Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85FE88E4A44511F08120B5E6DAE4EC9C.roa
File: 85FE88E4A44511F08120B5E6DAE4EC9C.roa (raw, json)
Hash identifier: rgsQQH/R+nQ4e4JEHymT0ad/kUYeTDM8GexxOm+eUl8=
Subject key identifier: 0E:E1:69:23:1F:58:D3:2A:24:EC:6E:F5:91:D3:93:E2:C6:14:25:E3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017F96
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85FE88E4A44511F08120B5E6DAE4EC9C.roa
Signing time: Wed 08 Oct 2025 12:51:36 +0000
ROA not before: Wed 08 Oct 2025 12:51:28 +0000
ROA not after: Sat 22 Nov 2025 12:51:28 +0000
asID: 401696
IP address blocks: 156.225.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98198 (0x17f96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 8 12:51:28 2025 GMT
Not After : Nov 22 12:51:28 2025 GMT
Subject: CN=68e65e58-e3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:69:a4:d9:d0:7a:54:bb:cf:32:0a:94:71:47:
c9:80:50:15:95:e1:1c:6f:49:e8:ec:33:f2:b0:44:
98:3e:28:8a:13:45:6d:4b:b8:1b:b6:56:98:6c:1d:
4f:f5:4e:fd:1e:c2:a7:62:f3:2a:8c:39:c5:ad:f6:
1c:3d:28:e6:f8:74:d3:eb:57:c5:a9:44:55:17:32:
0b:fd:a9:3a:1f:11:dc:1b:66:f1:6d:36:6e:2f:1b:
5f:b6:f7:12:79:8d:08:b0:ec:f0:e2:fe:14:ee:48:
9a:29:b4:8e:12:7f:0b:4b:17:bd:ca:32:9d:ba:74:
19:8b:8f:ac:d2:91:76:6b:29:f2:15:15:58:e1:2c:
bc:2a:cf:c5:ae:24:f3:d8:1d:35:24:f2:d4:6f:8d:
69:20:9f:80:51:c9:bb:62:59:df:e3:11:28:50:5c:
f3:37:01:72:f8:29:7c:90:54:c7:29:85:7c:c4:eb:
a2:7d:bc:9d:86:e6:a2:e6:01:55:89:7b:52:a3:e2:
25:f3:f8:c6:3b:12:de:d9:bc:37:97:d6:2d:8c:d8:
eb:e8:5b:10:14:b0:2e:93:ca:8b:4e:50:0c:d2:6c:
41:b8:47:a1:44:d3:b0:ac:ef:fc:4c:91:c0:0f:08:
40:f3:e7:39:52:c9:22:3a:5f:15:52:39:a0:81:d7:
e2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E1:69:23:1F:58:D3:2A:24:EC:6E:F5:91:D3:93:E2:C6:14:25:E3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85FE88E4A44511F08120B5E6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.16.0/20
Signature Algorithm: sha256WithRSAEncryption
91:34:c1:4e:4a:df:c8:35:94:04:7c:05:af:97:da:38:c4:c1:
68:4e:0f:75:2b:7b:31:2f:36:d5:87:65:18:b1:e3:c0:51:88:
d1:12:07:5b:e4:a6:61:ad:4a:f8:e9:9f:da:0d:42:2e:ad:31:
b5:3f:a5:45:37:0b:26:af:38:78:0d:e4:cc:b6:8f:4e:f2:0d:
b1:42:76:59:20:af:c1:14:41:90:00:a9:26:14:ad:63:36:de:
25:c3:78:c4:e1:5c:8a:9e:38:4b:c4:5a:38:d3:e0:56:b8:80:
ae:78:0d:d4:78:ee:38:bd:fc:6b:88:de:47:69:17:63:4b:d9:
45:da:41:b3:98:7b:f9:2c:ec:f2:2a:71:20:4f:32:4f:1f:7a:
d1:56:df:4d:bd:7a:e1:e8:f3:fa:e8:5d:42:82:cc:8b:3d:70:
dd:34:60:a3:ba:98:9f:f2:c7:2f:07:c7:52:ed:4f:36:4a:c2:
ba:95:5b:d4:8e:e2:88:f6:43:d1:6f:4d:0e:32:b3:c7:2f:d8:
ec:44:1a:5f:8e:55:d4:5f:60:43:1e:dd:05:8b:c4:d1:58:a1:
38:f5:5e:52:22:6a:93:2b:18:26:14:18:9f:30:3a:2b:6d:8d:
a5:f8:61:48:c0:9e:a7:4f:81:20:86:f5:47:49:8b:97:54:bb:
b5:12:72:5a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX+WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA4MTI1MTI4WhcNMjUxMTIyMTI1MTI4WjAYMRYw
FAYDVQQDEw02OGU2NWU1OC1lM2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzGmk2dB6VLvPMgqUcUfJgFAVleEcb0no7DPysESYPiiKE0VtS7gbtlaY
bB1P9U79HsKnYvMqjDnFrfYcPSjm+HTT61fFqURVFzIL/ak6HxHcG2bxbTZuLxtf
tvcSeY0IsOzw4v4U7kiaKbSOEn8LSxe9yjKdunQZi4+s0pF2aynyFRVY4Sy8Ks/F
riTz2B01JPLUb41pIJ+AUcm7Ylnf4xEoUFzzNwFy+Cl8kFTHKYV8xOuifbydhuai
5gFViXtSo+Il8/jGOxLe2bw3l9YtjNjr6FsQFLAuk8qLTlAM0mxBuEehRNOwrO/8
TJHADwhA8+c5UskiOl8VUjmggdfiwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFA7h
aSMfWNMqJOxu9ZHTk+LGFCXjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NUZFODhFNEE0NDUxMUYwODEyMEI1RTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOEQMA0GCSqGSIb3DQEBCwUA
A4IBAQCRNMFOSt/INZQEfAWvl9o4xMFoTg91K3sxLzbVh2UYsePAUYjREgdb5KZh
rUr46Z/aDUIurTG1P6VFNwsmrzh4DeTMto9O8g2xQnZZIK/BFEGQAKkmFK1jNt4l
w3jE4VyKnjhLxFo40+BWuICueA3UeO44vfxriN5HaRdjS9lF2kGzmHv5LOzyKnEg
TzJPH3rRVt9NvXrh6PP66F1CgsyLPXDdNGCjupif8scvB8dS7U82SsK6lVvUjuKI
9kPRb00OMrPHL9jsRBpfjlXUX2BDHt0Fi8TRWKE49V5SImqTKxgmFBifMDorbY2l
+GFIwJ6nT4EghvVHSYuXVLu1EnJa
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:01 2025 by rpki-client