Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9E32E1A910811F0B7F8F2B7DAE4EC9C.roa
File: D9E32E1A910811F0B7F8F2B7DAE4EC9C.roa (raw, json)
Hash identifier: qnw6govDOp84GCCV6rul3XzvGPRAUqTJTNwrDgsDdSA=
Subject key identifier: 23:59:55:E6:70:07:0F:CF:A5:93:DD:A5:21:90:BB:34:B7:3E:A6:80
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017B10
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9E32E1A910811F0B7F8F2B7DAE4EC9C.roa
Signing time: Sun 14 Sep 2025 01:19:25 +0000
ROA not before: Sun 14 Sep 2025 01:19:18 +0000
ROA not after: Sat 06 Dec 2025 01:19:18 +0000
asID: 149440
IP address blocks: 156.225.64.0/24 maxlen: 24
156.227.0.0/24 maxlen: 24
156.235.89.0/24 maxlen: 24
156.236.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97040 (0x17b10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 14 01:19:18 2025 GMT
Not After : Dec 6 01:19:18 2025 GMT
Subject: CN=68c6181d-7f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:4a:94:82:d5:e9:20:aa:b1:ab:e7:6e:97:
c6:a1:98:8e:77:98:76:88:fa:b4:4f:68:30:39:12:
65:d2:36:61:54:ad:05:b7:03:8f:8a:0a:67:a0:f4:
43:81:46:da:2e:ed:e7:db:5d:0b:d9:9d:dd:29:da:
b2:0e:f2:53:76:ff:b3:f0:32:2c:da:69:87:7e:75:
53:c6:2b:4d:98:0e:cd:a2:01:e8:e3:ab:2b:e3:8a:
4c:d2:b5:aa:e0:8e:ba:f5:35:11:18:05:a2:76:31:
0d:97:64:55:4a:f2:2c:ed:2a:38:95:3d:48:2c:2a:
1b:01:03:06:f7:26:00:b1:7a:e6:84:67:a9:08:5e:
da:4e:cd:ad:01:44:fe:b3:b2:5d:4d:29:19:b1:1f:
f7:87:61:95:64:f8:5d:2c:8c:db:c8:10:8b:58:f9:
a9:49:fb:ea:6a:1e:fe:f2:cd:73:3e:be:d7:8d:37:
97:c0:87:58:60:8f:6c:2a:ef:38:64:f6:67:6b:09:
3a:46:3d:2e:23:b7:11:0e:5c:98:bb:16:c6:1b:d3:
6d:6c:27:cc:a1:4a:b9:df:16:95:c8:1c:6f:6d:2e:
d4:55:9e:27:3f:c5:71:73:e3:42:bc:d2:db:cc:64:
3d:cf:4e:04:aa:22:4f:30:c3:d9:7c:d7:d1:23:54:
53:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:59:55:E6:70:07:0F:CF:A5:93:DD:A5:21:90:BB:34:B7:3E:A6:80
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D9E32E1A910811F0B7F8F2B7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.64.0/24
156.227.0.0/24
156.235.89.0/24
156.236.76.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:24:89:66:98:1d:57:1b:8d:51:06:f0:25:f5:06:af:7b:7a:
18:6a:70:a2:b7:fd:bf:f1:a3:11:a2:31:0e:79:f1:66:60:97:
ff:9b:8c:d8:58:4e:65:75:bd:f3:c8:3f:10:be:4e:8d:87:06:
8a:75:8c:14:6e:aa:ec:f9:cf:79:3b:ca:a0:18:37:71:02:6c:
ae:40:4f:49:a0:a1:2b:c6:b6:77:b4:41:95:55:16:c1:12:9b:
45:f5:02:76:b0:e2:62:fb:6e:bd:e7:3c:d5:08:3d:3b:ee:4d:
f0:d3:4f:51:dd:6d:45:3d:cf:a9:55:35:31:bf:53:5d:55:de:
a5:2f:23:3d:fd:14:66:7f:c8:56:cc:f1:a8:72:01:86:3b:37:
c0:7d:18:bb:8b:96:36:8e:f9:00:f9:8a:57:52:df:fe:02:3b:
1f:6a:9a:63:b4:0c:29:85:f1:a4:39:3d:1d:19:b9:01:23:f4:
d1:53:ef:10:e7:0d:a9:07:43:16:92:ec:32:c3:be:f8:26:f6:
32:0a:15:23:16:28:b3:83:3b:1a:b6:07:8c:ed:9b:49:a0:84:
3c:a3:2a:a6:db:29:b1:4d:41:7a:07:58:dd:95:e1:52:27:e9:
09:25:e2:4e:be:8d:e7:ce:38:ee:8a:a8:55:0c:ea:ec:a9:77:
a0:5b:8c:51
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAXsQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE0MDExOTE4WhcNMjUxMjA2MDExOTE4WjAYMRYw
FAYDVQQDEw02OGM2MTgxZC03ZjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApjhKlILV6SCqsavnbpfGoZiOd5h2iPq0T2gwORJl0jZhVK0FtwOPigpn
oPRDgUbaLu3n210L2Z3dKdqyDvJTdv+z8DIs2mmHfnVTxitNmA7NogHo46sr44pM
0rWq4I669TURGAWidjENl2RVSvIs7So4lT1ILCobAQMG9yYAsXrmhGepCF7aTs2t
AUT+s7JdTSkZsR/3h2GVZPhdLIzbyBCLWPmpSfvqah7+8s1zPr7XjTeXwIdYYI9s
Ku84ZPZnawk6Rj0uI7cRDlyYuxbGG9NtbCfMoUq53xaVyBxvbS7UVZ4nP8Vxc+NC
vNLbzGQ9z04EqiJPMMPZfNfRI1RTnQIDAQABo4ICtDCCArAwHQYDVR0OBBYEFCNZ
VeZwBw/PpZPdpSGQuzS3PqaAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EOUUzMkUxQTkxMDgxMUYwQjdGOEYyQjdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnOFAAwQAnOMAAwQAnOtZAwQA
nOxMMA0GCSqGSIb3DQEBCwUAA4IBAQCdJIlmmB1XG41RBvAl9Qave3oYanCit/2/
8aMRojEOefFmYJf/m4zYWE5ldb3zyD8Qvk6NhwaKdYwUbqrs+c95O8qgGDdxAmyu
QE9JoKErxrZ3tEGVVRbBEptF9QJ2sOJi+2695zzVCD077k3w009R3W1FPc+pVTUx
v1NdVd6lLyM9/RRmf8hWzPGocgGGOzfAfRi7i5Y2jvkA+YpXUt/+AjsfappjtAwp
hfGkOT0dGbkBI/TRU+8Q5w2pB0MWkuwyw774JvYyChUjFiizgzsatgeM7ZtJoIQ8
oyqm2ymxTUF6B1jdleFSJ+kJJeJOvo3nzjjuiqhVDOrsqXegW4xR
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:57 2025 by rpki-client