Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43D637EAB4EF11F0A45FFF8EDAE4EC9C.roa
File: 43D637EAB4EF11F0A45FFF8EDAE4EC9C.roa (raw, json)
Hash identifier: Tj4S+HTvo7LewcqFBpvTVwko+pLjvlSKK8prQyfJ/5E=
Subject key identifier: 35:D8:12:BC:8C:CF:9B:A3:5F:58:7C:87:62:52:40:13:CB:63:B0:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0183DC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43D637EAB4EF11F0A45FFF8EDAE4EC9C.roa
Signing time: Wed 29 Oct 2025 17:46:58 +0000
ROA not before: Wed 29 Oct 2025 17:46:50 +0000
ROA not after: Fri 26 Dec 2025 17:46:50 +0000
asID: 63139
IP address blocks: 156.227.220.0/22 maxlen: 24
156.227.224.0/23 maxlen: 24
156.227.252.0/22 maxlen: 24
156.229.2.0/23 maxlen: 24
156.229.29.0/24 maxlen: 24
156.229.30.0/23 maxlen: 24
156.229.44.0/23 maxlen: 24
156.229.49.0/24 maxlen: 24
156.229.51.0/24 maxlen: 24
156.229.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99292 (0x183dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 29 17:46:50 2025 GMT
Not After : Dec 26 17:46:50 2025 GMT
Subject: CN=69025312-7199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:19:56:49:2c:af:f3:55:d6:10:ad:64:3c:d8:
63:86:ed:05:56:44:20:49:ab:7d:7a:f1:7b:4a:63:
77:57:e0:b3:19:77:19:60:53:11:29:34:d5:a0:bb:
98:53:1a:a8:bc:e6:0d:37:38:fd:26:ba:06:bc:b2:
de:51:1f:5f:80:1e:0f:df:35:59:a5:1f:75:75:c3:
d2:8f:ba:e3:4d:71:4f:09:bf:a8:6f:35:f9:d5:93:
44:9c:c3:d1:c9:64:26:e4:b6:aa:38:04:ba:d1:b1:
61:e0:bb:2e:d3:0d:40:f3:28:00:3d:c3:d2:0b:39:
a4:00:1f:f5:9b:90:a9:5d:05:d4:e0:c5:ac:76:a0:
b8:d5:6c:09:f5:13:c8:a7:e0:24:fa:83:bc:79:41:
58:f3:b4:ed:3c:db:f6:33:e2:bb:4e:75:1d:80:eb:
bb:7b:2a:fd:86:80:41:ea:82:56:5e:5c:bb:4e:59:
92:a8:eb:10:e6:ce:fa:9c:e5:09:48:66:c9:05:27:
aa:fb:84:53:5f:95:ca:7d:ab:9f:f7:85:2f:1f:55:
df:17:b7:d7:f3:2d:05:db:9a:a1:31:55:a6:01:98:
2c:e7:83:40:53:fd:d1:24:37:f2:12:7d:de:cf:41:
84:a5:35:1a:27:5b:5e:d4:c1:19:7c:e4:85:59:eb:
48:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D8:12:BC:8C:CF:9B:A3:5F:58:7C:87:62:52:40:13:CB:63:B0:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43D637EAB4EF11F0A45FFF8EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.220.0-156.227.225.255
156.227.252.0/22
156.229.2.0/23
156.229.29.0-156.229.31.255
156.229.44.0/23
156.229.49.0/24
156.229.51.0/24
156.229.65.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:32:3b:69:79:23:60:af:a6:5e:39:d2:f0:43:40:d7:b6:e6:
98:fb:c1:8f:59:bd:ce:bf:64:c7:28:f1:b2:11:17:c3:e4:ed:
d9:86:d8:71:7f:fe:b1:d1:5d:0c:f0:c5:54:fc:4a:3f:ef:90:
e0:35:fe:14:f4:0e:82:fe:9a:18:11:16:66:ab:df:c3:c8:67:
64:33:79:d4:fa:c3:9b:39:89:27:05:18:59:9f:fe:81:57:15:
63:78:41:af:db:f7:54:ee:0b:68:f3:f9:21:5c:b4:75:3c:1d:
0b:ae:e0:42:8c:6e:76:19:8a:98:ee:07:f5:62:6c:00:f9:3e:
07:43:56:99:f1:30:34:0a:bf:27:81:c7:fd:4b:b9:0b:40:93:
85:3c:92:07:c6:c5:37:f8:1b:ce:5f:01:cd:e8:e9:20:34:ba:
1e:6e:5f:b9:47:0f:a2:98:61:94:1c:6b:29:53:f1:6e:a2:90:
80:16:0e:64:05:7a:8b:63:9e:2d:2d:65:55:57:ed:ad:31:86:
e0:d1:32:ee:df:8a:ea:4d:5b:b5:57:4e:5d:a2:b7:04:67:4b:
7c:03:bb:59:07:05:87:d2:f0:8d:d6:d9:9f:74:46:08:4e:0e:
6d:ed:70:10:26:12:ac:f7:eb:3a:7a:08:06:e5:5e:bd:71:c0:
0f:ef:cb:3e
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgIDAYPcMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI5MTc0NjUwWhcNMjUxMjI2MTc0NjUwWjAYMRYw
FAYDVQQDEw02OTAyNTMxMi03MTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1xlWSSyv81XWEK1kPNhjhu0FVkQgSat9evF7SmN3V+CzGXcZYFMRKTTV
oLuYUxqovOYNNzj9JroGvLLeUR9fgB4P3zVZpR91dcPSj7rjTXFPCb+obzX51ZNE
nMPRyWQm5LaqOAS60bFh4Lsu0w1A8ygAPcPSCzmkAB/1m5CpXQXU4MWsdqC41WwJ
9RPIp+Ak+oO8eUFY87TtPNv2M+K7TnUdgOu7eyr9hoBB6oJWXly7TlmSqOsQ5s76
nOUJSGbJBSeq+4RTX5XKfauf94UvH1XfF7fX8y0F25qhMVWmAZgs54NAU/3RJDfy
En3ez0GEpTUaJ1te1MEZfOSFWetIyQIDAQABo4IC3DCCAtgwHQYDVR0OBBYEFDXY
EryMz5ujX1h8h2JSQBPLY7A4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80M0Q2MzdFQUI0RUYxMUYwQTQ1RkZGOEVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAKc49wDBAGc4+ADBAKc4/wD
BAGc5QIwDAMEAJzlHQMEBZzlAAMEAZzlLAMEAJzlMQMEAJzlMwMEAJzlQTANBgkq
hkiG9w0BAQsFAAOCAQEAbTI7aXkjYK+mXjnS8ENA17bmmPvBj1m9zr9kxyjxshEX
w+Tt2YbYcX/+sdFdDPDFVPxKP++Q4DX+FPQOgv6aGBEWZqvfw8hnZDN51PrDmzmJ
JwUYWZ/+gVcVY3hBr9v3VO4LaPP5IVy0dTwdC67gQoxudhmKmO4H9WJsAPk+B0NW
mfEwNAq/J4HH/Uu5C0CThTySB8bFN/gbzl8BzejpIDS6Hm5fuUcPophhlBxrKVPx
bqKQgBYOZAV6i2OeLS1lVVftrTGG4NEy7t+K6k1btVdOXaK3BGdLfAO7WQcFh9Lw
jdbZn3RGCE4Obe1wECYSrPfrOnoIBuVevXHAD+/LPg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:46 2025 by rpki-client