Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF880C7899F011F0B8FB29EFDAE4EC9C.roa
File: DF880C7899F011F0B8FB29EFDAE4EC9C.roa (raw, json)
Hash identifier: 0Mf0TxCkiAOXk5VKoXrBWPAxpIIQ97/NZyMuqTDFU5c=
Subject key identifier: C1:A0:31:5A:A3:2A:72:A7:51:2A:D8:A8:AC:B8:D8:AD:44:45:B5:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF880C7899F011F0B8FB29EFDAE4EC9C.roa
Signing time: Thu 25 Sep 2025 09:20:27 +0000
ROA not before: Thu 25 Sep 2025 09:20:22 +0000
ROA not after: Wed 26 Nov 2025 09:20:22 +0000
asID: 138915
IP address blocks: 156.225.117.0/24 maxlen: 24
156.227.193.0/24 maxlen: 24
156.229.51.0/24 maxlen: 24
156.229.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97602 (0x17d42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 25 09:20:22 2025 GMT
Not After : Nov 26 09:20:22 2025 GMT
Subject: CN=68d5095b-cb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2e:d7:22:19:d0:bb:5a:4d:60:08:b2:7a:2e:
99:93:50:a4:1d:21:83:bc:3d:71:8a:1f:5a:ad:09:
bd:5a:04:b3:8b:d1:b8:27:3d:48:d8:4d:e1:de:22:
11:bb:76:0b:65:0e:00:71:74:0e:a0:01:31:1d:4f:
4c:d1:ec:a9:eb:a7:fc:58:d4:ea:29:1c:65:44:64:
32:5b:5f:db:0f:3c:2f:5d:e4:de:c0:2e:61:c2:e2:
e0:6d:ef:a2:75:cd:11:22:f2:90:d5:45:c7:25:cc:
4b:60:88:00:c4:61:86:21:94:00:29:b4:c3:c7:03:
13:f5:3e:df:2c:47:bd:e6:c1:42:d8:41:05:3f:f1:
72:a1:35:58:b5:97:04:3b:e9:38:d7:14:63:e9:3a:
ed:80:58:bb:56:77:e1:c2:be:69:6b:49:22:2e:96:
2b:06:d6:29:ec:85:ec:65:40:2e:17:65:6b:37:dd:
08:f9:43:6e:ed:af:e9:0d:84:7f:42:2b:37:6a:fd:
77:3f:12:d1:36:b8:6c:8a:51:7b:53:11:a9:40:b5:
24:34:59:24:7a:2a:8e:5a:32:01:6e:63:cf:31:32:
dd:1e:fe:c6:9a:0c:6a:2d:e8:c1:c8:af:f6:5c:c4:
f2:6b:4d:c4:3d:b9:44:bf:b0:25:39:b3:62:30:ba:
cd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:A0:31:5A:A3:2A:72:A7:51:2A:D8:A8:AC:B8:D8:AD:44:45:B5:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF880C7899F011F0B8FB29EFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.117.0/24
156.227.193.0/24
156.229.51.0/24
156.229.64.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:b2:bd:56:51:56:46:e7:0d:a0:b1:fe:6c:76:ef:1c:7c:05:
05:94:53:f2:23:8b:e9:d4:ca:2e:3b:a7:af:97:8b:6c:f6:6b:
19:1a:2a:58:f4:f8:54:f3:32:ac:4e:3c:a1:aa:0b:89:3d:3c:
2d:7f:92:05:35:3a:63:66:60:a9:41:20:22:9f:96:f3:0d:87:
df:d0:1f:28:47:df:66:f1:cd:ab:3c:35:f1:03:40:15:d2:7d:
53:96:ef:07:f8:5d:06:d6:19:8c:d5:a8:bb:aa:22:97:2b:e7:
a9:1d:22:34:7e:af:2a:74:b9:64:d5:7c:fe:fc:f2:a0:8b:d7:
1f:6c:7d:0f:5d:00:fb:47:62:c6:27:25:2f:8e:53:05:3a:3a:
dd:ee:11:52:38:79:4a:48:43:16:21:41:36:04:83:7e:40:c9:
0c:f7:af:c2:2f:67:ce:b5:be:8e:8c:f3:73:2d:fb:8a:33:51:
f1:8a:de:94:8f:3e:27:9e:92:7c:36:ae:80:4f:43:1f:d2:a8:
2c:ed:c6:19:11:18:f2:cb:76:ce:0f:6b:0f:33:ed:c7:9f:4a:
8f:09:50:46:45:52:fd:6e:16:74:b4:1c:c9:1d:27:e5:5e:ba:
57:be:5b:14:0c:94:95:d5:e2:81:c8:19:ab:41:7d:12:5e:79:
5b:31:07:b5
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAX1CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI1MDkyMDIyWhcNMjUxMTI2MDkyMDIyWjAYMRYw
FAYDVQQDEw02OGQ1MDk1Yi1jYjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAti7XIhnQu1pNYAiyei6Zk1CkHSGDvD1xih9arQm9WgSzi9G4Jz1I2E3h
3iIRu3YLZQ4AcXQOoAExHU9M0eyp66f8WNTqKRxlRGQyW1/bDzwvXeTewC5hwuLg
be+idc0RIvKQ1UXHJcxLYIgAxGGGIZQAKbTDxwMT9T7fLEe95sFC2EEFP/FyoTVY
tZcEO+k41xRj6TrtgFi7Vnfhwr5pa0kiLpYrBtYp7IXsZUAuF2VrN90I+UNu7a/p
DYR/Qis3av13PxLRNrhsilF7UxGpQLUkNFkkeiqOWjIBbmPPMTLdHv7GmgxqLejB
yK/2XMTya03EPblEv7AlObNiMLrNWwIDAQABo4ICtDCCArAwHQYDVR0OBBYEFMGg
MVqjKnKnUSrYqKy42K1ERbUwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjg4MEM3ODk5RjAxMUYwQjhGQjI5RUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAnOF1AwQAnOPBAwQAnOUzAwQA
nOVAMA0GCSqGSIb3DQEBCwUAA4IBAQCcsr1WUVZG5w2gsf5sdu8cfAUFlFPyI4vp
1MouO6evl4ts9msZGipY9PhU8zKsTjyhqguJPTwtf5IFNTpjZmCpQSAin5bzDYff
0B8oR99m8c2rPDXxA0AV0n1Tlu8H+F0G1hmM1ai7qiKXK+epHSI0fq8qdLlk1Xz+
/PKgi9cfbH0PXQD7R2LGJyUvjlMFOjrd7hFSOHlKSEMWIUE2BIN+QMkM96/CL2fO
tb6OjPNzLfuKM1Hxit6Ujz4nnpJ8Nq6AT0Mf0qgs7cYZERjyy3bOD2sPM+3Hn0qP
CVBGRVL9bhZ0tBzJHSflXrpXvlsUDJSV1eKByBmrQX0SXnlbMQe1
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:12 2025 by rpki-client