Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D904539E896911F0BA8764A9DAE4EC9C.roa
File: D904539E896911F0BA8764A9DAE4EC9C.roa (raw, json)
Hash identifier: 0Y1PUmSUWBzgUMQ9s2G4DyqAqReqOfzoHN0JJcg/pcI=
Subject key identifier: 01:4A:D6:1F:C1:D7:13:21:49:E5:98:E1:DB:84:05:22:EA:F8:1F:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017841
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D904539E896911F0BA8764A9DAE4EC9C.roa
Signing time: Thu 04 Sep 2025 08:33:36 +0000
ROA not before: Thu 04 Sep 2025 08:33:30 +0000
ROA not after: Mon 13 Oct 2025 08:33:30 +0000
asID: 18046
IP address blocks: 156.236.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 09 Sep 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96321 (0x17841)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 4 08:33:30 2025 GMT
Not After : Oct 13 08:33:30 2025 GMT
Subject: CN=68b94ee0-ac61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:df:7a:47:02:a4:47:0b:f0:4e:d9:f7:e4:
4a:c7:63:f0:6c:c4:d8:50:35:08:0f:c6:eb:ca:96:
6e:65:46:0f:38:26:d4:e6:d1:f1:78:63:b4:b9:26:
62:41:91:b5:e0:bf:cd:02:09:95:50:9f:0b:e8:45:
41:29:dd:f8:e0:c5:f5:8b:d3:7e:23:1a:8d:92:33:
c9:6c:fc:57:cf:1c:d3:74:35:df:db:84:aa:4c:c5:
6a:d0:8f:57:56:6c:b4:27:53:a8:60:2f:18:3b:d6:
12:27:70:20:0b:f1:0a:1b:d0:9d:23:4b:b0:7f:fd:
72:74:78:54:c5:b2:ec:09:6a:58:49:49:8a:c4:b7:
4c:c1:b8:01:9e:40:cd:a3:d3:c4:29:6a:7f:0b:3c:
fc:49:fd:50:db:84:45:b7:61:39:9d:99:32:b6:52:
57:b9:08:58:2c:22:4f:74:b4:74:ee:8e:a7:97:0f:
fb:66:0e:dc:cb:5b:6f:dd:18:7c:4b:eb:7c:d6:8b:
08:62:e3:e3:f1:9b:06:ab:37:91:13:09:35:6e:b8:
ba:4d:a3:7c:b6:05:68:58:40:a4:87:d9:44:d2:e5:
7c:1a:4f:0c:e2:24:b0:a8:53:8b:02:68:c1:d8:c6:
f2:28:77:7f:72:a2:3e:05:44:63:ed:3d:4f:8b:b1:
92:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:4A:D6:1F:C1:D7:13:21:49:E5:98:E1:DB:84:05:22:EA:F8:1F:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D904539E896911F0BA8764A9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.13.0/24
Signature Algorithm: sha256WithRSAEncryption
52:18:02:c7:78:0e:01:aa:ec:a2:b1:0a:b2:bb:96:4e:33:00:
a6:3d:0b:54:f8:77:b7:43:0e:91:4b:b8:6e:ee:be:e5:a6:2e:
da:68:89:91:ac:03:59:47:6f:02:68:41:7f:d6:5c:05:f1:64:
bd:2a:0b:52:e0:90:23:d8:6d:40:cf:35:37:26:30:71:56:bf:
66:05:70:e2:e1:32:63:17:ce:0e:f4:d6:7e:c8:8b:f5:6c:ea:
c9:60:cd:66:68:10:1b:76:99:2b:4c:f9:39:db:28:ca:cb:37:
ce:83:3b:dd:ad:71:32:01:e9:ec:cc:65:4a:2d:bb:c3:bd:e0:
a6:2e:a1:8e:10:34:66:3a:fc:de:d0:ed:f9:ff:65:93:e9:0d:
c5:ab:60:1b:56:88:63:87:4f:3e:7d:7c:a6:de:15:08:eb:cc:
3d:b7:f1:83:a6:8a:8a:dc:80:6a:f5:8e:de:05:02:ee:41:03:
10:72:8b:d0:09:7d:0a:d3:29:fb:87:7e:de:22:d1:64:ae:f4:
a0:bd:4d:a2:ca:33:30:b6:bb:fe:30:65:5c:7b:a3:79:3f:b7:
8c:38:cb:83:27:57:3d:cb:3c:98:28:dd:f7:2f:52:fc:dd:43:
50:54:21:eb:92:81:02:2c:84:3e:1b:8f:ba:a9:97:4d:62:e7:
78:64:71:6f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXhBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA0MDgzMzMwWhcNMjUxMDEzMDgzMzMwWjAYMRYw
FAYDVQQDEw02OGI5NGVlMC1hYzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3BDfekcCpEcL8E7Z9+RKx2PwbMTYUDUID8brypZuZUYPOCbU5tHxeGO0
uSZiQZG14L/NAgmVUJ8L6EVBKd344MX1i9N+IxqNkjPJbPxXzxzTdDXf24SqTMVq
0I9XVmy0J1OoYC8YO9YSJ3AgC/EKG9CdI0uwf/1ydHhUxbLsCWpYSUmKxLdMwbgB
nkDNo9PEKWp/Czz8Sf1Q24RFt2E5nZkytlJXuQhYLCJPdLR07o6nlw/7Zg7cy1tv
3Rh8S+t81osIYuPj8ZsGqzeREwk1bri6TaN8tgVoWECkh9lE0uV8Gk8M4iSwqFOL
AmjB2MbyKHd/cqI+BURj7T1Pi7GS2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAFK
1h/B1xMhSeWY4duEBSLq+B/ZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOTA0NTM5RTg5NjkxMUYwQkE4NzY0QTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwNMA0GCSqGSIb3DQEBCwUA
A4IBAQBSGALHeA4BquyisQqyu5ZOMwCmPQtU+He3Qw6RS7hu7r7lpi7aaImRrANZ
R28CaEF/1lwF8WS9KgtS4JAj2G1AzzU3JjBxVr9mBXDi4TJjF84O9NZ+yIv1bOrJ
YM1maBAbdpkrTPk52yjKyzfOgzvdrXEyAenszGVKLbvDveCmLqGOEDRmOvze0O35
/2WT6Q3Fq2AbVohjh08+fXym3hUI68w9t/GDpoqK3IBq9Y7eBQLuQQMQcovQCX0K
0yn7h37eItFkrvSgvU2iyjMwtrv+MGVce6N5P7eMOMuDJ1c9yzyYKN33L1L83UNQ
VCHrkoECLIQ+G4+6qZdNYud4ZHFv
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:41:15 2025 by rpki-client