Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2F41A6A94B411F082617E85DAE4EC9C.roa
File: D2F41A6A94B411F082617E85DAE4EC9C.roa (raw, json)
Hash identifier: zarvmPkja7amvcgP7yN15NmWWPr+Wb0Urq1QTxadzrI=
Subject key identifier: 8E:2C:F8:85:58:95:26:D8:7C:6F:D1:FA:9C:79:B5:00:73:10:3E:85
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017C1C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2F41A6A94B411F082617E85DAE4EC9C.roa
Signing time: Thu 18 Sep 2025 17:28:01 +0000
ROA not before: Thu 18 Sep 2025 17:27:55 +0000
ROA not after: Mon 27 Oct 2025 17:27:55 +0000
asID: 136800
IP address blocks: 156.234.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97308 (0x17c1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 18 17:27:55 2025 GMT
Not After : Oct 27 17:27:55 2025 GMT
Subject: CN=68cc4120-2e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:7b:a8:06:a8:42:e7:77:5b:c2:55:11:ca:ef:
aa:85:63:0f:b8:a6:1d:cf:af:27:d0:5e:94:bc:53:
47:1e:47:3b:2c:c4:74:a4:f0:69:64:57:f0:f9:ee:
7f:eb:ff:1d:67:8c:3d:ab:03:e0:37:a6:57:ad:15:
a5:1e:cc:75:d0:03:18:97:22:89:0d:67:8f:50:5b:
2a:a0:71:e4:97:cb:a0:64:95:e8:5e:fb:84:1e:27:
02:63:90:a8:73:6d:bc:75:0e:4e:7d:7d:8a:01:34:
53:9d:17:4f:f6:61:0d:56:bd:81:d5:49:b5:2e:f9:
97:e8:94:41:e9:0e:d1:b5:a5:67:0d:fb:2a:46:3a:
c7:83:b5:ad:79:c1:14:fa:7b:b8:94:89:3c:d8:7c:
e0:e4:9b:14:5b:50:3b:62:80:17:67:a5:e1:65:05:
b1:18:8c:e3:3c:4c:39:84:2b:1e:9c:15:8b:cd:66:
50:2d:ce:a9:28:99:c2:ed:cd:96:7c:5a:12:10:8c:
19:bd:4a:db:82:27:13:31:90:9e:29:a4:0c:d2:c5:
bb:73:6c:9d:19:f1:6b:c1:02:e6:ba:a4:00:49:2c:
66:55:72:03:a8:73:f7:51:2d:7c:ae:bc:6e:20:10:
bb:69:c4:05:e8:b9:fc:60:ad:b6:02:1e:5c:48:8d:
58:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:2C:F8:85:58:95:26:D8:7C:6F:D1:FA:9C:79:B5:00:73:10:3E:85
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D2F41A6A94B411F082617E85DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.77.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b8:79:1f:fe:c5:79:ea:3d:13:36:82:89:55:42:e6:0a:02:
a9:77:ba:68:72:74:f1:16:cb:c9:ac:5c:ba:c4:15:0a:ce:3a:
96:4b:61:9f:a9:a8:b5:b0:53:61:1a:fd:8b:e1:46:b6:d8:3b:
33:7b:e3:7b:dc:6c:f4:10:51:e3:bc:35:5e:aa:d3:9e:e1:d3:
4f:d8:e4:f2:b6:0a:fa:95:b8:01:76:5f:4e:78:3d:37:04:a4:
64:d7:9e:02:5b:04:c4:28:33:a4:20:34:60:75:54:59:24:02:
42:4c:d1:78:ee:3d:f5:9d:dd:02:82:ee:dd:20:8d:45:de:48:
f2:1b:72:c3:b0:8d:8f:b5:90:bc:0f:82:0e:91:48:a9:a2:6f:
c7:7c:40:5f:e1:9a:45:ae:46:cd:72:4f:92:b9:50:13:cc:25:
98:ca:80:cd:2c:6a:d5:8c:e5:bb:02:ed:88:70:75:93:3c:e5:
0d:78:59:eb:c5:20:fa:c8:1e:2c:09:34:c2:57:a4:2c:7f:56:
07:77:76:41:a1:2e:70:c7:74:65:57:8b:72:77:8c:68:cf:31:
de:d0:52:3b:b6:94:00:03:b1:ec:47:d3:c4:db:d6:ec:01:35:
a2:79:f2:76:93:38:dc:36:cb:85:26:3d:64:1e:26:36:6b:6d:
1b:89:47:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXwcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE4MTcyNzU1WhcNMjUxMDI3MTcyNzU1WjAYMRYw
FAYDVQQDEw02OGNjNDEyMC0yZTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8HuoBqhC53dbwlURyu+qhWMPuKYdz68n0F6UvFNHHkc7LMR0pPBpZFfw
+e5/6/8dZ4w9qwPgN6ZXrRWlHsx10AMYlyKJDWePUFsqoHHkl8ugZJXoXvuEHicC
Y5Coc228dQ5OfX2KATRTnRdP9mENVr2B1Um1LvmX6JRB6Q7RtaVnDfsqRjrHg7Wt
ecEU+nu4lIk82Hzg5JsUW1A7YoAXZ6XhZQWxGIzjPEw5hCsenBWLzWZQLc6pKJnC
7c2WfFoSEIwZvUrbgicTMZCeKaQM0sW7c2ydGfFrwQLmuqQASSxmVXIDqHP3US18
rrxuIBC7acQF6Ln8YK22Ah5cSI1YEwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI4s
+IVYlSbYfG/R+px5tQBzED6FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMkY0MUE2QTk0QjQxMUYwODI2MTdFODVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOpNMA0GCSqGSIb3DQEBCwUA
A4IBAQCiuHkf/sV56j0TNoKJVULmCgKpd7pocnTxFsvJrFy6xBUKzjqWS2Gfqai1
sFNhGv2L4Ua22Dsze+N73Gz0EFHjvDVeqtOe4dNP2OTytgr6lbgBdl9OeD03BKRk
154CWwTEKDOkIDRgdVRZJAJCTNF47j31nd0Cgu7dII1F3kjyG3LDsI2PtZC8D4IO
kUipom/HfEBf4ZpFrkbNck+SuVATzCWYyoDNLGrVjOW7Au2IcHWTPOUNeFnrxSD6
yB4sCTTCV6Qsf1YHd3ZBoS5wx3RlV4tyd4xozzHe0FI7tpQAA7HsR9PE29bsATWi
efJ2kzjcNsuFJj1kHiY2a20biUdn
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:50:56 2025 by rpki-client