Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F62428C6AB5D11F08896049DDAE4EC9C.roa
File: F62428C6AB5D11F08896049DDAE4EC9C.roa (raw, json)
Hash identifier: d71DhVvdsqTKkaI5KAgNUSsTsfr8Y088RFnI5CeXXyg=
Subject key identifier: A0:87:32:B3:41:F0:FC:B1:9C:DB:17:16:09:13:DD:0B:C3:FC:13:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018171
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F62428C6AB5D11F08896049DDAE4EC9C.roa
Signing time: Fri 17 Oct 2025 13:34:10 +0000
ROA not before: Fri 17 Oct 2025 13:34:05 +0000
ROA not after: Mon 24 Nov 2025 13:34:05 +0000
asID: 395886
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98673 (0x18171)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 17 13:34:05 2025 GMT
Not After : Nov 24 13:34:05 2025 GMT
Subject: CN=68f245d2-eb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:ac:79:2d:7b:c3:45:8d:72:68:f9:98:2a:
6d:01:99:f3:81:4c:77:c9:7d:a6:41:77:b1:0c:c3:
b1:da:26:23:35:71:f0:3e:5e:0c:ac:dc:e0:83:9b:
4b:7f:1b:93:20:9b:86:ff:b4:2b:ba:50:dc:a7:70:
76:8a:bb:31:3e:c8:13:6c:5b:96:26:77:6f:30:bc:
d9:e6:7b:53:70:8c:50:8e:2b:6b:97:78:55:93:fa:
bb:89:91:5a:e7:bb:1b:9f:4a:bc:95:49:7a:46:25:
32:fe:49:5c:e4:3c:16:99:7d:43:78:2b:b4:bf:53:
03:9d:9f:40:aa:7d:42:b0:1c:68:20:bd:d4:ac:f5:
3b:c9:c4:6d:8b:b7:fb:7b:4c:3f:82:b4:bf:2d:fc:
32:b0:30:36:5c:81:98:ef:df:eb:cb:00:46:a2:0f:
4c:6d:c2:f0:59:ad:9d:03:2c:a6:d8:d0:63:f8:46:
54:cd:96:5c:b9:a7:83:de:6d:9d:80:bf:bc:c2:a3:
93:de:34:ec:35:56:d8:63:e5:61:3f:b9:78:42:2a:
25:c3:f9:e0:9a:95:aa:2e:67:81:fb:41:fd:f9:73:
86:4a:82:2f:35:0e:cb:1d:ee:17:78:8b:05:cb:e7:
93:62:c9:5a:92:66:60:d8:60:7b:d9:51:13:b3:30:
91:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:87:32:B3:41:F0:FC:B1:9C:DB:17:16:09:13:DD:0B:C3:FC:13:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F62428C6AB5D11F08896049DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.51.255
Signature Algorithm: sha256WithRSAEncryption
0f:14:9d:f4:1e:4d:f0:24:ac:13:31:aa:17:be:9d:6e:85:96:
b6:32:f1:01:fc:64:06:0a:fe:47:49:ad:72:bc:42:bf:64:e9:
6d:7f:65:b9:3d:6d:7e:c7:d1:74:01:44:0b:17:a6:b1:76:37:
f2:94:84:7c:69:9d:44:d7:fe:72:e3:f5:05:d1:7c:7d:de:49:
34:74:4e:b6:1d:07:78:eb:f5:aa:4f:ed:10:3d:76:57:1d:13:
2b:33:8b:87:f2:e4:70:b7:18:d5:29:06:33:a1:94:62:c1:7b:
ca:e0:6d:04:6e:b2:9d:dd:94:2c:57:b8:7b:73:47:2e:7f:43:
24:c1:dd:ad:b3:2b:cf:3c:70:9a:9c:9f:3e:01:f6:55:fd:33:
75:0a:ba:0e:72:f4:49:f3:07:62:de:d5:de:82:24:ca:fe:ab:
27:84:39:d6:9b:68:c1:c3:68:06:7c:e7:e2:08:59:98:d9:96:
d9:cc:4e:b8:ca:54:c0:fc:a5:18:fa:36:65:48:2d:e9:d5:6f:
fd:1a:7c:3f:c9:4e:66:50:ec:76:48:36:4d:dd:5d:dc:ee:e3:
d1:2c:39:b0:5d:b0:2c:d2:07:aa:25:96:2f:bc:8a:3c:33:77:
59:21:b7:14:d1:fb:5f:b6:95:7a:2a:ef:58:62:5f:26:51:95:
ca:d2:6d:72
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAYFxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDE3MTMzNDA1WhcNMjUxMTI0MTMzNDA1WjAYMRYw
FAYDVQQDEw02OGYyNDVkMi1lYjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyUKseS17w0WNcmj5mCptAZnzgUx3yX2mQXexDMOx2iYjNXHwPl4MrNzg
g5tLfxuTIJuG/7QrulDcp3B2irsxPsgTbFuWJndvMLzZ5ntTcIxQjitrl3hVk/q7
iZFa57sbn0q8lUl6RiUy/klc5DwWmX1DeCu0v1MDnZ9Aqn1CsBxoIL3UrPU7ycRt
i7f7e0w/grS/LfwysDA2XIGY79/rywBGog9MbcLwWa2dAyym2NBj+EZUzZZcuaeD
3m2dgL+8wqOT3jTsNVbYY+VhP7l4Qiolw/ngmpWqLmeB+0H9+XOGSoIvNQ7LHe4X
eIsFy+eTYslakmZg2GB72VETszCRDwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKCH
MrNB8PyxnNsXFgkT3QvD/BPTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GNjI0MjhDNkFCNUQxMUYwODg5NjA0OUREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAKc7zAwDQYJKoZI
hvcNAQELBQADggEBAA8UnfQeTfAkrBMxqhe+nW6FlrYy8QH8ZAYK/kdJrXK8Qr9k
6W1/Zbk9bX7H0XQBRAsXprF2N/KUhHxpnUTX/nLj9QXRfH3eSTR0TrYdB3jr9apP
7RA9dlcdEyszi4fy5HC3GNUpBjOhlGLBe8rgbQRusp3dlCxXuHtzRy5/QyTB3a2z
K888cJqcnz4B9lX9M3UKug5y9EnzB2Le1d6CJMr+qyeEOdabaMHDaAZ85+IIWZjZ
ltnMTrjKVMD8pRj6NmVILenVb/0afD/JTmZQ7HZINk3dXdzu49EsObBdsCzSB6ol
li+8ijwzd1khtxTR+1+2lXoq71hiXyZRlcrSbXI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:25 2025 by rpki-client