Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF297810B4CC11F0AB07DBB8DAE4EC9C.roa
File: DF297810B4CC11F0AB07DBB8DAE4EC9C.roa (raw, json)
Hash identifier: Z7GLl3TQZElf8AFmvlUZLZoX+I+6P9OM0iH+lrFYOy0=
Subject key identifier: 81:E9:8C:D9:1E:C9:06:F0:D5:22:2D:60:F2:14:63:7F:1D:49:75:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0183C6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF297810B4CC11F0AB07DBB8DAE4EC9C.roa
Signing time: Wed 29 Oct 2025 13:40:46 +0000
ROA not before: Wed 29 Oct 2025 13:40:40 +0000
ROA not after: Sat 06 Dec 2025 13:40:40 +0000
asID: 264750
IP address blocks: 156.248.192.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Nov 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99270 (0x183c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 29 13:40:40 2025 GMT
Not After : Dec 6 13:40:40 2025 GMT
Subject: CN=6902195e-b175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b4:65:89:c4:2b:97:43:2c:59:64:ab:c6:91:
e2:fb:bb:52:fb:5c:08:6b:24:cc:f0:84:9f:64:86:
9e:cd:9c:e2:f0:fa:c8:96:44:ec:54:ea:5a:4a:b9:
80:66:26:62:62:3e:1f:df:be:71:8a:9f:dd:e9:c3:
be:4f:66:50:64:56:b5:1f:1b:36:da:12:ca:ae:58:
d3:5c:e1:8e:73:85:f9:e5:93:51:9d:2b:ea:e2:91:
75:fd:2b:33:a0:d6:70:e3:26:dc:a2:e4:db:7b:c1:
cf:d6:98:86:49:63:f6:a1:a2:b2:3c:73:02:0c:14:
c5:66:aa:c8:9f:fc:84:23:b0:40:ff:29:0a:db:bf:
21:0f:41:39:46:3e:a5:c7:75:d6:5c:85:e3:84:c3:
c7:14:47:41:b6:1f:bd:b5:b9:b9:bd:f9:dc:9e:44:
2d:db:1e:6b:f5:42:e5:35:88:bc:53:46:3f:4c:8e:
2d:f2:87:9a:80:cf:f9:78:ad:f6:0f:1b:fa:49:4f:
ee:51:b5:74:65:0c:33:dd:68:4d:c0:d9:c5:26:2e:
e9:d4:04:a6:6f:cb:26:db:2f:10:c7:16:13:7f:9f:
0f:b4:07:d4:53:79:25:d9:b6:8a:db:fe:4b:bf:2c:
cc:1f:e1:e0:b6:cc:2d:d4:f4:ca:a0:ca:d6:82:ee:
ed:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E9:8C:D9:1E:C9:06:F0:D5:22:2D:60:F2:14:63:7F:1D:49:75:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF297810B4CC11F0AB07DBB8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
89:39:fb:20:79:8b:41:b3:34:73:e9:a6:9b:64:a5:b0:8d:be:
92:6d:fb:a3:3e:27:88:0d:4e:c2:0f:96:ee:04:99:ee:6f:b9:
c1:1f:66:54:d9:53:28:75:e8:9b:83:e2:ea:93:16:10:60:0c:
48:8d:39:2b:92:5e:a2:f7:9b:4f:25:3b:23:8c:dd:9b:3a:d1:
d2:44:1f:83:f6:e7:4a:c1:10:ee:5f:2f:2c:dc:9d:d3:47:03:
48:6a:dd:0b:85:38:dd:4e:21:86:83:69:b1:9a:17:b3:3f:b1:
5d:41:2d:50:bd:d4:37:85:98:0b:db:f5:39:3d:e9:7e:1f:27:
20:de:00:2f:e4:35:a1:dc:e7:a3:b6:00:9c:26:1a:1b:49:7d:
e2:f1:a5:c6:e2:3c:8e:24:ef:6d:80:fe:88:e9:ec:b0:7c:9d:
f2:a3:2d:57:f2:7b:10:2b:fd:f6:6b:ae:6a:85:db:72:1c:5b:
a0:2d:9e:00:5b:9e:3a:90:94:78:a3:65:01:72:2a:0d:0c:ac:
27:69:02:64:8a:ca:11:75:2c:5e:3a:de:05:2d:df:77:2b:13:
8d:7e:5c:d9:43:0a:30:bb:98:96:32:83:bf:e4:c2:48:c6:f9:
33:d6:0b:8e:fd:b4:47:43:82:42:74:59:a1:d5:eb:ce:91:b9:
fa:40:f7:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYPGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI5MTM0MDQwWhcNMjUxMjA2MTM0MDQwWjAYMRYw
FAYDVQQDEw02OTAyMTk1ZS1iMTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqLRlicQrl0MsWWSrxpHi+7tS+1wIayTM8ISfZIaezZzi8PrIlkTsVOpa
SrmAZiZiYj4f375xip/d6cO+T2ZQZFa1Hxs22hLKrljTXOGOc4X55ZNRnSvq4pF1
/SszoNZw4ybcouTbe8HP1piGSWP2oaKyPHMCDBTFZqrIn/yEI7BA/ykK278hD0E5
Rj6lx3XWXIXjhMPHFEdBth+9tbm5vfncnkQt2x5r9ULlNYi8U0Y/TI4t8oeagM/5
eK32Dxv6SU/uUbV0ZQwz3WhNwNnFJi7p1ASmb8sm2y8QxxYTf58PtAfUU3kl2baK
2/5LvyzMH+Hgtswt1PTKoMrWgu7t+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIHp
jNkeyQbw1SItYPIUY38dSXWcMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjI5NzgxMEI0Q0MxMUYwQUIwN0RCQjhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGnPjAMA0GCSqGSIb3DQEBCwUA
A4IBAQCJOfsgeYtBszRz6aabZKWwjb6SbfujPieIDU7CD5buBJnub7nBH2ZU2VMo
deibg+LqkxYQYAxIjTkrkl6i95tPJTsjjN2bOtHSRB+D9udKwRDuXy8s3J3TRwNI
at0LhTjdTiGGg2mxmhezP7FdQS1QvdQ3hZgL2/U5Pel+Hycg3gAv5DWh3OejtgCc
JhobSX3i8aXG4jyOJO9tgP6I6eywfJ3yoy1X8nsQK/32a65qhdtyHFugLZ4AW546
kJR4o2UBcioNDKwnaQJkisoRdSxeOt4FLd93KxONflzZQwowu5iWMoO/5MJIxvkz
1guO/bRHQ4JCdFmh1evOkbn6QPek
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:29:35 2025 by rpki-client