Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14D0B9ACB36911F0B589A0F4DAE4EC9C.roa
File: 14D0B9ACB36911F0B589A0F4DAE4EC9C.roa (raw, json)
Hash identifier: myRgGebMu13TxYoLfmzw+M5OrRJl1dAAll/P2Ymw4yg=
Subject key identifier: E2:2B:6A:48:A3:8C:0E:F4:44:DC:8D:8C:D3:15:BB:78:E1:00:B0:66
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018320
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14D0B9ACB36911F0B589A0F4DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 19:13:57 +0000
ROA not before: Mon 27 Oct 2025 19:13:45 +0000
ROA not after: Mon 01 Dec 2025 19:13:45 +0000
asID: 214238
IP address blocks: 156.239.21.0/24 maxlen: 24
156.239.22.0/24 maxlen: 24
156.241.40.0/24 maxlen: 24
156.241.42.0/24 maxlen: 24
156.241.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99104 (0x18320)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 27 19:13:45 2025 GMT
Not After : Dec 1 19:13:45 2025 GMT
Subject: CN=68ffc475-96bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ff:6a:64:f5:0d:7a:ea:b5:37:ce:1a:5a:be:
51:ad:c4:db:51:b1:db:7b:8f:0e:3b:94:fb:d4:37:
b0:bf:8f:b0:24:65:8a:07:37:15:3c:b9:b6:20:36:
aa:b4:eb:97:a8:f7:19:87:b7:d9:4e:34:6c:47:fe:
57:0d:6b:be:a4:b0:ad:4b:37:9d:cd:d8:f4:eb:78:
ad:8a:51:54:29:46:11:24:50:49:1c:2c:24:7f:d6:
c5:6e:16:30:95:03:65:98:94:3d:e7:4a:47:e4:1e:
d2:88:05:26:30:e6:c3:10:b2:b1:4f:f8:57:f3:98:
ac:24:97:17:46:3b:85:63:97:17:0d:f3:10:e5:1e:
b3:e0:ad:d5:eb:bf:94:d8:af:35:3a:1e:ff:10:22:
47:09:95:21:9e:c6:9b:ac:07:e5:fd:68:7c:bb:41:
eb:2e:55:15:a1:c2:19:6a:9a:c5:8a:01:d7:3a:99:
f1:7f:55:1d:9b:16:8a:c4:08:09:d8:ca:60:a6:28:
b4:ee:a0:32:6d:c7:f3:88:e1:d3:d4:85:64:a4:d6:
af:a5:3d:c0:b1:46:b7:d0:c4:31:56:f8:6e:d0:54:
fd:bf:52:0e:d9:d2:31:3b:c7:32:f0:38:df:79:0b:
de:e6:f9:b6:39:10:be:21:9f:95:5c:96:ac:12:b4:
1a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:2B:6A:48:A3:8C:0E:F4:44:DC:8D:8C:D3:15:BB:78:E1:00:B0:66
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14D0B9ACB36911F0B589A0F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.21.0-156.239.22.255
156.241.40.0/24
156.241.42.0/23
Signature Algorithm: sha256WithRSAEncryption
88:d0:5c:e4:fd:7b:9b:98:d5:83:1b:ed:a7:f9:09:2f:81:fb:
fa:8e:8c:97:03:47:cb:46:7e:68:94:c9:ad:6a:90:46:ad:9c:
fb:a0:0a:8a:35:cc:58:0e:e0:eb:a3:6e:2c:83:fc:1c:67:5f:
39:a1:16:e3:a4:12:14:cb:7c:02:ec:46:e3:80:49:e6:7a:57:
0f:ff:e7:8e:b8:56:06:2c:a0:fd:60:d3:3b:ad:42:c4:d9:6f:
75:0d:f3:f8:d9:e4:70:df:75:5f:0c:a8:45:30:a8:28:1b:2e:
80:12:23:b5:35:56:32:f9:23:cc:87:7a:8b:c1:3b:fe:08:d4:
76:bc:c1:fd:6d:d1:01:13:17:24:08:87:3b:96:7d:ad:8c:f9:
dc:47:10:06:9f:0f:81:cb:f1:83:09:d7:21:19:36:61:7e:b2:
fb:60:f7:f9:c0:21:3c:12:16:e0:6d:1f:ff:a6:87:eb:2a:6d:
c2:42:6c:04:86:da:6d:01:c0:7f:d3:06:dd:18:19:b1:f5:ae:
86:41:b8:76:f4:c9:4e:7f:23:e5:8a:31:55:65:60:9f:4b:df:
6e:11:c3:43:54:5c:55:1a:92:ff:90:7c:d7:20:5a:f9:4a:f3:
08:84:99:5b:85:22:81:e1:45:fc:36:41:38:ae:03:34:0a:77:
5c:33:7f:b7
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAYMgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI3MTkxMzQ1WhcNMjUxMjAxMTkxMzQ1WjAYMRYw
FAYDVQQDEw02OGZmYzQ3NS05NmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuv9qZPUNeuq1N84aWr5RrcTbUbHbe48OO5T71Dewv4+wJGWKBzcVPLm2
IDaqtOuXqPcZh7fZTjRsR/5XDWu+pLCtSzedzdj063itilFUKUYRJFBJHCwkf9bF
bhYwlQNlmJQ950pH5B7SiAUmMObDELKxT/hX85isJJcXRjuFY5cXDfMQ5R6z4K3V
67+U2K81Oh7/ECJHCZUhnsabrAfl/Wh8u0HrLlUVocIZaprFigHXOpnxf1UdmxaK
xAgJ2Mpgpii07qAybcfziOHT1IVkpNavpT3AsUa30MQxVvhu0FT9v1IO2dIxO8cy
8DjfeQve5vm2ORC+IZ+VXJasErQa2QIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOIr
akijjA70RNyNjNMVu3jhALBmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNEQwQjlBQ0IzNjkxMUYwQjU4OUEwRjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACc7xUDBACc7xYDBACc8SgD
BAGc8SowDQYJKoZIhvcNAQELBQADggEBAIjQXOT9e5uY1YMb7af5CS+B+/qOjJcD
R8tGfmiUya1qkEatnPugCoo1zFgO4OujbiyD/BxnXzmhFuOkEhTLfALsRuOASeZ6
Vw//5464VgYsoP1g0zutQsTZb3UN8/jZ5HDfdV8MqEUwqCgbLoASI7U1VjL5I8yH
eovBO/4I1Ha8wf1t0QETFyQIhzuWfa2M+dxHEAafD4HL8YMJ1yEZNmF+svtg9/nA
ITwSFuBtH/+mh+sqbcJCbASG2m0BwH/TBt0YGbH1roZBuHb0yU5/I+WKMVVlYJ9L
324Rw0NUXFUakv+QfNcgWvlK8wiEmVuFIoHhRfw2QTiuAzQKd1wzf7c=
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:30 2025 by rpki-client