Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/195FC24CB93B11F08C3A7997DAE4EC9C.roa
File: 195FC24CB93B11F08C3A7997DAE4EC9C.roa (raw, json)
Hash identifier: nBm+NxT0+g/2Tw7daBlXQr7DzIEqDJcjWDtIjUjlkCc=
Subject key identifier: 12:8C:8E:F1:AE:87:F1:01:F2:D5:05:82:83:B6:2A:F2:8B:40:0D:C1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0184C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/195FC24CB93B11F08C3A7997DAE4EC9C.roa
Signing time: Tue 04 Nov 2025 04:59:53 +0000
ROA not before: Tue 04 Nov 2025 04:59:44 +0000
ROA not after: Tue 09 Dec 2025 04:59:44 +0000
asID: 200373
IP address blocks: 156.249.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99526 (0x184c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 4 04:59:44 2025 GMT
Not After : Dec 9 04:59:44 2025 GMT
Subject: CN=69098849-73b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8d:b9:5b:32:1f:d9:6e:21:ca:e9:80:48:1a:
15:76:d2:06:81:f5:0c:2b:7b:78:ec:72:a9:7f:c2:
c4:bf:f7:ff:e9:68:ac:49:4f:0e:4d:32:54:6d:3d:
41:e9:15:18:c8:0d:3a:b5:e8:50:78:44:6d:d9:81:
0d:0c:15:90:1a:31:68:25:93:e2:91:12:0e:e7:aa:
68:5c:13:27:18:b4:82:f8:ef:aa:b5:b5:09:03:01:
b4:53:b1:2f:dc:cd:c3:c8:48:20:06:1e:92:1b:20:
80:a9:45:85:ce:d9:75:d0:f0:0c:0d:d3:6d:3b:1f:
19:57:76:82:91:e7:83:89:97:0d:46:e9:63:95:3d:
18:6b:eb:e3:d4:ae:33:28:a3:83:6f:8c:60:f5:5b:
24:94:d7:ed:d0:9a:60:ec:c1:7f:c0:8d:4f:50:7b:
cf:4b:72:bd:9f:98:b8:9a:00:b4:2d:46:04:35:01:
e4:e9:53:92:66:51:c9:7f:98:ac:db:58:ba:74:2b:
77:90:fe:9d:e3:2a:e9:25:72:01:2b:ec:35:6f:f8:
04:88:81:2e:1e:9b:95:2c:7d:74:87:25:83:23:bd:
df:fb:3e:99:ba:42:3e:cd:54:ce:42:46:14:24:ed:
64:4b:05:14:73:32:53:e1:4d:32:3e:92:b7:3f:52:
08:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8C:8E:F1:AE:87:F1:01:F2:D5:05:82:83:B6:2A:F2:8B:40:0D:C1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/195FC24CB93B11F08C3A7997DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.124.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:04:5e:0c:c4:a1:70:bd:49:5f:88:4b:ff:7b:a4:e9:bd:86:
85:98:67:a7:4f:56:02:49:2b:49:bf:10:75:d9:02:2d:ea:63:
a0:e4:fd:e0:5d:36:f0:3d:b5:96:13:17:ea:53:09:0c:86:b2:
f3:c3:0d:98:8b:f6:a6:ca:8f:f0:b6:66:ac:bd:67:8e:2d:4d:
81:15:56:04:c7:ca:d3:f8:88:88:ec:09:40:55:3a:ba:99:b7:
00:0d:05:62:5c:c1:aa:70:93:c2:0a:89:9e:91:64:2e:02:c9:
18:63:9d:da:7c:a1:a0:4d:8f:4a:00:fc:38:28:b1:63:48:3a:
81:3e:61:db:ba:fa:e2:7d:50:c6:e8:7d:3a:a2:bd:3b:27:7f:
e4:e7:b5:cc:f5:f9:1a:3b:88:35:98:fb:a8:44:ab:2e:32:ca:
0d:2b:b5:f3:8f:22:fe:64:8e:10:86:23:c4:9c:64:35:e5:5d:
b6:a4:54:eb:29:2e:2a:6e:2d:d3:09:12:66:10:87:f1:b0:df:
b7:27:77:c5:d1:07:f4:c4:b7:fb:61:dc:86:f3:6f:a6:69:3c:
33:82:5a:0e:45:56:a5:14:93:4c:21:7b:fe:f3:51:1d:b7:01:
4f:4d:22:61:4e:52:7a:23:f2:b3:dd:f0:00:0c:8d:c6:34:ea:
23:20:7c:91
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYTGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMTA0MDQ1OTQ0WhcNMjUxMjA5MDQ1OTQ0WjAYMRYw
FAYDVQQDEw02OTA5ODg0OS03M2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyI25WzIf2W4hyumASBoVdtIGgfUMK3t47HKpf8LEv/f/6WisSU8OTTJU
bT1B6RUYyA06tehQeERt2YENDBWQGjFoJZPikRIO56poXBMnGLSC+O+qtbUJAwG0
U7Ev3M3DyEggBh6SGyCAqUWFztl10PAMDdNtOx8ZV3aCkeeDiZcNRuljlT0Ya+vj
1K4zKKODb4xg9VsklNft0Jpg7MF/wI1PUHvPS3K9n5i4mgC0LUYENQHk6VOSZlHJ
f5is21i6dCt3kP6d4yrpJXIBK+w1b/gEiIEuHpuVLH10hyWDI73f+z6ZukI+zVTO
QkYUJO1kSwUUczJT4U0yPpK3P1IIOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBKM
jvGuh/EB8tUFgoO2KvKLQA3BMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xOTVGQzI0Q0I5M0IxMUYwOEMzQTc5OTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPl8MA0GCSqGSIb3DQEBCwUA
A4IBAQBLBF4MxKFwvUlfiEv/e6TpvYaFmGenT1YCSStJvxB12QIt6mOg5P3gXTbw
PbWWExfqUwkMhrLzww2Yi/amyo/wtmasvWeOLU2BFVYEx8rT+IiI7AlAVTq6mbcA
DQViXMGqcJPCComekWQuAskYY53afKGgTY9KAPw4KLFjSDqBPmHbuvrifVDG6H06
or07J3/k57XM9fkaO4g1mPuoRKsuMsoNK7XzjyL+ZI4QhiPEnGQ15V22pFTrKS4q
bi3TCRJmEIfxsN+3J3fF0Qf0xLf7YdyG82+maTwzgloORValFJNMIXv+81EdtwFP
TSJhTlJ6I/Kz3fAADI3GNOojIHyR
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:49 2025 by rpki-client