Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF8D09D6B2F011F09CB6C5E9DAE4EC9C.roa
File: CF8D09D6B2F011F09CB6C5E9DAE4EC9C.roa (raw, json)
Hash identifier: 1kEM9+Xg7u5edxWtmJIGOf1AxGtjFIlojm4Q78kryqQ=
Subject key identifier: 76:B7:B2:44:75:42:68:7E:73:FB:88:B0:60:72:83:CE:77:FB:8A:32
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0182A7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF8D09D6B2F011F09CB6C5E9DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 04:53:00 +0000
ROA not before: Mon 27 Oct 2025 04:52:55 +0000
ROA not after: Sun 30 Nov 2025 04:52:55 +0000
asID: 32043
IP address blocks: 156.252.6.0/23 maxlen: 24
156.252.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98983 (0x182a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 27 04:52:55 2025 GMT
Not After : Nov 30 04:52:55 2025 GMT
Subject: CN=68fefaab-7837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:06:52:66:32:02:d4:9a:bf:c2:62:1b:8d:73:
65:be:24:21:d8:fe:2f:97:45:e7:73:25:cd:5e:d8:
1c:7a:d5:b8:a6:de:68:15:f8:26:50:e7:22:36:cf:
37:c3:bf:45:60:64:5b:8b:68:c6:f1:33:a4:4f:a5:
ef:da:de:98:0c:7a:18:d5:d9:c1:e9:04:f2:92:eb:
3b:e5:5f:04:23:ba:1e:d0:f7:50:f8:f6:28:d0:1a:
3f:4c:9f:c7:df:2f:e8:6c:8b:90:63:30:d6:f9:d8:
1a:77:97:d0:99:13:f4:b4:2b:e3:01:0d:57:70:93:
55:bb:42:eb:18:db:97:a0:39:98:9a:bf:a2:39:70:
17:d4:d6:07:1d:a0:af:cf:20:2d:85:59:69:ef:af:
d3:d6:4b:50:d7:48:34:e6:13:fa:ac:43:16:11:7e:
40:c1:4c:f6:54:9c:e9:e1:19:3d:1b:20:a0:3b:46:
2b:01:6a:59:07:75:49:b6:fa:7c:4d:70:60:0e:17:
6d:60:2a:11:f6:5b:34:83:6f:cd:e7:19:54:ae:8d:
da:34:c1:0a:6c:ed:d9:f1:f3:71:44:e0:f8:40:05:
47:78:22:d6:70:5a:f8:74:ae:bf:5f:a8:fb:9f:72:
ea:f4:9f:d2:67:7c:ba:4c:2b:c9:a5:79:62:f5:21:
0b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B7:B2:44:75:42:68:7E:73:FB:88:B0:60:72:83:CE:77:FB:8A:32
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF8D09D6B2F011F09CB6C5E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.6.0/23
156.252.16.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:b4:2d:24:bb:dd:34:87:1d:74:c5:e0:17:7f:83:96:1d:da:
5c:1b:36:38:85:73:02:88:8f:d9:af:fb:e2:b2:3c:30:aa:0b:
51:a6:66:6d:41:d5:99:09:fe:44:84:50:f1:32:21:19:ef:f2:
31:94:c1:ee:7b:a0:a8:f3:41:ad:0d:bc:2f:5e:bc:e6:aa:6d:
3f:e6:2c:ec:fc:1a:7b:0c:86:88:13:23:66:78:7d:02:07:36:
ac:f4:82:b6:dd:5e:bd:7f:ee:7a:5a:26:8f:a3:6e:ed:db:f3:
8c:a3:f9:f2:de:34:4d:f9:fe:08:0c:f0:ee:f9:de:88:bb:1b:
45:58:a3:5a:48:7b:f7:ca:b0:d5:2b:64:74:c3:3c:7a:95:d4:
96:9d:5f:3e:5f:2e:5c:fe:c6:7a:4b:dd:ff:ce:41:b4:4a:21:
f6:33:e8:78:05:a2:dd:30:67:70:5e:ec:55:c0:7b:8c:45:c2:
33:65:f5:09:b5:4c:a6:fe:cf:25:e0:76:52:75:b9:a8:7b:af:
be:27:8d:d7:52:19:ac:14:0a:01:e5:61:06:e0:8e:b4:21:a8:
7c:4a:ce:e3:3f:a3:41:d7:50:cb:74:bf:42:d0:46:03:7b:b8:
83:89:19:f3:54:51:a9:7a:5f:1a:67:fd:eb:01:58:9c:6c:77:
f8:d3:ca:2e
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAYKnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI3MDQ1MjU1WhcNMjUxMTMwMDQ1MjU1WjAYMRYw
FAYDVQQDEw02OGZlZmFhYi03ODM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmwZSZjIC1Jq/wmIbjXNlviQh2P4vl0XncyXNXtgcetW4pt5oFfgmUOci
Ns83w79FYGRbi2jG8TOkT6Xv2t6YDHoY1dnB6QTykus75V8EI7oe0PdQ+PYo0Bo/
TJ/H3y/obIuQYzDW+dgad5fQmRP0tCvjAQ1XcJNVu0LrGNuXoDmYmr+iOXAX1NYH
HaCvzyAthVlp76/T1ktQ10g05hP6rEMWEX5AwUz2VJzp4Rk9GyCgO0YrAWpZB3VJ
tvp8TXBgDhdtYCoR9ls0g2/N5xlUro3aNMEKbO3Z8fNxROD4QAVHeCLWcFr4dK6/
X6j7n3Lq9J/SZ3y6TCvJpXli9SELKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHa3
skR1Qmh+c/uIsGByg853+4oyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjhEMDlENkIyRjAxMUYwOUNCNkM1RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnPwGAwQBnPwQMA0GCSqGSIb3
DQEBCwUAA4IBAQB/tC0ku900hx10xeAXf4OWHdpcGzY4hXMCiI/Zr/visjwwqgtR
pmZtQdWZCf5EhFDxMiEZ7/IxlMHue6Co80GtDbwvXrzmqm0/5izs/Bp7DIaIEyNm
eH0CBzas9IK23V69f+56WiaPo27t2/OMo/ny3jRN+f4IDPDu+d6IuxtFWKNaSHv3
yrDVK2R0wzx6ldSWnV8+Xy5c/sZ6S93/zkG0SiH2M+h4BaLdMGdwXuxVwHuMRcIz
ZfUJtUym/s8l4HZSdbmoe6++J43XUhmsFAoB5WEG4I60Iah8Ss7jP6NB11DLdL9C
0EYDe7iDiRnzVFGpel8aZ/3rAVicbHf408ou
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:35:15 2025 by rpki-client