Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F99F920EB31611F0A1734BE1DAE4EC9C.roa
File: F99F920EB31611F0A1734BE1DAE4EC9C.roa (raw, json)
Hash identifier: cKuDrYS/hz2cpqGgExxGhnzLSdocmIRab/bBW+2zmpk=
Subject key identifier: 17:C7:72:D1:D9:DF:18:D9:6D:C9:86:ED:98:EB:EE:E8:05:51:D9:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0182C1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F99F920EB31611F0A1734BE1DAE4EC9C.roa
Signing time: Mon 27 Oct 2025 09:26:11 +0000
ROA not before: Mon 27 Oct 2025 09:26:05 +0000
ROA not after: Sat 08 Nov 2025 09:26:05 +0000
asID: 198247
IP address blocks: 156.238.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Nov 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99009 (0x182c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 27 09:26:05 2025 GMT
Not After : Nov 8 09:26:05 2025 GMT
Subject: CN=68ff3ab3-93d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:52:a9:0a:4f:4a:a1:3d:b5:85:40:a7:61:92:
52:51:75:86:d9:2c:f7:b0:05:93:1e:42:5f:15:8f:
f3:66:84:5b:10:76:2c:ae:af:3d:ac:6d:78:e4:84:
bf:f4:1f:5e:bf:7f:2a:28:21:f4:41:17:df:65:e3:
20:bb:1d:ff:84:59:d7:53:fd:e6:30:9b:f5:57:87:
a2:bb:a7:81:68:30:c5:30:0f:ec:89:70:f8:fe:84:
cb:3e:87:d1:0d:3b:70:33:59:2b:fd:bf:60:20:83:
6e:f5:b7:7a:32:54:a0:52:29:5a:74:a7:7b:37:2a:
45:57:b7:f1:cd:c2:23:39:0b:a9:a9:aa:34:f5:df:
f5:fc:cd:0e:78:29:56:b0:f2:d9:04:7a:40:e2:58:
05:6b:95:a7:f5:66:99:b9:ec:23:16:46:75:d8:9d:
72:d1:2e:a9:c3:0f:56:ac:d9:3c:35:c1:03:5a:e4:
b8:5f:c7:89:fd:88:8d:25:8e:21:d6:69:a2:d3:7f:
4b:a8:dc:a6:f7:af:b4:37:46:9c:4e:26:d6:46:47:
91:40:48:6b:29:d8:93:a4:45:47:c1:2b:89:7c:4f:
f6:30:88:fc:73:90:87:7f:52:47:7e:0d:b7:4a:57:
be:56:a4:28:77:16:81:34:39:7f:52:c3:fe:e3:50:
27:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C7:72:D1:D9:DF:18:D9:6D:C9:86:ED:98:EB:EE:E8:05:51:D9:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F99F920EB31611F0A1734BE1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.84.0/24
Signature Algorithm: sha256WithRSAEncryption
35:df:62:95:84:51:f4:07:d7:0a:92:db:5f:43:61:7f:90:39:
0f:47:79:ce:4a:95:f1:67:c1:06:b6:56:7b:81:ca:43:d3:8d:
3a:c7:c9:a1:72:bc:d1:59:b5:c4:8d:5b:db:de:f2:d9:23:7f:
69:55:77:00:24:0e:d8:06:98:d7:7d:3f:e9:c0:4c:d0:77:70:
6c:13:85:93:12:d7:7f:f0:14:4f:c6:bb:c9:5f:c0:0b:0a:38:
5c:6b:d8:7c:b4:9a:b8:a3:d3:10:0a:16:a8:4f:cc:57:0d:33:
49:b4:95:b6:87:ad:88:3f:23:6e:18:ce:f9:00:5f:3b:26:f1:
7a:4f:4b:26:4e:8a:80:15:41:95:be:c8:ec:30:27:e5:12:20:
ad:78:92:2e:eb:46:56:71:0a:0e:0c:c0:3d:35:57:14:58:61:
4a:67:78:69:c9:0f:e4:c8:4e:46:b2:34:20:34:43:97:d5:c4:
19:ec:fa:dd:e1:cf:40:6d:0a:1f:92:e0:33:ee:c4:b1:88:76:
64:a7:41:6b:b1:e6:06:5a:9c:e5:75:ce:e0:99:14:d9:dc:90:
d7:42:8e:ca:2e:af:9c:4c:fa:11:8d:b9:c1:11:4a:93:ce:2e:
c7:c5:e2:bd:52:e9:44:ed:67:a9:3a:8a:68:88:3a:d9:e0:98:
42:6a:37:d8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYLBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDI3MDkyNjA1WhcNMjUxMTA4MDkyNjA1WjAYMRYw
FAYDVQQDEw02OGZmM2FiMy05M2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyFKpCk9KoT21hUCnYZJSUXWG2Sz3sAWTHkJfFY/zZoRbEHYsrq89rG14
5IS/9B9ev38qKCH0QRffZeMgux3/hFnXU/3mMJv1V4eiu6eBaDDFMA/siXD4/oTL
PofRDTtwM1kr/b9gIINu9bd6MlSgUiladKd7NypFV7fxzcIjOQupqao09d/1/M0O
eClWsPLZBHpA4lgFa5Wn9WaZuewjFkZ12J1y0S6pww9WrNk8NcEDWuS4X8eJ/YiN
JY4h1mmi039LqNym96+0N0acTibWRkeRQEhrKdiTpEVHwSuJfE/2MIj8c5CHf1JH
fg23Sle+VqQodxaBNDl/UsP+41AnMQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBfH
ctHZ3xjZbcmG7Zjr7ugFUdlYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GOTlGOTIwRUIzMTYxMUYwQTE3MzRCRTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO5UMA0GCSqGSIb3DQEBCwUA
A4IBAQA132KVhFH0B9cKkttfQ2F/kDkPR3nOSpXxZ8EGtlZ7gcpD0406x8mhcrzR
WbXEjVvb3vLZI39pVXcAJA7YBpjXfT/pwEzQd3BsE4WTEtd/8BRPxrvJX8ALCjhc
a9h8tJq4o9MQChaoT8xXDTNJtJW2h62IPyNuGM75AF87JvF6T0smToqAFUGVvsjs
MCflEiCteJIu60ZWcQoODMA9NVcUWGFKZ3hpyQ/kyE5GsjQgNEOX1cQZ7Prd4c9A
bQofkuAz7sSxiHZkp0FrseYGWpzldc7gmRTZ3JDXQo7KLq+cTPoRjbnBEUqTzi7H
xeK9UulE7WepOopoiDrZ4JhCajfY
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:58:58 2025 by rpki-client