Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A47C0446B01511F08371E1A2DAE4EC9C.roa
File: A47C0446B01511F08371E1A2DAE4EC9C.roa (raw, json)
Hash identifier: sv9edAgds7HobLK3sQwryl/Lz5EDjwlouxWAMW5g514=
Subject key identifier: 41:48:00:33:B2:ED:59:76:C2:D6:8A:3C:41:98:69:21:47:D0:5E:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018272
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A47C0446B01511F08371E1A2DAE4EC9C.roa
Signing time: Thu 23 Oct 2025 13:39:05 +0000
ROA not before: Thu 23 Oct 2025 13:39:00 +0000
ROA not after: Fri 28 Nov 2025 13:39:00 +0000
asID: 48031
IP address blocks: 156.246.128.0/24 maxlen: 24
156.246.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98930 (0x18272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 23 13:39:00 2025 GMT
Not After : Nov 28 13:39:00 2025 GMT
Subject: CN=68fa2ff9-ea6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7c:a9:b5:d7:47:ae:d0:41:d2:32:90:f7:d1:
c3:42:6d:52:d4:84:0e:16:2a:55:ef:ed:54:cc:86:
ea:03:ae:03:88:27:48:1b:a7:67:67:fa:b6:8c:19:
24:2b:29:3f:87:6e:c4:12:42:23:c2:39:e4:6b:fa:
55:46:ba:6d:aa:91:c2:88:21:cb:68:ae:88:b1:79:
6d:6f:02:12:f3:3e:c3:07:bf:b7:22:f4:b0:d9:60:
b1:a0:06:82:38:a3:ee:60:28:01:f3:74:77:f3:39:
5f:a0:7d:4c:fa:1c:4b:20:c7:48:e0:91:84:b3:b4:
25:6f:e5:83:14:05:bd:55:05:dd:91:88:7e:3f:87:
21:8d:43:95:a9:5e:7a:9a:be:b9:c5:65:51:73:c1:
59:9b:ef:6f:88:80:11:5e:b4:6e:4f:00:41:cd:78:
c6:96:41:44:80:1e:62:3b:a4:89:88:3e:48:6a:60:
8b:e6:3e:54:9c:50:94:1d:85:10:ab:93:97:8c:99:
de:ef:fe:82:40:12:2b:e5:02:20:ac:63:b7:77:60:
e3:db:e0:a1:86:be:4b:7c:21:2a:dd:a0:03:3e:41:
6d:f4:ef:e6:70:44:ba:c9:b4:f1:5f:8c:15:32:f1:
68:79:7a:03:8b:1e:fa:b2:a1:20:a4:1d:5c:20:7e:
5d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:48:00:33:B2:ED:59:76:C2:D6:8A:3C:41:98:69:21:47:D0:5E:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A47C0446B01511F08371E1A2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.128.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:0d:93:8b:e1:d9:fa:c7:98:62:bd:61:fd:e9:b2:51:9f:a7:
05:50:76:eb:32:03:8c:8f:af:14:f0:bd:a6:03:18:0b:42:4a:
c3:47:e2:e4:42:6d:62:06:da:ee:d6:c6:2f:b2:6d:5e:f2:db:
a9:e9:fc:bc:10:99:09:79:d7:cc:bc:92:48:24:d9:69:db:17:
46:0d:c1:5a:fb:1d:e6:df:3c:42:a0:5c:8e:5a:1a:04:3a:f2:
7a:e3:da:85:40:39:2f:78:15:96:2f:b2:b5:7d:64:a6:5a:0d:
69:03:c4:97:74:c7:6a:3d:68:48:3d:c1:02:a5:b7:b8:a9:db:
16:07:3c:ac:fa:81:5b:c5:e8:41:d3:45:91:16:93:f2:ec:e5:
96:a7:93:65:61:7a:40:1f:21:12:c0:9d:dc:9c:ae:fa:ef:7b:
94:89:10:2f:e4:e5:0e:25:6f:10:f1:1a:07:da:85:37:a0:fe:
7b:f0:c4:2d:e8:6b:2b:f2:7b:5f:b0:74:48:82:be:19:49:d7:
39:da:9f:b1:fa:69:54:5a:7a:06:09:95:c3:7e:ba:3c:05:e3:
71:7a:42:ca:10:18:18:81:83:c2:dd:24:a0:e3:86:12:36:8d:
38:e2:d8:2a:ce:90:2e:c0:11:12:4c:12:1c:37:d6:20:67:1f:
a9:85:64:90
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYJyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDIzMTMzOTAwWhcNMjUxMTI4MTMzOTAwWjAYMRYw
FAYDVQQDEw02OGZhMmZmOS1lYTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4nyptddHrtBB0jKQ99HDQm1S1IQOFipV7+1UzIbqA64DiCdIG6dnZ/q2
jBkkKyk/h27EEkIjwjnka/pVRrptqpHCiCHLaK6IsXltbwIS8z7DB7+3IvSw2WCx
oAaCOKPuYCgB83R38zlfoH1M+hxLIMdI4JGEs7Qlb+WDFAW9VQXdkYh+P4chjUOV
qV56mr65xWVRc8FZm+9viIARXrRuTwBBzXjGlkFEgB5iO6SJiD5IamCL5j5UnFCU
HYUQq5OXjJne7/6CQBIr5QIgrGO3d2Dj2+Chhr5LfCEq3aADPkFt9O/mcES6ybTx
X4wVMvFoeXoDix76sqEgpB1cIH5doQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEFI
ADOy7Vl2wtaKPEGYaSFH0F4oMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDdDMDQ0NkIwMTUxMUYwODM3MUUxQTJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPaAMA0GCSqGSIb3DQEBCwUA
A4IBAQCPDZOL4dn6x5hivWH96bJRn6cFUHbrMgOMj68U8L2mAxgLQkrDR+LkQm1i
Btru1sYvsm1e8tup6fy8EJkJedfMvJJIJNlp2xdGDcFa+x3m3zxCoFyOWhoEOvJ6
49qFQDkveBWWL7K1fWSmWg1pA8SXdMdqPWhIPcECpbe4qdsWBzys+oFbxehB00WR
FpPy7OWWp5NlYXpAHyESwJ3cnK7673uUiRAv5OUOJW8Q8RoH2oU3oP578MQt6Gsr
8ntfsHRIgr4ZSdc52p+x+mlUWnoGCZXDfro8BeNxekLKEBgYgYPC3SSg44YSNo04
4tgqzpAuwBESTBIcN9YgZx+phWSQ
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:34:48 2025 by rpki-client