojTzNpSea5Z8QLSZuhG34xTA5dzyeZblLscp08x5
e5EyD38=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:00 2025 by rpki-client