Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5DD33B88CA111F0B2E7028DDAE4EC9C.roa
File: C5DD33B88CA111F0B2E7028DDAE4EC9C.roa (raw, json)
Hash identifier: 8bDtFcLQpBiboLVOT0fiVxGmZjHfdOVQP2cdxiCX1jo=
Subject key identifier: 87:89:3F:CD:C6:00:35:16:F6:C8:96:EA:F3:05:1F:33:B9:96:23:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0179BF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5DD33B88CA111F0B2E7028DDAE4EC9C.roa
Signing time: Mon 08 Sep 2025 10:51:29 +0000
ROA not before: Mon 08 Sep 2025 10:51:21 +0000
ROA not after: Wed 22 Oct 2025 10:51:21 +0000
asID: 142032
IP address blocks: 156.225.16.0/20 maxlen: 24
156.225.16.0/21 maxlen: 24
156.225.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96703 (0x179bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 8 10:51:21 2025 GMT
Not After : Oct 22 10:51:21 2025 GMT
Subject: CN=68beb531-92da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:54:ca:78:1a:25:74:43:3f:c4:be:c2:64:ae:
bf:74:c1:46:06:e0:40:e4:b9:31:22:7f:c9:f0:e8:
8f:18:47:d3:fe:b5:c7:d6:ce:24:9f:13:df:0a:43:
0e:3b:62:b7:49:59:89:be:44:3b:1b:67:de:9a:64:
f9:91:44:88:75:99:fe:f4:e8:dd:08:dc:b4:ee:a2:
37:9b:90:20:f7:40:6b:ff:83:96:6f:6f:dc:55:5a:
b4:88:92:95:1a:d7:5f:27:a7:01:3b:68:0f:1d:fa:
1f:d8:ed:b6:24:5e:45:06:73:28:bb:0c:0d:ab:fb:
02:de:c1:27:84:70:d9:3b:8c:70:9e:cc:c7:09:8f:
0a:97:4b:01:b5:01:4c:43:58:be:68:0b:c0:fa:55:
ed:58:b5:bb:a8:d1:3e:4a:25:6d:61:93:b7:c0:7e:
62:71:7c:6a:68:a1:83:26:9a:2e:da:82:5b:4c:dd:
89:b5:b0:1e:8c:48:63:09:62:40:a2:c4:2f:fd:05:
7f:7b:a5:97:44:c3:09:fa:55:0d:cf:6e:c2:6d:fc:
6e:07:63:e0:1e:66:e3:bd:a5:e3:f9:42:eb:d7:05:
b0:b9:18:f5:d8:46:78:b7:a6:32:c8:8c:8c:85:02:
68:8a:20:73:ee:0f:46:89:49:be:51:37:f9:bf:93:
12:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:89:3F:CD:C6:00:35:16:F6:C8:96:EA:F3:05:1F:33:B9:96:23:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5DD33B88CA111F0B2E7028DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
59:da:e4:18:1a:8d:41:da:4a:e4:20:f2:d8:dd:70:9b:4a:c7:
7a:99:2c:80:5f:a9:a4:17:94:03:69:a9:e7:1a:ce:87:c1:1e:
f7:23:3d:4c:04:6f:fa:0f:af:64:97:43:a2:be:6b:65:36:d1:
19:74:8c:ff:41:be:59:b5:7c:0c:f3:bc:47:62:08:66:ce:90:
96:19:bf:00:3f:3c:b3:49:cc:b6:c2:ec:f2:43:25:ee:82:ae:
5c:89:78:9a:2e:2b:c9:35:d6:e3:ed:92:6e:79:50:12:5f:50:
77:1e:d1:07:33:26:54:7d:81:bb:3b:95:4f:3c:d7:96:03:1a:
c5:37:7e:cd:84:23:81:9b:41:df:3b:be:a3:43:e8:ab:26:d1:
46:0b:e0:8c:d3:e7:e0:69:97:a9:2c:6c:41:30:1c:7c:fb:c9:
f7:5f:91:88:d8:52:5e:97:c9:60:1f:44:85:d3:c5:ae:ad:06:
16:7f:f2:1e:52:79:db:1c:3c:02:e4:24:40:8d:50:c8:eb:48:
fa:5d:79:1d:01:7f:69:b5:a5:e8:74:48:96:75:6c:7f:4f:42:
b4:9b:45:10:f3:63:76:c5:1d:d8:8b:2b:4d:d8:b7:d1:08:e5:
0f:32:73:de:d7:39:c1:44:50:df:3f:10:2f:49:f7:0b:93:de:
96:d5:81:7e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXm/MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA4MTA1MTIxWhcNMjUxMDIyMTA1MTIxWjAYMRYw
FAYDVQQDEw02OGJlYjUzMS05MmRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAk1TKeBoldEM/xL7CZK6/dMFGBuBA5LkxIn/J8OiPGEfT/rXH1s4knxPf
CkMOO2K3SVmJvkQ7G2femmT5kUSIdZn+9OjdCNy07qI3m5Ag90Br/4OWb2/cVVq0
iJKVGtdfJ6cBO2gPHfof2O22JF5FBnMouwwNq/sC3sEnhHDZO4xwnszHCY8Kl0sB
tQFMQ1i+aAvA+lXtWLW7qNE+SiVtYZO3wH5icXxqaKGDJpou2oJbTN2JtbAejEhj
CWJAosQv/QV/e6WXRMMJ+lUNz27CbfxuB2PgHmbjvaXj+ULr1wWwuRj12EZ4t6Yy
yIyMhQJoiiBz7g9GiUm+UTf5v5MSCwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIeJ
P83GADUW9siW6vMFHzO5liMvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNUREMzNCODhDQTExMUYwQjJFNzAyOEREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQBZ2uQYGo1B2krkIPLY3XCbSsd6mSyAX6mkF5QDaannGs6HwR73Iz1MBG/6
D69kl0OivmtlNtEZdIz/Qb5ZtXwM87xHYghmzpCWGb8APzyzScy2wuzyQyXugq5c
iXiaLivJNdbj7ZJueVASX1B3HtEHMyZUfYG7O5VPPNeWAxrFN37NhCOBm0HfO76j
Q+irJtFGC+CM0+fgaZepLGxBMBx8+8n3X5GI2FJel8lgH0SF08WurQYWf/IeUnnb
HDwC5CRAjVDI60j6XXkdAX9ptaXodEiWdWx/T0K0m0UQ82N2xR3YiytN2LfRCOUP
MnPe1znBRFDfPxAvSfcLk96W1YF+
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:11 2025 by rpki-client