Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4659058998311F0B3BD659EDAE4EC9C.roa
File: D4659058998311F0B3BD659EDAE4EC9C.roa (raw, json)
Hash identifier: LpBFk4WxKT7UglNdYPpLJbGxmgyBAF7DZKoPcqHvnyI=
Subject key identifier: 71:D5:D6:1B:FD:17:4B:B6:17:A5:80:C8:2A:12:8C:FC:1C:41:45:05
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D17
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4659058998311F0B3BD659EDAE4EC9C.roa
Signing time: Wed 24 Sep 2025 20:19:53 +0000
ROA not before: Wed 24 Sep 2025 20:19:49 +0000
ROA not after: Tue 04 Nov 2025 20:19:49 +0000
asID: 20326
IP address blocks: 156.246.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97559 (0x17d17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 20:19:49 2025 GMT
Not After : Nov 4 20:19:49 2025 GMT
Subject: CN=68d45269-9d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:57:5c:bc:88:94:5b:80:12:6f:a3:5d:86:c5:
60:7d:f4:f0:40:52:df:76:af:b5:37:34:48:06:07:
71:b4:7c:04:ac:d7:90:ca:e0:59:b5:a5:f1:80:f1:
f1:3b:99:fa:66:62:97:2c:62:f9:2a:5f:66:f7:57:
bd:5a:de:5f:14:5d:36:c4:c4:5c:ba:a9:70:31:99:
e4:c2:e9:4b:b5:ac:28:9e:79:6e:b6:1e:5f:f5:3a:
8b:03:31:15:76:d5:56:ae:43:e7:ba:94:19:40:cb:
8d:d9:0b:c5:05:4e:ed:d3:87:04:25:84:a3:57:4b:
e6:a6:ab:8a:0a:56:3c:a1:57:da:49:56:10:fb:d3:
6b:9f:3b:ec:ec:1b:d2:28:6b:e2:95:44:c8:b3:76:
e7:18:e3:80:a8:af:c5:e7:c7:ea:e9:b7:3a:d8:9f:
36:f3:6d:e1:c6:39:48:88:d4:4e:34:23:0f:31:38:
16:df:66:99:a6:c9:c1:51:4b:a6:86:ff:dc:19:45:
04:33:91:7d:1c:8f:dc:2e:45:08:21:d2:6d:8c:27:
a5:7c:c4:8b:a8:73:1c:65:7a:3b:40:ef:0a:91:3f:
66:a7:79:c7:3a:5c:40:b6:02:ab:35:5a:0b:f6:77:
43:7f:e4:75:39:e1:28:17:74:41:06:d9:c8:ad:05:
11:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D5:D6:1B:FD:17:4B:B6:17:A5:80:C8:2A:12:8C:FC:1C:41:45:05
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4659058998311F0B3BD659EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.30.0/24
Signature Algorithm: sha256WithRSAEncryption
04:36:62:fb:4f:77:20:7b:3e:21:50:20:10:32:e8:99:7c:24:
84:e5:3e:85:e0:88:1c:c2:ce:3a:b7:c6:ec:30:c7:23:1b:de:
71:5e:da:cb:78:02:9e:ff:63:63:19:ee:db:43:02:48:e1:cc:
60:bf:be:fe:e4:da:0d:74:78:d4:09:cd:76:dc:dc:07:66:b4:
e0:e9:34:c7:60:7e:f4:6c:d3:a3:8b:fb:07:8f:09:2a:18:1d:
54:f9:21:cb:02:e7:af:f8:75:36:79:bf:16:d9:3f:f0:8d:9e:
c1:2b:17:7c:f7:df:a4:25:50:b0:60:f9:21:62:85:21:0a:33:
84:0a:b2:39:02:7a:46:f2:52:9d:0b:79:99:dd:22:2a:06:7d:
e6:48:32:fc:88:78:11:23:2a:b5:53:a2:29:25:42:6c:cc:a1:
c0:0c:58:13:06:ee:1a:90:dd:bc:0a:cb:6b:63:95:88:66:2d:
71:6b:6b:cb:db:42:e9:f1:b4:29:97:d5:44:7e:48:95:29:51:
62:62:d5:2c:63:c1:b2:ba:1d:03:2d:eb:29:54:d8:37:11:41:
65:90:31:dd:62:9c:5a:3a:61:c7:45:35:0b:ae:f6:8a:08:10:
39:32:1e:bf:fb:06:0b:6e:25:ac:ce:28:e9:9c:6c:44:85:e7:
6b:b7:62:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX0XMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MjAxOTQ5WhcNMjUxMTA0MjAxOTQ5WjAYMRYw
FAYDVQQDEw02OGQ0NTI2OS05ZDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv1dcvIiUW4ASb6NdhsVgffTwQFLfdq+1NzRIBgdxtHwErNeQyuBZtaXx
gPHxO5n6ZmKXLGL5Kl9m91e9Wt5fFF02xMRcuqlwMZnkwulLtawonnluth5f9TqL
AzEVdtVWrkPnupQZQMuN2QvFBU7t04cEJYSjV0vmpquKClY8oVfaSVYQ+9Nrnzvs
7BvSKGvilUTIs3bnGOOAqK/F58fq6bc62J82823hxjlIiNRONCMPMTgW32aZpsnB
UUumhv/cGUUEM5F9HI/cLkUIIdJtjCelfMSLqHMcZXo7QO8KkT9mp3nHOlxAtgKr
NVoL9ndDf+R1OeEoF3RBBtnIrQUR7wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHHV
1hv9F0u2F6WAyCoSjPwcQUUFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENDY1OTA1ODk5ODMxMUYwQjNCRDY1OUVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYeMA0GCSqGSIb3DQEBCwUA
A4IBAQAENmL7T3cgez4hUCAQMuiZfCSE5T6F4Igcws46t8bsMMcjG95xXtrLeAKe
/2NjGe7bQwJI4cxgv77+5NoNdHjUCc123NwHZrTg6TTHYH70bNOji/sHjwkqGB1U
+SHLAuev+HU2eb8W2T/wjZ7BKxd899+kJVCwYPkhYoUhCjOECrI5AnpG8lKdC3mZ
3SIqBn3mSDL8iHgRIyq1U6IpJUJszKHADFgTBu4akN28CstrY5WIZi1xa2vL20Lp
8bQpl9VEfkiVKVFiYtUsY8Gyuh0DLespVNg3EUFlkDHdYpxaOmHHRTULrvaKCBA5
Mh6/+wYLbiWszijpnGxEhedrt2Ie
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:52:44 2025 by rpki-client