Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/759AB52CB37711F0842FE3CFDAE4EC9C.roa
File: 759AB52CB37711F0842FE3CFDAE4EC9C.roa (raw, json)
Hash identifier: uSYoARJabQHiH50L6xnQ7t6EvbQfAzry9n3Toi4yVF4=
Subject key identifier: 4E:EA:E0:D2:64:1A:38:31:18:52:4F:ED:2E:83:EE:6D:5C:E7:4D:03
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018330
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/759AB52CB37711F0842FE3CFDAE4EC9C.roa
Signing time: Mon 27 Oct 2025 20:56:51 +0000
ROA not before: Mon 27 Oct 2025 20:56:46 +0000
ROA not after: Tue 02 Dec 2025 20:56:46 +0000
asID: 984
IP address blocks: 156.232.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99120 (0x18330)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 27 20:56:46 2025 GMT
Not After : Dec 2 20:56:46 2025 GMT
Subject: CN=68ffdc93-584d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:76:08:f9:a5:2d:6a:d1:97:39:42:d9:83:f2:
fa:d0:02:aa:ba:37:6e:22:d8:37:e9:07:e8:39:23:
0e:f1:c2:48:a5:5d:73:b0:5d:ee:19:d6:b2:22:df:
0f:36:78:44:34:95:8c:be:0c:84:dc:fb:0e:b5:20:
b8:05:d6:a6:c4:a6:98:38:76:2e:02:62:1a:34:77:
06:bc:b6:08:08:f7:39:f8:19:f3:f7:e2:e0:ea:14:
92:4c:51:1c:d2:e4:bd:66:4e:2b:15:47:34:b3:cf:
cf:a2:59:57:9c:3e:ab:14:5f:4a:25:00:55:ce:23:
e0:36:d5:78:6e:68:bb:56:93:bb:87:9f:53:bf:f1:
0f:0b:a6:f5:86:10:a2:8f:20:65:a3:a7:27:5f:fe:
fb:c7:9a:70:33:ec:13:d1:62:4a:14:b8:3e:7c:ad:
48:eb:ff:18:9c:6b:51:2c:7a:a3:2a:90:18:df:9a:
e3:61:81:78:5c:f5:41:6e:31:8d:77:fe:f7:10:55:
f7:a8:00:13:06:51:0c:74:47:36:e8:88:d8:aa:ee:
e3:76:cb:8b:06:30:9d:de:5a:27:1f:11:ec:06:f9:
95:60:24:4a:a4:c2:af:ff:66:95:02:c3:15:11:b7:
35:a1:08:8a:84:69:38:66:e8:9c:c1:92:71:09:e5:
67:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EA:E0:D2:64:1A:38:31:18:52:4F:ED:2E:83:EE:6D:5C:E7:4D:03
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/759AB52CB37711F0842FE3CFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.32.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:40:81:f6:c7:b5:83:31:3f:f6:df:44:5b:0c:5e:60:0a:dc:
47:72:6d:fe:93:21:aa:35:29:db:1d:31:80:29:e1:b5:87:b2:
2e:e9:c5:d7:2e:cb:c7:3d:f7:de:0e:7d:60:1a:89:37:83:8b:
a3:c9:a4:6a:77:a8:9d:ca:2c:32:3e:23:fc:6b:9a:b0:9d:f8:
ac:c2:1b:68:b5:77:88:c4:9c:81:ce:07:68:84:29:67:73:4a:
b7:aa:2a:c7:43:6a:e9:64:de:15:ee:da:95:9e:85:57:00:d2:
33:4d:43:04:4b:65:4d:ec:0a:ce:b5:d1:53:77:4b:0a:b6:b8:
d3:18:80:ef:d5:4d:42:fe:88:42:7e:31:50:64:06:9e:e4:0e:
8c:19:12:bc:43:98:4a:63:65:fa:6e:4a:ed:fa:a5:21:da:6e:
07:1a:e6:e9:76:bc:96:06:a7:0a:3f:28:b9:9a:75:61:ca:4b:
c1:0c:a6:17:35:6b:68:a9:0b:4e:d1:74:38:64:50:d3:89:16:
d1:13:ab:fa:78:2a:5e:6a:24:46:de:f5:49:8c:56:9e:cf:0d:
e0:21:d4:7d:07:8f:46:d9:37:a0:ad:fe:10:2e:fe:cd:50:a1:
61:cc:42:f0:a5:f7:aa:e4:b4:50:b7:b5:7d:9e:eb:be:33:f4:
5d:f8:9c:da
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYMwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI3MjA1NjQ2WhcNMjUxMjAyMjA1NjQ2WjAYMRYw
FAYDVQQDEw02OGZmZGM5My01ODRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAonYI+aUtatGXOULZg/L60AKqujduItg36QfoOSMO8cJIpV1zsF3uGday
It8PNnhENJWMvgyE3PsOtSC4BdamxKaYOHYuAmIaNHcGvLYICPc5+Bnz9+Lg6hSS
TFEc0uS9Zk4rFUc0s8/PollXnD6rFF9KJQBVziPgNtV4bmi7VpO7h59Tv/EPC6b1
hhCijyBlo6cnX/77x5pwM+wT0WJKFLg+fK1I6/8YnGtRLHqjKpAY35rjYYF4XPVB
bjGNd/73EFX3qAATBlEMdEc26IjYqu7jdsuLBjCd3lonHxHsBvmVYCRKpMKv/2aV
AsMVEbc1oQiKhGk4ZuicwZJxCeVn+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE7q
4NJkGjgxGFJP7S6D7m1c500DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NTlBQjUyQ0IzNzcxMUYwODQyRkUzQ0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOggMA0GCSqGSIb3DQEBCwUA
A4IBAQC6QIH2x7WDMT/230RbDF5gCtxHcm3+kyGqNSnbHTGAKeG1h7Iu6cXXLsvH
PffeDn1gGok3g4ujyaRqd6idyiwyPiP8a5qwnfiswhtotXeIxJyBzgdohClnc0q3
qirHQ2rpZN4V7tqVnoVXANIzTUMES2VN7ArOtdFTd0sKtrjTGIDv1U1C/ohCfjFQ
ZAae5A6MGRK8Q5hKY2X6bkrt+qUh2m4HGubpdryWBqcKPyi5mnVhykvBDKYXNWto
qQtO0XQ4ZFDTiRbRE6v6eCpeaiRG3vVJjFaezw3gIdR9B49G2Tegrf4QLv7NUKFh
zELwpfeq5LRQt7V9nuu+M/Rd+Jza
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:34:27 2025 by rpki-client