Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C38BC88E939C11F0B4BF0B7BDAE4EC9C.roa
File: C38BC88E939C11F0B4BF0B7BDAE4EC9C.roa (raw, json)
Hash identifier: /QRzzEETePYUlBh3EKB1Wguf824Xh94w+J50cWHAqu4=
Subject key identifier: 95:E1:BC:A1:5A:3E:D4:4A:DA:E2:FB:70:5F:28:03:86:74:EC:5E:0E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017B9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C38BC88E939C11F0B4BF0B7BDAE4EC9C.roa
Signing time: Wed 17 Sep 2025 08:03:16 +0000
ROA not before: Wed 17 Sep 2025 08:03:11 +0000
ROA not after: Tue 21 Oct 2025 08:03:11 +0000
asID: 153656
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97179 (0x17b9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 08:03:11 2025 GMT
Not After : Oct 21 08:03:11 2025 GMT
Subject: CN=68ca6b43-b57b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e3:cd:ad:bc:9f:71:27:8e:76:74:6b:8e:90:
48:66:f7:d9:62:0f:b5:e1:68:39:02:ca:dd:2b:72:
a3:02:82:3d:e2:a5:ea:13:d2:1e:67:f8:dd:49:9c:
2b:7f:e2:a9:f8:19:26:0f:18:14:ba:24:b9:8d:92:
12:38:c4:c1:aa:b5:d2:3b:54:bd:c1:ba:49:d6:fd:
1c:bb:ad:eb:57:94:71:51:5e:54:1a:8b:d7:d3:5f:
23:75:f5:b7:e6:ff:3a:06:b8:75:0b:6a:03:92:e5:
c0:59:4b:91:9c:1a:54:51:7b:bb:3f:fa:26:b5:03:
36:94:c9:03:26:e5:1a:46:e8:cb:d9:2f:ac:5b:b9:
07:51:bd:47:5d:93:e0:a5:f2:82:4d:9e:13:3a:6d:
3c:a8:17:d0:2a:c5:8e:2a:29:f4:0d:be:ff:1d:07:
f4:00:12:1c:72:49:a7:13:55:88:e0:40:e4:b2:0d:
4e:3a:f3:be:4c:17:f8:4e:59:d2:aa:be:e6:95:71:
4b:e8:10:83:d2:2f:6d:a6:58:2f:c4:2d:e3:24:7b:
f7:27:23:d5:16:6b:05:6a:b1:55:d9:bd:7d:5d:00:
23:eb:ac:c8:49:d5:fd:26:71:96:50:88:c8:93:91:
db:52:82:0d:c6:2d:2d:39:2b:66:c4:e6:63:7f:14:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E1:BC:A1:5A:3E:D4:4A:DA:E2:FB:70:5F:28:03:86:74:EC:5E:0E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C38BC88E939C11F0B4BF0B7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
6f:93:4e:21:64:2d:1f:90:42:44:98:7b:a7:ce:51:25:7b:8f:
b8:c4:67:c6:2f:eb:35:31:43:52:1c:6f:02:2c:ec:72:1e:d3:
05:b2:a3:44:cb:92:da:66:82:cb:0a:e0:7c:af:33:6e:98:96:
be:9d:aa:e6:37:01:af:08:dd:a2:55:90:ce:b6:54:37:02:b4:
02:ba:41:2a:31:76:c4:d7:ea:97:1c:e2:8c:bd:ec:86:24:93:
24:d5:83:cb:7c:a0:2a:fa:cb:80:72:af:9b:34:51:a5:81:eb:
13:16:a9:9d:0f:bb:e9:c2:7c:86:37:1a:07:3a:1f:fb:58:2e:
39:9c:51:e6:f1:3f:2c:f4:dc:df:02:26:5c:a1:46:bb:0d:80:
9d:a1:dd:e8:df:d6:40:13:33:55:00:b2:4c:ce:f4:de:0f:bd:
67:35:25:7f:84:ae:65:0b:ac:85:b3:e6:71:56:17:5f:b6:c7:
71:bc:1b:71:d4:8c:a9:ac:4f:41:14:a1:2d:cd:ec:1a:6b:be:
34:ed:46:a8:69:61:72:9e:bf:78:67:3e:70:2d:2a:ac:4c:a4:
bf:d1:40:fb:fd:63:1a:49:f5:ff:4b:7c:f8:3e:22:2c:38:04:
f5:b7:ca:63:4e:f1:d4:f5:c3:cb:8f:b5:a3:24:b6:23:58:f7:
bd:8f:17:54
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAXubMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE3MDgwMzExWhcNMjUxMDIxMDgwMzExWjAYMRYw
FAYDVQQDEw02OGNhNmI0My1iNTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuuPNrbyfcSeOdnRrjpBIZvfZYg+14Wg5AsrdK3KjAoI94qXqE9IeZ/jd
SZwrf+Kp+BkmDxgUuiS5jZISOMTBqrXSO1S9wbpJ1v0cu63rV5RxUV5UGovX018j
dfW35v86Brh1C2oDkuXAWUuRnBpUUXu7P/omtQM2lMkDJuUaRujL2S+sW7kHUb1H
XZPgpfKCTZ4TOm08qBfQKsWOKin0Db7/HQf0ABIcckmnE1WI4EDksg1OOvO+TBf4
TlnSqr7mlXFL6BCD0i9tplgvxC3jJHv3JyPVFmsFarFV2b19XQAj66zISdX9JnGW
UIjIk5HbUoINxi0tOStmxOZjfxSuMQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFJXh
vKFaPtRK2uL7cF8oA4Z07F4OMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMzhCQzg4RTkzOUMxMUYwQjRCRjBCN0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAG+TTiFkLR+QQkSYe6fOUSV7j7jEZ8Yv6zUxQ1IcbwIs7HIe
0wWyo0TLktpmgssK4HyvM26Ylr6dquY3Aa8I3aJVkM62VDcCtAK6QSoxdsTX6pcc
4oy97IYkkyTVg8t8oCr6y4Byr5s0UaWB6xMWqZ0Pu+nCfIY3Ggc6H/tYLjmcUebx
Pyz03N8CJlyhRrsNgJ2h3ejf1kATM1UAskzO9N4PvWc1JX+ErmULrIWz5nFWF1+2
x3G8G3HUjKmsT0EUoS3N7BprvjTtRqhpYXKev3hnPnAtKqxMpL/RQPv9YxpJ9f9L
fPg+Iiw4BPW3ymNO8dT1w8uPtaMktiNY972PF1Q=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:52 2025 by rpki-client