Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74C93236B4CB11F0BD2066B0DAE4EC9C.roa
File: 74C93236B4CB11F0BD2066B0DAE4EC9C.roa (raw, json)
Hash identifier: H/bg3hGuilYU09rv1AJltcz39UzqMSGvgEtGWV8zfrk=
Subject key identifier: 9E:3E:29:E3:CB:2A:36:E8:F5:3E:4F:43:D1:74:86:5E:4D:DA:E2:13
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0183C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74C93236B4CB11F0BD2066B0DAE4EC9C.roa
Signing time: Wed 29 Oct 2025 13:30:38 +0000
ROA not before: Wed 29 Oct 2025 13:30:30 +0000
ROA not after: Sat 06 Dec 2025 13:30:30 +0000
asID: 265721
IP address blocks: 156.248.128.0/20 maxlen: 24
156.248.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99266 (0x183c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 29 13:30:30 2025 GMT
Not After : Dec 6 13:30:30 2025 GMT
Subject: CN=690216fe-8ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:fc:10:6b:78:8e:e2:71:6c:9d:0e:b7:1b:45:
a1:3d:1a:65:3e:ce:c0:f1:df:ae:50:35:42:ae:11:
5f:3d:46:64:c0:28:b5:20:76:9d:18:f7:f3:fc:22:
d8:8b:6b:03:29:52:c1:71:43:26:cd:85:02:50:3f:
f8:6e:cc:5b:1d:c0:2f:17:2e:a3:65:c9:72:cd:2b:
aa:9c:b8:ed:0a:db:9e:8b:58:24:61:40:06:8d:b2:
db:e6:01:1f:3d:8e:98:36:4e:1b:06:a5:d3:99:72:
97:9a:e8:26:29:7e:29:98:ad:e3:c7:b0:f3:91:83:
f2:ba:a9:74:7b:23:f2:ad:e8:26:a9:53:9c:47:02:
04:e4:8e:85:a9:10:79:95:d7:cb:d0:42:b1:ed:06:
87:50:c1:18:4d:e3:ba:67:66:57:33:88:e7:a5:ef:
c7:56:89:c4:e7:21:c9:70:63:bf:84:4d:09:9b:63:
98:0c:66:84:d4:c3:6f:cc:3e:fc:f0:cf:63:65:8d:
21:85:8e:05:38:ca:56:d2:56:16:25:ae:12:e0:25:
26:96:46:47:2e:4c:1a:5b:4d:cc:0a:16:db:c9:60:
78:f6:8e:f7:77:07:b6:b2:4b:0e:92:5d:0a:51:1f:
53:a2:03:da:c0:ca:3d:de:be:b5:34:96:da:7a:92:
89:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:3E:29:E3:CB:2A:36:E8:F5:3E:4F:43:D1:74:86:5E:4D:DA:E2:13
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/74C93236B4CB11F0BD2066B0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.128.0/19
Signature Algorithm: sha256WithRSAEncryption
9f:db:53:94:62:3b:8a:ce:a4:70:c1:fd:f9:e5:06:cf:92:91:
e6:c3:7b:0e:79:5e:e6:27:ac:6f:3b:c4:a6:fa:dd:1f:d8:c1:
0f:f6:49:01:31:a1:6c:aa:f1:0b:af:2a:c3:63:99:82:54:d5:
da:cd:b5:f3:da:db:f3:ff:97:05:66:53:17:43:7b:97:da:b6:
a8:26:32:b8:ff:39:af:c6:70:20:b4:0f:02:56:c7:d4:55:48:
3c:00:e4:13:e5:4c:e9:2e:3d:a0:db:04:cf:12:fb:bb:4a:fa:
23:6c:a7:0d:88:0b:11:6c:42:f3:bc:90:2a:b4:d9:db:97:13:
82:5e:e2:b7:8c:47:75:33:c6:42:93:e3:0c:25:7c:d7:85:79:
cb:d0:38:01:5b:d0:22:a5:b4:62:6c:42:fd:a3:7e:36:41:e9:
f3:80:eb:e7:0d:35:25:06:d7:a8:ff:a4:0b:73:44:83:47:0c:
a5:54:47:c7:14:28:de:7a:04:13:37:46:df:47:df:a5:db:85:
8b:e5:1a:72:07:75:ef:a0:e4:57:a3:45:69:01:32:e9:68:97:
9f:05:4e:e5:4c:ba:bb:d6:02:1f:fd:62:3f:3e:71:0b:c8:f8:
e7:eb:db:3a:62:01:54:43:6d:f0:ba:f3:bc:9d:4d:a8:9e:5f:
b1:94:14:77
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYPCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI5MTMzMDMwWhcNMjUxMjA2MTMzMDMwWjAYMRYw
FAYDVQQDEw02OTAyMTZmZS04Y2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8PwQa3iO4nFsnQ63G0WhPRplPs7A8d+uUDVCrhFfPUZkwCi1IHadGPfz
/CLYi2sDKVLBcUMmzYUCUD/4bsxbHcAvFy6jZclyzSuqnLjtCtuei1gkYUAGjbLb
5gEfPY6YNk4bBqXTmXKXmugmKX4pmK3jx7DzkYPyuql0eyPyregmqVOcRwIE5I6F
qRB5ldfL0EKx7QaHUMEYTeO6Z2ZXM4jnpe/HVonE5yHJcGO/hE0Jm2OYDGaE1MNv
zD788M9jZY0hhY4FOMpW0lYWJa4S4CUmlkZHLkwaW03MChbbyWB49o73dwe2sksO
kl0KUR9TogPawMo93r61NJbaepKJEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ4+
KePLKjbo9T5PQ9F0hl5N2uITMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NEM5MzIzNkI0Q0IxMUYwQkQyMDY2QjBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPiAMA0GCSqGSIb3DQEBCwUA
A4IBAQCf21OUYjuKzqRwwf355QbPkpHmw3sOeV7mJ6xvO8Sm+t0f2MEP9kkBMaFs
qvELryrDY5mCVNXazbXz2tvz/5cFZlMXQ3uX2raoJjK4/zmvxnAgtA8CVsfUVUg8
AOQT5UzpLj2g2wTPEvu7SvojbKcNiAsRbELzvJAqtNnblxOCXuK3jEd1M8ZCk+MM
JXzXhXnL0DgBW9AipbRibEL9o342QenzgOvnDTUlBteo/6QLc0SDRwylVEfHFCje
egQTN0bfR9+l24WL5RpyB3XvoORXo0VpATLpaJefBU7lTLq71gIf/WI/PnELyPjn
69s6YgFUQ23wuvO8nU2onl+xlBR3
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:42 2025 by rpki-client