Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5537978B89011F0B92381EBDAE4EC9C.roa
File: C5537978B89011F0B92381EBDAE4EC9C.roa (raw, json)
Hash identifier: ZzuqC4CfUSyNrb7JxhTfX253kfRlfzB5xvkComhlBgI=
Subject key identifier: B7:05:13:DC:B0:3B:01:B6:C2:DD:A7:EE:B2:E7:B3:3E:BA:2B:1B:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01846D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5537978B89011F0B92381EBDAE4EC9C.roa
Signing time: Mon 03 Nov 2025 08:40:38 +0000
ROA not before: Mon 03 Nov 2025 08:40:31 +0000
ROA not after: Sun 09 Nov 2025 08:40:31 +0000
asID: 207023
IP address blocks: 156.255.24.0/22 maxlen: 24
156.255.28.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99437 (0x1846d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 3 08:40:31 2025 GMT
Not After : Nov 9 08:40:31 2025 GMT
Subject: CN=69086a86-4d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:90:cb:de:92:22:40:f6:66:1e:cf:84:db:35:
14:b5:82:78:30:bf:28:82:f5:2d:19:fc:4b:b1:a4:
51:62:1f:38:f0:78:3a:b0:df:53:de:a6:6c:97:93:
7d:73:dd:9d:5c:e0:33:2c:a1:c0:fb:a1:96:78:aa:
3a:59:20:13:28:7c:00:10:11:2f:51:5a:4b:06:80:
2d:7d:56:a7:cf:13:89:ce:ab:ae:20:9d:74:45:1a:
dc:66:70:af:2a:3d:4d:a2:ce:34:d0:bd:b7:2b:9f:
49:4d:6b:83:38:28:bf:74:fb:2d:91:88:d1:79:68:
e4:25:c0:31:59:cd:60:f6:d8:14:56:48:84:ca:9e:
5f:a4:67:ae:79:94:a8:e7:2f:6d:4a:df:07:0e:93:
8f:c9:fa:49:ba:2c:11:60:99:43:ae:98:2f:19:d1:
12:e4:33:92:c7:db:5e:26:d2:6a:c7:53:90:e8:ed:
97:c7:c4:80:a0:90:05:e3:ba:09:ab:7a:30:25:c8:
fd:19:2d:76:07:33:af:52:39:67:b4:06:46:a5:d8:
4a:c9:21:dc:c7:4e:32:3b:e3:7c:1e:80:49:52:2b:
77:1c:51:ee:d0:c3:e3:6d:a7:39:45:91:05:78:6d:
ed:a5:99:64:72:92:1b:31:48:74:63:8a:22:79:40:
11:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:05:13:DC:B0:3B:01:B6:C2:DD:A7:EE:B2:E7:B3:3E:BA:2B:1B:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C5537978B89011F0B92381EBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.24.0/21
Signature Algorithm: sha256WithRSAEncryption
01:5f:a5:61:4e:e6:22:08:5f:5f:01:0b:c1:3b:89:dd:7b:04:
ef:9c:e5:e4:77:23:14:e3:8f:0b:b1:05:41:f6:8b:4c:1b:ff:
84:c4:b9:ec:8f:ab:17:ef:c0:e1:ff:b8:77:4f:69:2f:b5:0d:
6a:9b:8f:06:cc:ab:1a:eb:45:6a:df:6f:e3:39:60:e1:87:c9:
f1:bc:b3:14:71:55:43:0a:ec:a4:58:de:c8:80:12:9b:e7:7f:
d9:2e:ed:6a:c4:01:84:97:1e:52:aa:d2:9a:ac:22:1c:60:52:
1d:97:d5:5b:8c:92:11:ea:e9:ff:a8:63:7c:b6:29:a6:d7:bd:
65:8f:d1:cf:1d:ac:d6:d3:7a:59:84:08:a0:18:b3:89:7b:5d:
21:12:78:d6:fd:1e:c4:9f:5b:01:19:50:d7:66:e2:df:84:dc:
fb:4c:d9:db:5d:b7:ab:f8:5e:fd:8a:3d:c7:ac:c3:23:c3:27:
ec:c6:c2:d5:21:2a:ea:63:fc:f3:f8:56:3a:01:cf:c8:da:21:
5e:8d:c7:31:41:8b:4e:b2:08:b6:ef:da:1d:34:ce:c8:5f:1c:
b8:94:70:c1:21:44:a7:f7:0c:4e:1a:eb:6c:68:4d:2e:ed:9a:
7b:9c:f5:af:ae:c8:6f:58:60:e3:1a:8d:6b:97:6a:be:13:6e:
bd:b1:eb:1e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYRtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMTAzMDg0MDMxWhcNMjUxMTA5MDg0MDMxWjAYMRYw
FAYDVQQDEw02OTA4NmE4Ni00ZDIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7ZDL3pIiQPZmHs+E2zUUtYJ4ML8ogvUtGfxLsaRRYh848Hg6sN9T3qZs
l5N9c92dXOAzLKHA+6GWeKo6WSATKHwAEBEvUVpLBoAtfVanzxOJzquuIJ10RRrc
ZnCvKj1Nos400L23K59JTWuDOCi/dPstkYjReWjkJcAxWc1g9tgUVkiEyp5fpGeu
eZSo5y9tSt8HDpOPyfpJuiwRYJlDrpgvGdES5DOSx9teJtJqx1OQ6O2Xx8SAoJAF
47oJq3owJcj9GS12BzOvUjlntAZGpdhKySHcx04yO+N8HoBJUit3HFHu0MPjbac5
RZEFeG3tpZlkcpIbMUh0Y4oieUAR0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLcF
E9ywOwG2wt2n7rLnsz66Kxv1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNTUzNzk3OEI4OTAxMUYwQjkyMzgxRUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnP8YMA0GCSqGSIb3DQEBCwUA
A4IBAQABX6VhTuYiCF9fAQvBO4ndewTvnOXkdyMU448LsQVB9otMG/+ExLnsj6sX
78Dh/7h3T2kvtQ1qm48GzKsa60Vq32/jOWDhh8nxvLMUcVVDCuykWN7IgBKb53/Z
Lu1qxAGElx5SqtKarCIcYFIdl9VbjJIR6un/qGN8timm171lj9HPHazW03pZhAig
GLOJe10hEnjW/R7En1sBGVDXZuLfhNz7TNnbXber+F79ij3HrMMjwyfsxsLVISrq
Y/zz+FY6Ac/I2iFejccxQYtOsgi279odNM7IXxy4lHDBIUSn9wxOGutsaE0u7Zp7
nPWvrshvWGDjGo1rl2q+E269sese
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:59:02 2025 by rpki-client