Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B1F18D69F6A11F08A93A1E6DAE4EC9C.roa
File: 4B1F18D69F6A11F08A93A1E6DAE4EC9C.roa (raw, json)
Hash identifier: agjxYfouWcrL3oEV6Rpt8VPE/9czWvCyAjj5gluFJHw=
Subject key identifier: 38:FF:87:2F:5B:14:F6:58:45:6D:27:12:B8:CC:97:E1:7F:07:41:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017E62
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B1F18D69F6A11F08A93A1E6DAE4EC9C.roa
Signing time: Thu 02 Oct 2025 08:32:13 +0000
ROA not before: Thu 02 Oct 2025 08:32:07 +0000
ROA not after: Sat 08 Nov 2025 08:32:07 +0000
asID: 44559
IP address blocks: 156.238.33.0/24 maxlen: 24
156.246.21.0/24 maxlen: 24
156.246.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97890 (0x17e62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 2 08:32:07 2025 GMT
Not After : Nov 8 08:32:07 2025 GMT
Subject: CN=68de388d-cd32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:26:d7:1a:ae:4b:d4:ac:6d:28:e1:83:95:b8:
a6:48:f4:df:a5:6a:58:d1:42:84:ce:88:04:27:f7:
9d:da:ce:93:b7:6a:b1:c0:6e:2a:d9:bc:c5:69:20:
85:09:a7:63:0f:11:ac:b1:91:67:c1:20:01:1d:bc:
12:d1:6b:26:1b:fe:62:e0:84:ee:b0:5c:f9:b4:49:
d4:25:a7:b2:93:e9:bf:13:af:62:a4:26:a0:e8:e1:
06:cb:94:33:a9:f1:13:14:69:fb:15:76:b1:89:c4:
73:7c:05:87:6f:04:67:13:77:fb:2c:29:b9:68:62:
41:48:02:ef:f2:ab:b3:0b:14:8c:7b:fb:97:13:97:
62:8b:da:46:29:67:e5:b8:9e:15:00:0b:b0:95:92:
9a:34:dc:52:fb:e8:b5:af:df:3a:2b:b7:8a:0a:3c:
49:f9:d6:a5:a1:b6:e7:2f:cd:31:f6:24:b9:55:c5:
94:60:f3:c2:fc:28:9a:25:a8:05:fc:20:fa:21:eb:
17:c8:8a:e2:b8:1f:ad:1d:bf:1b:fe:1e:21:cd:36:
db:fa:c7:76:18:07:0e:65:e6:69:2c:f0:aa:df:d3:
ab:9a:2b:27:2e:7a:06:cd:30:de:88:e0:48:21:65:
db:37:75:62:eb:d6:15:62:b4:f0:0f:5d:1a:db:de:
8b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FF:87:2F:5B:14:F6:58:45:6D:27:12:B8:CC:97:E1:7F:07:41:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B1F18D69F6A11F08A93A1E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.33.0/24
156.246.21.0/24
156.246.31.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ea:47:b1:25:61:4a:11:36:0b:a4:45:d7:c6:43:6e:27:57:
e1:23:27:df:0c:52:3a:ef:bd:00:f5:36:ef:fa:8f:b6:22:39:
a9:a1:3e:f6:c2:20:11:a4:61:4f:a9:03:b7:07:e2:ee:7c:01:
dc:73:97:68:ad:c4:9a:ba:fa:1b:be:5b:ed:dd:be:33:20:a1:
e5:82:4c:99:a1:96:09:14:81:6a:7d:f1:fc:97:3c:84:64:83:
94:52:9d:a7:c2:7e:c3:25:4f:0c:3a:e9:76:3a:5c:7e:6d:d6:
e6:8d:b0:43:9d:eb:03:58:87:93:d0:84:fa:60:5b:53:e7:b2:
9c:c4:ab:35:9c:39:3e:28:a4:71:7d:ae:af:b8:a8:f7:c0:df:
95:46:30:4f:03:60:e5:54:22:f7:82:c8:1f:d6:42:ee:0c:b6:
42:56:8b:f2:27:6d:ec:eb:60:06:65:1a:eb:17:1b:1b:dc:74:
31:18:f5:87:40:58:53:06:48:96:86:13:d2:f2:94:35:cc:73:
1d:6c:af:86:d9:15:46:ac:66:32:ce:4f:bd:01:21:35:e1:c5:
9e:9a:92:d8:4b:ab:20:51:29:48:1c:eb:49:3a:8a:cb:37:62:
e5:00:57:9e:b8:97:1b:65:4e:e4:29:e7:df:82:93:45:7e:31:
7c:48:af:00
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAX5iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDAyMDgzMjA3WhcNMjUxMTA4MDgzMjA3WjAYMRYw
FAYDVQQDEw02OGRlMzg4ZC1jZDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2ybXGq5L1KxtKOGDlbimSPTfpWpY0UKEzogEJ/ed2s6Tt2qxwG4q2bzF
aSCFCadjDxGssZFnwSABHbwS0WsmG/5i4ITusFz5tEnUJaeyk+m/E69ipCag6OEG
y5QzqfETFGn7FXaxicRzfAWHbwRnE3f7LCm5aGJBSALv8quzCxSMe/uXE5dii9pG
KWfluJ4VAAuwlZKaNNxS++i1r986K7eKCjxJ+dalobbnL80x9iS5VcWUYPPC/Cia
JagF/CD6IesXyIriuB+tHb8b/h4hzTbb+sd2GAcOZeZpLPCq39OrmisnLnoGzTDe
iOBIIWXbN3Vi69YVYrTwD10a296LfwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFDj/
hy9bFPZYRW0nErjMl+F/B0HEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjFGMThENjlGNkExMUYwOEE5M0ExRTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnO4hAwQAnPYVAwQAnPYfMA0G
CSqGSIb3DQEBCwUAA4IBAQAt6kexJWFKETYLpEXXxkNuJ1fhIyffDFI6770A9Tbv
+o+2IjmpoT72wiARpGFPqQO3B+LufAHcc5dorcSauvobvlvt3b4zIKHlgkyZoZYJ
FIFqffH8lzyEZIOUUp2nwn7DJU8MOul2Olx+bdbmjbBDnesDWIeT0IT6YFtT57Kc
xKs1nDk+KKRxfa6vuKj3wN+VRjBPA2DlVCL3gsgf1kLuDLZCVovyJ23s62AGZRrr
Fxsb3HQxGPWHQFhTBkiWhhPS8pQ1zHMdbK+G2RVGrGYyzk+9ASE14cWempLYS6sg
USlIHOtJOorLN2LlAFeeuJcbZU7kKeffgpNFfjF8SK8A
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:06:57 2025 by rpki-client