Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6C1AAA8997A11F09D4E08E4DAE4EC9C.roa
File: C6C1AAA8997A11F09D4E08E4DAE4EC9C.roa (raw, json)
Hash identifier: hjlJqaNQhwYsLbQurloGrateoeyL9YjTismwRa141fw=
Subject key identifier: 14:9F:18:6D:8F:07:29:75:D2:6A:9E:CF:1B:46:35:E4:42:17:27:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D0B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6C1AAA8997A11F09D4E08E4DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 19:15:05 +0000
ROA not before: Wed 24 Sep 2025 19:14:59 +0000
ROA not after: Thu 30 Oct 2025 19:14:59 +0000
asID: 398443
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97547 (0x17d0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 19:14:59 2025 GMT
Not After : Oct 30 19:14:59 2025 GMT
Subject: CN=68d44339-e1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:96:5b:3c:a8:a5:b9:87:10:c1:88:c2:24:a6:
f4:59:25:20:b7:9c:98:7e:b0:41:43:65:5d:a1:51:
30:c0:70:a2:06:fb:b6:39:43:6d:a1:18:61:ed:8a:
97:44:ea:bf:2f:d4:3a:4e:31:6b:51:18:9e:70:72:
c0:1b:09:aa:d6:2c:a6:e0:1c:9c:8a:9e:89:86:15:
2e:7f:11:c1:07:8e:1f:bc:1e:e0:40:53:59:4b:5f:
76:c1:02:7f:d0:64:8c:dc:b2:5f:16:7e:33:cc:46:
1b:f6:a3:a7:08:00:f0:2a:ae:de:95:66:cf:36:db:
39:89:48:40:e5:ce:c6:41:b3:87:54:d9:0e:b7:d0:
29:36:15:59:6d:fc:0b:09:a1:7d:75:88:52:c9:7d:
04:fb:af:5f:4c:d3:95:5c:a3:ee:e1:1d:d5:02:4d:
9b:58:41:28:72:84:3c:a5:9c:a6:a0:47:1c:a7:a3:
a7:bb:3e:ee:70:2c:12:e8:f7:e9:a8:d2:4e:d2:73:
94:ca:ef:89:16:20:c2:02:3b:4a:f5:c1:00:5e:a4:
16:12:8b:21:aa:81:a9:84:e9:9b:ab:5f:7c:53:83:
df:b9:02:60:e8:fd:b2:69:ac:a8:7e:ee:c0:91:8b:
0e:7c:ee:77:e3:aa:ef:19:39:59:90:25:76:3b:ef:
27:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:9F:18:6D:8F:07:29:75:D2:6A:9E:CF:1B:46:35:E4:42:17:27:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6C1AAA8997A11F09D4E08E4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
Signature Algorithm: sha256WithRSAEncryption
62:9f:dd:e8:4e:50:ce:7b:6e:8e:4d:e0:80:78:2c:2d:2a:b4:
56:69:72:59:32:68:a4:13:e7:ef:25:b1:22:cd:71:01:5e:fa:
f2:4d:06:33:08:ab:55:6d:66:e1:e7:01:8c:69:53:ca:ff:85:
91:9e:14:ea:31:20:3a:f1:55:82:47:97:28:90:5c:3f:88:62:
06:15:51:5c:fb:27:bb:e0:98:3e:5f:39:79:81:7b:27:b1:1f:
a6:4d:a5:cc:5d:1c:15:31:89:e1:35:1d:93:0e:9a:34:cf:21:
19:6c:a0:12:0f:a4:38:d8:95:af:33:55:d7:59:1d:a3:b3:cc:
e4:dd:f9:99:01:3e:9b:97:dc:9f:b7:d8:5b:ab:c0:f4:6c:8a:
20:7b:c4:d5:22:ff:f8:38:7e:e3:83:68:41:d2:eb:96:48:d7:
c6:14:4d:cf:aa:ac:c3:ce:51:bf:ec:3d:26:3e:ae:62:38:ab:
6a:90:46:e2:c3:9f:09:5a:86:95:7b:43:a1:4d:30:6f:69:00:
2c:6e:40:6e:4e:dd:29:3d:b5:c3:fa:29:f3:d1:bf:c9:5c:5e:
b4:c2:9d:ab:ff:c0:85:d6:8a:5c:2c:98:89:53:52:54:31:fd:
78:d6:0a:d6:9c:75:2f:f8:0b:bc:a5:d0:33:d9:ab:2d:a4:01:
a6:09:15:fb
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAX0LMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MTkxNDU5WhcNMjUxMDMwMTkxNDU5WjAYMRYw
FAYDVQQDEw02OGQ0NDMzOS1lMWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAspZbPKiluYcQwYjCJKb0WSUgt5yYfrBBQ2VdoVEwwHCiBvu2OUNtoRhh
7YqXROq/L9Q6TjFrURiecHLAGwmq1iym4Bycip6JhhUufxHBB44fvB7gQFNZS192
wQJ/0GSM3LJfFn4zzEYb9qOnCADwKq7elWbPNts5iUhA5c7GQbOHVNkOt9ApNhVZ
bfwLCaF9dYhSyX0E+69fTNOVXKPu4R3VAk2bWEEocoQ8pZymoEccp6Onuz7ucCwS
6PfpqNJO0nOUyu+JFiDCAjtK9cEAXqQWEoshqoGphOmbq198U4PfuQJg6P2yaayo
fu7AkYsOfO5346rvGTlZkCV2O+8nEwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFBSf
GG2PByl10mqezxtGNeRCFyfZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNkMxQUFBODk5N0ExMUYwOUQ0RTA4RTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc5bADBAWc5cAwDQYJKoZI
hvcNAQELBQADggEBAGKf3ehOUM57bo5N4IB4LC0qtFZpclkyaKQT5+8lsSLNcQFe
+vJNBjMIq1VtZuHnAYxpU8r/hZGeFOoxIDrxVYJHlyiQXD+IYgYVUVz7J7vgmD5f
OXmBeyexH6ZNpcxdHBUxieE1HZMOmjTPIRlsoBIPpDjYla8zVddZHaOzzOTd+ZkB
PpuX3J+32FurwPRsiiB7xNUi//g4fuODaEHS65ZI18YUTc+qrMPOUb/sPSY+rmI4
q2qQRuLDnwlahpV7Q6FNMG9pACxuQG5O3Sk9tcP6KfPRv8lcXrTCnav/wIXWilws
mIlTUlQx/XjWCtacdS/4C7yl0DPZqy2kAaYJFfs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:09 2025 by rpki-client