Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D83AAFC0B8A411F09D7FDBE6DAE4EC9C.roa
File: D83AAFC0B8A411F09D7FDBE6DAE4EC9C.roa (raw, json)
Hash identifier: RP0UHumfiIc770U735jYv6/SSX5t97rfRY1lnt36D48=
Subject key identifier: F4:80:33:82:85:57:C7:8F:2E:9D:E1:BA:82:FC:CF:96:3C:08:12:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01849F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D83AAFC0B8A411F09D7FDBE6DAE4EC9C.roa
Signing time: Mon 03 Nov 2025 11:04:19 +0000
ROA not before: Mon 03 Nov 2025 11:04:14 +0000
ROA not after: Wed 10 Dec 2025 11:04:14 +0000
asID: 395886
IP address blocks: 156.233.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99487 (0x1849f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 3 11:04:14 2025 GMT
Not After : Dec 10 11:04:14 2025 GMT
Subject: CN=69088c33-a49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:73:72:f6:76:70:ba:dc:d0:c8:6d:4e:51:d0:
ba:aa:99:e2:cc:e2:34:15:99:a9:79:19:29:ff:48:
97:24:d4:a7:ab:a5:1c:8e:df:40:8a:e9:aa:29:61:
6c:60:34:7a:b5:e4:81:4f:66:78:89:b8:74:0a:ed:
8f:6b:bf:7a:cf:6a:28:b4:dc:42:96:b3:38:32:36:
54:9a:9b:47:bd:f1:39:7b:33:25:30:19:6b:7e:d0:
f5:0a:0a:37:b0:17:5f:32:2b:63:e4:54:70:4a:4d:
fd:a3:7d:ad:b5:7c:62:99:07:13:0e:b1:96:0e:b4:
e4:4b:08:ed:16:aa:02:bd:cd:e9:e6:f9:bd:b7:9e:
b1:03:03:01:63:dc:69:0a:8c:a2:0c:cc:07:2d:3d:
63:ce:bf:41:d3:cf:ea:d1:1c:8f:30:9e:93:df:dd:
39:79:25:d7:4e:ee:f2:2d:83:ae:5b:ee:f8:3b:1d:
ac:c8:26:4f:55:12:c9:c9:52:d6:2d:0b:f6:45:20:
38:49:74:a8:48:99:b6:db:ee:f9:c8:6b:de:b6:1f:
08:b4:88:45:33:5a:99:02:c7:dc:be:fb:5d:e2:56:
e7:08:1f:ec:58:04:20:cc:8c:c8:cb:42:ae:9d:cf:
50:f8:bd:44:b9:dd:12:b6:dc:7f:41:ba:fb:8f:fa:
e2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:80:33:82:85:57:C7:8F:2E:9D:E1:BA:82:FC:CF:96:3C:08:12:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D83AAFC0B8A411F09D7FDBE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.224.0/20
Signature Algorithm: sha256WithRSAEncryption
2c:b3:df:e0:d5:fb:4b:58:10:32:04:25:60:d9:b7:b5:01:ab:
c2:69:36:fd:21:b4:c1:16:2a:0b:70:1d:5f:fb:b1:7e:c9:53:
9f:93:8d:92:2e:a5:40:16:0c:0c:cb:4f:37:0a:ac:16:72:ba:
c1:05:cf:22:3a:78:35:0e:45:c9:b9:53:2b:35:98:38:90:cb:
7d:67:9c:b2:9d:4b:9f:30:55:47:28:21:df:82:50:4a:44:f3:
06:84:f3:59:72:b0:0f:55:9b:e1:85:37:3f:2f:8e:f2:c9:7c:
d5:c0:31:c7:bd:33:3a:12:15:dd:69:47:15:ae:9b:86:6e:b8:
b4:a3:d6:0b:bb:73:8b:aa:9b:c3:ad:77:12:6a:e0:5c:1a:6c:
b0:c5:be:20:9f:6f:cb:c0:71:f2:74:16:17:92:08:15:c6:3c:
63:3b:52:68:87:e1:59:ea:42:bb:fe:a2:74:81:a2:02:6d:95:
bf:8c:d5:bd:2a:36:94:c4:77:a2:7b:4e:11:a5:7f:69:31:34:
c9:b8:9b:1d:b7:eb:e5:c5:4b:ed:f7:b2:e6:61:f7:7d:6a:de:
23:cb:e7:0b:90:81:9a:23:51:40:24:86:01:69:1b:a3:83:9e:
82:af:09:6d:7a:e0:0e:58:1a:64:c4:b3:4e:3d:43:9e:7a:db:
fb:fc:fe:23
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYSfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMTAzMTEwNDE0WhcNMjUxMjEwMTEwNDE0WjAYMRYw
FAYDVQQDEw02OTA4OGMzMy1hNDllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnXNy9nZwutzQyG1OUdC6qpnizOI0FZmpeRkp/0iXJNSnq6Ucjt9Aiumq
KWFsYDR6teSBT2Z4ibh0Cu2Pa796z2ootNxClrM4MjZUmptHvfE5ezMlMBlrftD1
Cgo3sBdfMitj5FRwSk39o32ttXximQcTDrGWDrTkSwjtFqoCvc3p5vm9t56xAwMB
Y9xpCoyiDMwHLT1jzr9B08/q0RyPMJ6T3905eSXXTu7yLYOuW+74Ox2syCZPVRLJ
yVLWLQv2RSA4SXSoSJm22+75yGveth8ItIhFM1qZAsfcvvtd4lbnCB/sWAQgzIzI
y0Kunc9Q+L1Eud0Sttx/Qbr7j/riGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPSA
M4KFV8ePLp3huoL8z5Y8CBKkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EODNBQUZDMEI4QTQxMUYwOUQ3RkRCRTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOngMA0GCSqGSIb3DQEBCwUA
A4IBAQAss9/g1ftLWBAyBCVg2be1AavCaTb9IbTBFioLcB1f+7F+yVOfk42SLqVA
FgwMy083CqwWcrrBBc8iOng1DkXJuVMrNZg4kMt9Z5yynUufMFVHKCHfglBKRPMG
hPNZcrAPVZvhhTc/L47yyXzVwDHHvTM6EhXdaUcVrpuGbri0o9YLu3OLqpvDrXcS
auBcGmywxb4gn2/LwHHydBYXkggVxjxjO1Joh+FZ6kK7/qJ0gaICbZW/jNW9KjaU
xHeie04RpX9pMTTJuJsdt+vlxUvt97LmYfd9at4jy+cLkIGaI1FAJIYBaRujg56C
rwlteuAOWBpkxLNOPUOeetv7/P4j
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:59:05 2025 by rpki-client