Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/444B2E2AADA511F0983D67E0DAE4EC9C.roa
File: 444B2E2AADA511F0983D67E0DAE4EC9C.roa (raw, json)
Hash identifier: D13yHNjUYOX7R3/msYbwWUIJqw26CrDWm3HgrsyZBdg=
Subject key identifier: 7A:59:86:E1:C4:89:7F:38:67:2E:6D:0E:9C:DC:F1:89:C6:9B:36:89
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0181B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/444B2E2AADA511F0983D67E0DAE4EC9C.roa
Signing time: Mon 20 Oct 2025 11:09:38 +0000
ROA not before: Mon 20 Oct 2025 11:09:27 +0000
ROA not after: Fri 01 May 2026 11:09:27 +0000
asID: 11042
IP address blocks: 156.249.26.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98745 (0x181b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 20 11:09:27 2025 GMT
Not After : May 1 11:09:27 2026 GMT
Subject: CN=68f61872-3624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:89:e3:4c:fd:e0:d9:99:03:c4:90:1c:ca:dd:
23:5c:9b:33:fa:33:b4:76:bf:1f:93:72:47:71:39:
a2:49:b1:a2:e5:d5:f0:92:cb:a5:7f:4b:e4:aa:f9:
88:e8:9a:06:ee:79:f0:9d:59:f1:65:bd:5c:16:96:
79:d7:79:b5:d0:0f:43:66:87:89:f2:bd:f7:3c:c4:
85:bf:aa:c9:07:a6:fc:65:04:c2:d7:7c:eb:4d:dc:
19:fb:7b:29:e6:c4:a6:f4:d2:1c:cb:ae:08:87:42:
91:4c:5e:9c:2d:88:d5:e4:e3:f1:cb:12:84:87:ba:
10:78:dd:06:ee:cb:55:ea:1a:24:e1:c3:f5:4f:ad:
8b:63:d2:c1:51:8e:fd:4b:cc:56:ea:96:01:43:8d:
bb:a5:e4:1f:ff:58:76:9e:83:15:a0:67:8a:e8:94:
b2:46:bc:ac:75:ee:89:37:75:11:ea:c4:4e:6f:29:
cb:bf:e3:a5:b6:39:39:7f:f3:78:73:df:57:77:36:
7a:58:4d:16:24:7c:58:43:3d:a9:54:f4:9d:a1:a2:
54:b1:b5:5c:f3:fd:b8:93:22:59:b7:72:c5:72:fa:
8d:66:09:0e:0f:91:c7:c6:bb:7b:3d:f0:18:2c:61:
05:eb:41:a4:df:0b:a5:fc:01:3f:be:c5:35:df:49:
0b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:59:86:E1:C4:89:7F:38:67:2E:6D:0E:9C:DC:F1:89:C6:9B:36:89
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/444B2E2AADA511F0983D67E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.26.0/23
Signature Algorithm: sha256WithRSAEncryption
79:8c:16:2a:29:86:bd:e4:72:c7:74:e4:e2:95:81:f6:37:7b:
b6:a1:4a:39:ae:82:ef:92:82:24:e9:59:c3:08:2e:46:6d:ba:
61:49:1a:ea:a3:e4:02:98:8b:d1:2b:3b:02:f9:00:82:fb:82:
ac:3c:e7:ce:d2:d3:4d:88:27:51:bf:44:61:0d:e7:db:85:cb:
f1:d1:50:f6:69:86:27:4e:61:87:82:1f:3b:ab:74:68:b1:7e:
58:cb:df:13:a2:9b:e5:3f:15:2d:47:eb:01:c6:b6:e3:f6:86:
d3:1c:3b:3a:7b:b3:7f:30:00:47:10:49:3c:81:b9:49:09:d2:
0f:c7:63:ad:f9:68:99:03:8a:38:08:a8:ca:97:d6:df:20:76:
dd:8c:ac:5b:70:53:ae:01:c8:22:b2:16:66:53:b8:b3:49:ea:
7c:d7:54:c3:3a:5d:4c:93:c0:73:95:6f:fe:e9:72:10:a1:93:
8f:d8:56:4e:56:44:79:f7:82:7c:c3:4f:40:dc:95:37:dc:da:
75:7c:d1:0e:4d:2c:14:af:8b:99:c2:f2:6f:2d:a8:55:c7:ef:
f0:25:2a:b3:a0:da:c2:42:80:d9:e1:39:a5:fe:ab:b4:67:fd:
e4:14:09:d7:9b:0b:6a:d0:50:00:e6:af:e6:9c:2e:9c:4a:75:
59:ef:ac:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYG5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIwMTEwOTI3WhcNMjYwNTAxMTEwOTI3WjAYMRYw
FAYDVQQDEw02OGY2MTg3Mi0zNjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4onjTP3g2ZkDxJAcyt0jXJsz+jO0dr8fk3JHcTmiSbGi5dXwksulf0vk
qvmI6JoG7nnwnVnxZb1cFpZ513m10A9DZoeJ8r33PMSFv6rJB6b8ZQTC13zrTdwZ
+3sp5sSm9NIcy64Ih0KRTF6cLYjV5OPxyxKEh7oQeN0G7stV6hok4cP1T62LY9LB
UY79S8xW6pYBQ427peQf/1h2noMVoGeK6JSyRrysde6JN3UR6sRObynLv+Oltjk5
f/N4c99XdzZ6WE0WJHxYQz2pVPSdoaJUsbVc8/24kyJZt3LFcvqNZgkOD5HHxrt7
PfAYLGEF60Gk3wul/AE/vsU130kLNwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHpZ
huHEiX84Zy5tDpzc8YnGmzaJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NDRCMkUyQUFEQTUxMUYwOTgzRDY3RTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPkaMA0GCSqGSIb3DQEBCwUA
A4IBAQB5jBYqKYa95HLHdOTilYH2N3u2oUo5roLvkoIk6VnDCC5GbbphSRrqo+QC
mIvRKzsC+QCC+4KsPOfO0tNNiCdRv0RhDefbhcvx0VD2aYYnTmGHgh87q3RosX5Y
y98TopvlPxUtR+sBxrbj9obTHDs6e7N/MABHEEk8gblJCdIPx2Ot+WiZA4o4CKjK
l9bfIHbdjKxbcFOuAcgishZmU7izSep811TDOl1Mk8BzlW/+6XIQoZOP2FZOVkR5
94J8w09A3JU33Np1fNEOTSwUr4uZwvJvLahVx+/wJSqzoNrCQoDZ4Tml/qu0Z/3k
FAnXmwtq0FAA5q/mnC6cSnVZ76wB
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:57 2025 by rpki-client