Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C15C3EE6921011F09BBF05F4DAE4EC9C.roa
File: C15C3EE6921011F09BBF05F4DAE4EC9C.roa (raw, json)
Hash identifier: 2/sg3izOaHQjNzRSH5FlMoNfzGLb9TwqUnArC+0kvRY=
Subject key identifier: 0A:D5:C8:E6:FB:67:62:EB:95:76:AD:61:18:B5:BC:3B:E1:C2:DC:0C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017B3D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C15C3EE6921011F09BBF05F4DAE4EC9C.roa
Signing time: Mon 15 Sep 2025 08:48:31 +0000
ROA not before: Mon 15 Sep 2025 08:48:26 +0000
ROA not after: Sat 25 Oct 2025 08:48:26 +0000
asID: 61112
IP address blocks: 156.231.139.0/24 maxlen: 24
156.246.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97085 (0x17b3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 15 08:48:26 2025 GMT
Not After : Oct 25 08:48:26 2025 GMT
Subject: CN=68c7d2df-8563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a4:9d:c9:a4:c9:4b:92:62:fa:c9:90:6c:f6:
8d:05:e5:17:9d:68:5a:e0:89:f0:1a:90:c1:e8:e0:
55:ce:b7:bb:7c:a8:64:86:be:d7:01:57:e5:3c:67:
43:20:a4:60:d1:d6:6f:ae:8c:02:93:a2:37:38:20:
4f:96:85:9e:6e:99:b8:51:70:8b:d4:33:fe:67:07:
b5:8c:e8:8b:3f:04:58:36:f1:2c:95:be:70:84:76:
e8:21:10:b8:4e:bd:35:04:33:8f:64:20:58:32:6a:
4d:cf:b6:54:4c:84:b1:57:af:5a:a3:92:65:78:5f:
d7:fc:47:ca:3b:bd:31:17:84:68:4e:48:3f:17:a2:
92:4c:e0:14:02:8f:6f:c5:66:cc:3d:d0:bc:24:ed:
a9:de:d6:59:ef:18:30:98:bf:ee:1c:fe:a2:ac:ee:
61:1a:a7:87:d1:be:46:4b:13:e6:af:c1:8a:8c:c9:
78:ef:1c:5b:e6:10:28:47:cb:20:c1:96:66:3a:54:
5b:27:d8:30:58:36:07:67:d3:f7:0a:b6:70:b4:f4:
ef:84:53:3d:ad:a8:41:24:df:b1:ed:10:8a:5e:22:
77:62:64:42:f6:33:27:80:b5:6f:43:fe:1d:0e:62:
52:67:2b:68:80:7b:0d:de:3b:81:03:37:89:15:10:
b2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D5:C8:E6:FB:67:62:EB:95:76:AD:61:18:B5:BC:3B:E1:C2:DC:0C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C15C3EE6921011F09BBF05F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.139.0/24
156.246.88.0/21
Signature Algorithm: sha256WithRSAEncryption
56:66:ed:af:5d:77:fa:79:1a:df:7f:b6:0a:c1:50:19:28:b9:
3b:02:25:a4:0e:3b:7f:2f:38:eb:a3:e3:48:bf:0f:07:27:58:
76:f1:30:af:2a:62:18:d2:5e:32:a0:ad:3c:4f:d9:3f:9b:a1:
d9:e5:d6:08:6e:36:1f:f6:d1:32:0d:eb:0f:06:6c:54:77:42:
ae:60:d8:af:b6:b6:90:d4:88:2e:f1:25:7e:2a:c8:cb:23:63:
ef:7c:58:e8:60:55:f1:9e:a6:8e:c1:7b:a8:12:09:8d:0f:43:
f8:dd:0b:09:fb:73:ab:92:71:6e:14:3e:25:95:e9:13:4b:47:
8b:85:f2:24:f5:db:cd:08:5b:b5:17:37:ca:81:f0:19:b0:60:
09:a7:9a:24:5d:b8:24:72:9c:36:67:d4:7f:d1:32:6c:60:84:
5e:90:9c:e3:21:b9:eb:f9:5e:01:38:ae:51:60:ed:b8:e7:6b:
b5:a0:46:a0:98:d7:3b:3f:86:fa:f2:2b:92:a9:a2:2c:51:65:
6c:52:f0:2d:3d:4b:4f:97:98:55:98:11:be:4d:d0:66:df:9c:
48:c4:3b:dc:23:1a:b2:06:1f:71:06:27:c9:ec:ef:c4:72:cf:
3b:bf:7c:aa:40:ef:ea:c6:81:9e:02:45:46:26:8c:f4:4e:8f:
32:24:0d:d1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXs9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE1MDg0ODI2WhcNMjUxMDI1MDg0ODI2WjAYMRYw
FAYDVQQDEw02OGM3ZDJkZi04NTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtaSdyaTJS5Ji+smQbPaNBeUXnWha4InwGpDB6OBVzre7fKhkhr7XAVfl
PGdDIKRg0dZvrowCk6I3OCBPloWebpm4UXCL1DP+Zwe1jOiLPwRYNvEslb5whHbo
IRC4Tr01BDOPZCBYMmpNz7ZUTISxV69ao5JleF/X/EfKO70xF4RoTkg/F6KSTOAU
Ao9vxWbMPdC8JO2p3tZZ7xgwmL/uHP6irO5hGqeH0b5GSxPmr8GKjMl47xxb5hAo
R8sgwZZmOlRbJ9gwWDYHZ9P3CrZwtPTvhFM9rahBJN+x7RCKXiJ3YmRC9jMngLVv
Q/4dDmJSZytogHsN3juBAzeJFRCyIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFArV
yOb7Z2LrlXatYRi1vDvhwtwMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMTVDM0VFNjkyMTAxMUYwOUJCRjA1RjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOeLAwQDnPZYMA0GCSqGSIb3
DQEBCwUAA4IBAQBWZu2vXXf6eRrff7YKwVAZKLk7AiWkDjt/Lzjro+NIvw8HJ1h2
8TCvKmIY0l4yoK08T9k/m6HZ5dYIbjYf9tEyDesPBmxUd0KuYNivtraQ1Igu8SV+
KsjLI2PvfFjoYFXxnqaOwXuoEgmND0P43QsJ+3OrknFuFD4llekTS0eLhfIk9dvN
CFu1FzfKgfAZsGAJp5okXbgkcpw2Z9R/0TJsYIRekJzjIbnr+V4BOK5RYO2452u1
oEagmNc7P4b68iuSqaIsUWVsUvAtPUtPl5hVmBG+TdBm35xIxDvcIxqyBh9xBifJ
7O/Ecs87v3yqQO/qxoGeAkVGJoz0To8yJA3R
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:58 2025 by rpki-client