Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B071CFEB18811F0B78097A0DAE4EC9C.roa
File: 1B071CFEB18811F0B78097A0DAE4EC9C.roa (raw, json)
Hash identifier: Qg/7YkVllGZXoANx9DntOOwd4bX8ncflYvMVukMSzAw=
Subject key identifier: 50:A9:F3:BD:58:07:F9:12:8E:2E:E3:87:67:0C:41:18:9A:5D:A0:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018299
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B071CFEB18811F0B78097A0DAE4EC9C.roa
Signing time: Sat 25 Oct 2025 09:50:58 +0000
ROA not before: Sat 25 Oct 2025 09:50:51 +0000
ROA not after: Tue 18 Nov 2025 09:50:51 +0000
asID: 54801
IP address blocks: 156.224.0.0/23 maxlen: 24
156.226.208.0/23 maxlen: 24
156.233.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98969 (0x18299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 25 09:50:51 2025 GMT
Not After : Nov 18 09:50:51 2025 GMT
Subject: CN=68fc9d82-0172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7e:05:84:69:5e:cf:b0:6f:d7:46:99:37:9b:
c5:0c:37:38:be:ef:23:8b:7c:44:b5:fb:61:68:c5:
cf:e5:2a:90:d3:c2:db:ac:d1:49:80:a8:27:53:f5:
9c:90:b3:17:39:af:a8:3d:71:3c:ea:00:6f:87:43:
83:a7:78:f1:79:0d:10:36:84:26:7b:35:c6:be:70:
bd:d3:0a:8f:de:7c:04:a1:41:75:8d:69:23:6f:13:
05:99:ca:e0:c5:c3:16:e1:84:6f:bc:d6:ce:63:3c:
07:74:e9:6f:66:f2:21:a0:18:c8:67:dc:1b:40:da:
64:b1:c0:a4:17:01:ee:d6:fe:41:24:28:3a:79:f5:
8d:2d:bb:f0:ab:ba:44:3b:cd:28:f0:05:af:29:07:
74:8e:d9:24:0d:2e:86:d4:3a:05:18:c0:61:b6:a8:
3c:e6:e1:50:3d:fe:27:4b:c2:94:ff:fe:9e:bb:6d:
b3:89:0c:93:e2:6f:a4:b3:64:56:e6:c1:44:1c:9a:
45:16:82:9d:ba:51:10:bb:93:6a:86:5f:ca:88:51:
2d:d5:4f:89:13:2f:eb:00:72:ad:1e:d8:5b:4b:50:
b7:99:12:b9:45:63:10:d0:2d:c8:d9:a0:86:5d:df:
37:ab:9d:bb:df:d4:c7:e5:40:1c:2d:13:02:bd:ec:
a0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A9:F3:BD:58:07:F9:12:8E:2E:E3:87:67:0C:41:18:9A:5D:A0:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B071CFEB18811F0B78097A0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.0.0/23
156.226.208.0/23
156.233.205.0/24
Signature Algorithm: sha256WithRSAEncryption
34:51:27:c0:24:c9:d6:85:a1:37:2e:ad:41:4c:26:e4:7e:87:
7f:3b:22:03:91:fd:e5:5c:ec:01:7a:d8:ef:db:5a:1a:48:80:
a6:4c:db:53:49:52:ec:4c:0c:2d:28:31:05:21:f2:d6:8e:90:
5d:c8:8e:9a:56:de:35:56:be:42:cb:dd:62:7c:26:a5:d9:b9:
3d:8f:1e:b3:c7:3d:9f:4e:c3:5a:84:72:af:4b:2c:33:a6:83:
17:51:16:82:b5:4f:77:dd:1e:da:e7:4f:6f:b2:ab:96:25:5a:
48:af:43:eb:c6:06:9c:6a:79:0a:34:1c:fe:74:76:e1:c5:a2:
a0:ba:55:e4:8f:27:3f:d5:e9:cc:45:2a:51:00:d2:6f:82:46:
dd:fe:c6:ef:06:e6:83:7f:b4:2d:74:9c:bd:b4:b8:e1:93:33:
7f:43:61:fc:28:28:74:58:a3:ea:67:9d:d3:87:51:9f:5d:89:
7e:91:8a:fe:76:c6:6a:f2:13:95:9d:ab:36:58:6d:be:f3:1a:
31:60:f2:16:0b:22:50:07:40:05:0b:6d:d7:ce:0f:08:75:3d:
25:e3:7a:28:f8:cc:16:3d:00:5f:b7:d3:a0:b4:57:48:81:cd:
2b:5b:00:06:68:fd:29:31:05:47:75:0c:11:27:b5:52:08:f9:
1c:ee:85:a1
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAYKZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI1MDk1MDUxWhcNMjUxMTE4MDk1MDUxWjAYMRYw
FAYDVQQDEw02OGZjOWQ4Mi0wMTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1H4FhGlez7Bv10aZN5vFDDc4vu8ji3xEtfthaMXP5SqQ08LbrNFJgKgn
U/WckLMXOa+oPXE86gBvh0ODp3jxeQ0QNoQmezXGvnC90wqP3nwEoUF1jWkjbxMF
mcrgxcMW4YRvvNbOYzwHdOlvZvIhoBjIZ9wbQNpkscCkFwHu1v5BJCg6efWNLbvw
q7pEO80o8AWvKQd0jtkkDS6G1DoFGMBhtqg85uFQPf4nS8KU//6eu22ziQyT4m+k
s2RW5sFEHJpFFoKdulEQu5Nqhl/KiFEt1U+JEy/rAHKtHthbS1C3mRK5RWMQ0C3I
2aCGXd83q52739TH5UAcLRMCveygXwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFFCp
871YB/kSji7jh2cMQRiaXaA7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjA3MUNGRUIxODgxMUYwQjc4MDk3QTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBnOAAAwQBnOLQAwQAnOnNMA0G
CSqGSIb3DQEBCwUAA4IBAQA0USfAJMnWhaE3Lq1BTCbkfod/OyIDkf3lXOwBetjv
21oaSICmTNtTSVLsTAwtKDEFIfLWjpBdyI6aVt41Vr5Cy91ifCal2bk9jx6zxz2f
TsNahHKvSywzpoMXURaCtU933R7a509vsquWJVpIr0PrxgacankKNBz+dHbhxaKg
ulXkjyc/1enMRSpRANJvgkbd/sbvBuaDf7QtdJy9tLjhkzN/Q2H8KCh0WKPqZ53T
h1GfXYl+kYr+dsZq8hOVnas2WG2+8xoxYPIWCyJQB0AFC23Xzg8IdT0l43oo+MwW
PQBft9OgtFdIgc0rWwAGaP0pMQVHdQwRJ7VSCPkc7oWh
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:31 2025 by rpki-client