Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA1F6DDAAF2E11F0A01BBCCDDAE4EC9C.roa
File: FA1F6DDAAF2E11F0A01BBCCDDAE4EC9C.roa (raw, json)
Hash identifier: 0NRh4+5DkrmqcTaiv8rD83SOMmgrv4zBxHpOGp5lqWc=
Subject key identifier: 00:D4:42:1E:83:9F:E7:C2:5C:F4:FE:8C:44:50:0C:CF:7A:F9:AE:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018203
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA1F6DDAAF2E11F0A01BBCCDDAE4EC9C.roa
Signing time: Wed 22 Oct 2025 10:07:55 +0000
ROA not before: Wed 22 Oct 2025 10:07:50 +0000
ROA not after: Fri 28 Nov 2025 10:07:50 +0000
asID: 270169
IP address blocks: 156.252.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 30 Oct 2025 00:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98819 (0x18203)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 22 10:07:50 2025 GMT
Not After : Nov 28 10:07:50 2025 GMT
Subject: CN=68f8acfb-1bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:76:da:36:2e:43:60:a6:9f:64:b5:1a:bf:e8:
28:23:92:ec:10:6f:14:82:42:98:0c:a2:bc:a9:0d:
6b:a5:cb:82:f6:90:05:d7:07:3d:b8:69:07:22:42:
5f:3d:6e:06:3d:43:d1:48:08:72:3c:23:00:2d:50:
d3:a0:52:44:6e:03:2e:18:b9:22:08:1e:25:1c:91:
18:87:47:1d:66:55:c5:a6:e7:3b:bd:2f:17:e2:2d:
d4:b1:1b:5c:7e:74:9b:e4:9c:72:a1:f0:e5:86:77:
dc:d9:96:23:ab:4b:eb:5b:d3:c4:b9:9e:5c:0f:89:
64:bf:f9:e8:78:8f:96:fd:c2:81:a0:4b:c8:c9:a1:
2e:31:21:b7:da:27:98:ec:cc:62:2f:44:ad:9e:50:
35:3a:0a:e3:d4:b2:19:a1:50:84:80:0b:35:2c:d6:
ad:71:6b:03:1d:43:3a:bf:95:5d:2e:c6:4f:8d:85:
cf:98:a5:e4:31:47:9f:5d:99:2c:c3:48:4c:35:7c:
53:75:ae:a1:2e:66:35:ad:4f:64:da:4e:d4:e9:16:
7d:37:40:fe:eb:55:c8:bf:bc:6e:43:03:16:a5:f1:
2a:28:e2:14:72:27:67:e4:15:25:70:e4:4b:18:69:
b4:42:f6:57:2f:34:c3:0c:1b:76:79:b4:0b:5f:4e:
29:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D4:42:1E:83:9F:E7:C2:5C:F4:FE:8C:44:50:0C:CF:7A:F9:AE:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA1F6DDAAF2E11F0A01BBCCDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.9.0/24
Signature Algorithm: sha256WithRSAEncryption
89:66:0f:f7:ba:9c:29:56:92:70:f6:a0:3a:7b:e2:03:e0:79:
d2:5d:f1:36:54:f0:03:55:83:9f:19:1d:21:8a:4e:34:b0:a8:
94:f0:ec:a6:27:9a:6b:fd:8e:63:e8:88:31:1f:93:25:d0:bc:
2d:60:44:64:7d:4f:76:eb:ab:41:66:9b:cb:58:88:90:1b:26:
ef:c1:60:a7:f3:9b:0a:2b:ef:c9:ab:73:02:a2:3d:cb:df:6e:
71:e3:17:2b:e7:a5:69:19:bb:5d:a7:00:6d:d2:64:bb:51:b7:
12:3a:dd:66:e8:d7:48:5d:d3:82:6f:d5:10:99:0f:44:d1:88:
20:6d:ef:fe:87:5f:9c:26:70:bd:78:db:2d:7c:f4:d7:9d:8a:
4f:d8:40:8a:ff:98:e5:72:66:75:e8:92:d0:6d:ee:be:cd:e5:
83:fa:c5:7a:73:5e:52:a1:0c:66:99:3c:91:5e:c8:d0:6b:c9:
cd:1e:72:54:c5:dd:1c:4f:40:00:32:de:0b:e2:d7:e6:8d:a9:
dd:15:17:df:f3:45:d6:c1:29:78:64:57:97:44:57:81:e4:26:
34:63:65:e1:12:3a:f4:cf:d7:c7:87:3d:9e:bf:b8:02:07:d1:
f2:24:96:00:a5:de:64:f3:25:aa:c0:0c:32:85:37:22:54:53:
5f:98:5b:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYIDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIyMTAwNzUwWhcNMjUxMTI4MTAwNzUwWjAYMRYw
FAYDVQQDEw02OGY4YWNmYi0xYmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3baNi5DYKafZLUav+goI5LsEG8UgkKYDKK8qQ1rpcuC9pAF1wc9uGkH
IkJfPW4GPUPRSAhyPCMALVDToFJEbgMuGLkiCB4lHJEYh0cdZlXFpuc7vS8X4i3U
sRtcfnSb5JxyofDlhnfc2ZYjq0vrW9PEuZ5cD4lkv/noeI+W/cKBoEvIyaEuMSG3
2ieY7MxiL0StnlA1Ogrj1LIZoVCEgAs1LNatcWsDHUM6v5VdLsZPjYXPmKXkMUef
XZksw0hMNXxTda6hLmY1rU9k2k7U6RZ9N0D+61XIv7xuQwMWpfEqKOIUcidn5BUl
cORLGGm0QvZXLzTDDBt2ebQLX04pnQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFADU
Qh6Dn+fCXPT+jERQDM96+a4aMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQTFGNkREQUFGMkUxMUYwQTAxQkJDQ0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwJMA0GCSqGSIb3DQEBCwUA
A4IBAQCJZg/3upwpVpJw9qA6e+ID4HnSXfE2VPADVYOfGR0hik40sKiU8OymJ5pr
/Y5j6IgxH5Ml0LwtYERkfU9266tBZpvLWIiQGybvwWCn85sKK+/Jq3MCoj3L325x
4xcr56VpGbtdpwBt0mS7UbcSOt1m6NdIXdOCb9UQmQ9E0Yggbe/+h1+cJnC9eNst
fPTXnYpP2ECK/5jlcmZ16JLQbe6+zeWD+sV6c15SoQxmmTyRXsjQa8nNHnJUxd0c
T0AAMt4L4tfmjandFRff80XWwSl4ZFeXRFeB5CY0Y2XhEjr0z9fHhz2ev7gCB9Hy
JJYApd5k8yWqwAwyhTciVFNfmFti
-----END CERTIFICATE-----
Generated at Tue Oct 28 07:13:52 2025 by rpki-client