Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13E845B2B8A211F0893CFCD5DAE4EC9C.roa
File: 13E845B2B8A211F0893CFCD5DAE4EC9C.roa (raw, json)
Hash identifier: ZgOFw9MGrgpB1VnemoSkaMq6J07WKqPgubg9eght18k=
Subject key identifier: 9E:0E:F8:D5:E7:A7:D3:0F:CF:1B:4B:5A:E1:21:F0:ED:AD:0F:EF:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01849B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13E845B2B8A211F0893CFCD5DAE4EC9C.roa
Signing time: Mon 03 Nov 2025 10:44:31 +0000
ROA not before: Mon 03 Nov 2025 10:44:26 +0000
ROA not after: Wed 10 Dec 2025 10:44:26 +0000
asID: 137899
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99483 (0x1849b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 3 10:44:26 2025 GMT
Not After : Dec 10 10:44:26 2025 GMT
Subject: CN=6908878f-f6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:71:9e:00:ba:8e:ce:4e:a5:b0:59:b7:f7:48:
0c:36:f5:28:88:db:91:cb:b5:a7:ef:02:97:f9:31:
95:2b:44:c0:46:33:df:9e:67:73:3b:b6:87:2d:8f:
ad:43:c1:a9:43:bf:94:6d:7c:5f:ce:0b:a9:6a:a3:
08:d8:d2:15:21:17:05:b8:73:b5:53:87:c4:c3:e1:
71:92:e1:d2:78:d2:a5:bc:8e:63:99:3e:af:fa:1b:
88:1f:13:c6:85:36:46:88:6f:11:05:65:9e:3d:38:
a0:9e:42:00:5f:a8:44:1f:e9:df:d4:84:d4:b1:48:
bc:a5:a3:d5:90:8b:b9:dc:cb:24:b3:6d:b8:2c:b0:
ad:3d:74:5b:c9:a9:1d:31:5b:bf:0f:29:bb:b9:cf:
fe:b1:fa:ea:dc:e0:d6:a7:61:22:7f:6d:9e:de:de:
53:da:c4:28:a1:74:11:29:7c:2e:8b:4b:c5:03:e9:
4e:b1:e2:4e:a2:f2:dc:67:e1:78:5a:9d:49:42:e5:
da:6a:c6:33:68:02:10:ab:2e:65:0d:01:6e:0e:0f:
be:28:c1:20:1f:3a:4f:d3:19:c3:ce:79:ec:85:7e:
46:62:bb:e6:c5:24:1e:1d:a4:d0:8e:4c:63:66:83:
c9:51:64:a0:de:96:61:6d:bd:5b:32:19:42:8b:a9:
87:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:0E:F8:D5:E7:A7:D3:0F:CF:1B:4B:5A:E1:21:F0:ED:AD:0F:EF:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13E845B2B8A211F0893CFCD5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
34:2d:96:66:4c:de:c2:aa:c8:9c:f5:f7:69:6f:b2:4a:05:7e:
a2:0f:09:fa:de:79:6a:5b:8e:5a:a8:46:09:9e:ac:8c:4d:8c:
14:7b:ac:58:01:0f:25:fb:8f:40:4b:5e:68:50:24:ef:92:c0:
b7:ee:34:bc:c1:c6:fb:56:ea:28:09:3e:6b:37:94:9f:11:e7:
2a:4b:f8:db:69:b6:25:a6:a2:8a:a0:c8:c3:8b:ee:6c:0e:42:
fb:b4:6f:28:1b:e0:c0:93:fa:ae:50:c5:d8:89:54:84:8e:04:
95:76:c7:83:b8:c8:61:ed:ce:5e:4b:2d:8f:15:18:04:a5:4d:
e1:ee:b9:fe:af:d0:eb:42:77:d5:d7:92:dc:81:1d:f4:04:69:
2b:0e:0a:af:20:d2:8c:71:f2:61:6f:16:d8:8f:2f:a5:84:1b:
e1:68:b8:9a:65:8f:12:4d:95:32:ba:55:f7:ee:a3:38:65:b4:
8b:69:66:38:45:31:0c:a2:86:ba:34:d6:33:68:76:fc:cd:72:
26:21:c5:ae:04:80:53:dd:d4:84:35:5f:6e:6f:9f:38:ed:cf:
43:0d:aa:b0:8f:e3:d3:4d:fb:54:b9:fb:33:0f:3f:35:fd:68:
eb:61:6a:78:cf:a6:02:83:4e:66:14:41:4d:d8:0f:2b:b0:64:
00:43:98:d1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYSbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMTAzMTA0NDI2WhcNMjUxMjEwMTA0NDI2WjAYMRYw
FAYDVQQDEw02OTA4ODc4Zi1mNmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzXGeALqOzk6lsFm390gMNvUoiNuRy7Wn7wKX+TGVK0TARjPfnmdzO7aH
LY+tQ8GpQ7+UbXxfzgupaqMI2NIVIRcFuHO1U4fEw+FxkuHSeNKlvI5jmT6v+huI
HxPGhTZGiG8RBWWePTignkIAX6hEH+nf1ITUsUi8paPVkIu53Msks224LLCtPXRb
yakdMVu/Dym7uc/+sfrq3ODWp2Eif22e3t5T2sQooXQRKXwui0vFA+lOseJOovLc
Z+F4Wp1JQuXaasYzaAIQqy5lDQFuDg++KMEgHzpP0xnDznnshX5GYrvmxSQeHaTQ
jkxjZoPJUWSg3pZhbb1bMhlCi6mHpwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ4O
+NXnp9MPzxtLWuEh8O2tD+/qMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xM0U4NDVCMkI4QTIxMUYwODkzQ0ZDRDVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQA0LZZmTN7Cqsic9fdpb7JKBX6iDwn63nlqW45aqEYJnqyMTYwUe6xYAQ8l
+49AS15oUCTvksC37jS8wcb7VuooCT5rN5SfEecqS/jbabYlpqKKoMjDi+5sDkL7
tG8oG+DAk/quUMXYiVSEjgSVdseDuMhh7c5eSy2PFRgEpU3h7rn+r9DrQnfV15Lc
gR30BGkrDgqvINKMcfJhbxbYjy+lhBvhaLiaZY8STZUyulX37qM4ZbSLaWY4RTEM
ooa6NNYzaHb8zXImIcWuBIBT3dSENV9ub5847c9DDaqwj+PTTftUufszDz81/Wjr
YWp4z6YCg05mFEFN2A8rsGQAQ5jR
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:41:01 2025 by rpki-client