Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23417414B8A411F084D695E2DAE4EC9C.roa
File: 23417414B8A411F084D695E2DAE4EC9C.roa (raw, json)
Hash identifier: MxvhrC9OkxgZcLMOEz/PNhpO24PErc0NZlGBC1yxLpg=
Subject key identifier: 2C:91:A5:B3:E1:CD:CF:D2:9A:8A:86:24:7E:BA:48:DE:B5:EB:C8:21
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01849D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23417414B8A411F084D695E2DAE4EC9C.roa
Signing time: Mon 03 Nov 2025 10:59:16 +0000
ROA not before: Mon 03 Nov 2025 10:59:11 +0000
ROA not after: Wed 10 Dec 2025 10:59:11 +0000
asID: 8796
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99485 (0x1849d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 3 10:59:11 2025 GMT
Not After : Dec 10 10:59:11 2025 GMT
Subject: CN=69088b04-332d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:f8:76:4e:a7:78:fb:28:36:27:c4:ce:8e:
b5:68:06:ff:e1:e3:79:c7:a8:63:7a:a8:0f:b5:37:
b3:66:b3:9f:ad:6e:9c:f0:dc:3a:08:2e:b5:b3:58:
c8:bb:22:c7:e0:d2:bf:36:ee:d9:aa:6d:27:0d:7e:
51:2b:32:7d:82:85:bd:f7:52:5d:87:50:50:3d:f2:
86:53:50:71:dc:99:c8:b6:8f:c8:11:58:21:08:ae:
8c:9c:ba:c8:f7:c4:e7:a2:05:48:36:20:3f:2d:82:
4c:b2:ad:80:b8:31:ae:9f:74:da:8a:52:15:71:4d:
43:76:f6:8e:9e:fd:2c:c8:ac:c9:f7:c1:ff:55:4d:
11:0c:22:55:f1:f0:f9:04:40:ce:00:6a:c0:84:1e:
ca:d7:4c:5f:5e:01:03:bf:1a:05:c4:df:8e:2d:3b:
88:77:ba:af:64:bc:fd:c9:9c:52:a2:c1:ea:7d:93:
5d:2c:ec:74:a1:d3:2f:b8:9c:cd:d3:5d:8a:6e:18:
aa:23:bf:75:4b:85:99:37:cd:d9:a7:bf:a2:45:02:
18:ca:39:a5:ec:53:f1:95:43:ee:ef:5f:19:5d:28:
5b:96:21:6f:80:a8:2f:8c:54:c8:ef:4c:80:a8:5d:
62:a8:f0:b3:41:b1:4e:f5:82:57:a8:cf:c0:4b:e2:
9b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:91:A5:B3:E1:CD:CF:D2:9A:8A:86:24:7E:BA:48:DE:B5:EB:C8:21
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/23417414B8A411F084D695E2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
42:56:bb:e3:c3:97:f1:11:eb:c7:2d:59:d8:a8:b5:e8:fd:10:
d1:7b:00:3b:a6:73:17:7a:b8:ad:45:b2:43:1f:ce:5b:71:e3:
b5:79:ac:68:91:5b:69:d8:1d:f3:78:10:4c:3e:ed:17:1f:36:
96:5a:8e:81:24:2a:2a:78:d1:3e:c9:b9:74:cb:59:e3:4b:87:
24:00:12:54:85:c3:2f:f6:76:32:b8:17:c7:41:b4:a8:37:7c:
ef:9e:51:92:9d:75:76:e3:c5:92:f2:e4:d7:62:9f:b3:98:52:
e8:38:a7:a9:1e:e2:12:f8:a7:29:69:3f:4a:e5:2d:19:17:68:
4e:e9:07:ce:95:20:5e:75:a2:24:f3:0a:04:9f:03:fa:87:a8:
10:66:32:19:66:40:24:55:74:fe:61:2d:1f:58:04:bd:42:40:
49:1c:3c:7b:10:7e:ac:78:9a:05:d9:45:84:2d:23:64:4b:09:
50:22:b8:e5:dc:42:95:6c:dd:e8:9f:a8:17:6b:df:4e:e0:16:
8e:6c:95:e7:6d:62:b5:e5:e1:72:12:f2:9d:0b:b0:d5:85:af:
ec:d4:22:ee:f3:65:90:92:c7:c8:b4:e7:38:f9:34:ed:9e:2f:
07:88:30:f1:57:4c:d7:eb:cb:a7:6b:0c:b7:d0:0f:ff:41:92:
4b:1c:b1:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYSdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMTAzMTA1OTExWhcNMjUxMjEwMTA1OTExWjAYMRYw
FAYDVQQDEw02OTA4OGIwNC0zMzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyEj4dk6nePsoNifEzo61aAb/4eN5x6hjeqgPtTezZrOfrW6c8Nw6CC61
s1jIuyLH4NK/Nu7Zqm0nDX5RKzJ9goW991Jdh1BQPfKGU1Bx3JnIto/IEVghCK6M
nLrI98TnogVINiA/LYJMsq2AuDGun3TailIVcU1DdvaOnv0syKzJ98H/VU0RDCJV
8fD5BEDOAGrAhB7K10xfXgEDvxoFxN+OLTuId7qvZLz9yZxSosHqfZNdLOx0odMv
uJzN012KbhiqI791S4WZN83Zp7+iRQIYyjml7FPxlUPu718ZXShbliFvgKgvjFTI
70yAqF1iqPCzQbFO9YJXqM/AS+KbawIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCyR
pbPhzc/SmoqGJH66SN6168ghMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMzQxNzQxNEI4QTQxMUYwODRENjk1RTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQBCVrvjw5fxEevHLVnYqLXo/RDRewA7pnMXeritRbJDH85bceO1eaxokVtp
2B3zeBBMPu0XHzaWWo6BJCoqeNE+ybl0y1njS4ckABJUhcMv9nYyuBfHQbSoN3zv
nlGSnXV248WS8uTXYp+zmFLoOKepHuIS+KcpaT9K5S0ZF2hO6QfOlSBedaIk8woE
nwP6h6gQZjIZZkAkVXT+YS0fWAS9QkBJHDx7EH6seJoF2UWELSNkSwlQIrjl3EKV
bN3on6gXa99O4BaObJXnbWK15eFyEvKdC7DVha/s1CLu82WQksfItOc4+TTtni8H
iDDxV0zX68unawy30A//QZJLHLFQ
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:59:07 2025 by rpki-client