Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2E2E7D8AA7A11F0AB9AB5DEDAE4EC9C.roa
File: C2E2E7D8AA7A11F0AB9AB5DEDAE4EC9C.roa (raw, json)
Hash identifier: HuivlXNxTyTgWi/52yBPnTfefzPZjdjLQjaN54XL1Fs=
Subject key identifier: D4:08:C6:1D:F3:C5:C2:E2:0E:3C:80:C7:44:61:4D:9F:EF:86:C8:80
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018120
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2E2E7D8AA7A11F0AB9AB5DEDAE4EC9C.roa
Signing time: Thu 16 Oct 2025 10:27:48 +0000
ROA not before: Thu 16 Oct 2025 10:27:43 +0000
ROA not after: Tue 25 Nov 2025 10:27:43 +0000
asID: 203020
IP address blocks: 156.229.122.0/23 maxlen: 24
156.229.240.0/22 maxlen: 24
156.233.196.0/22 maxlen: 24
156.233.200.0/22 maxlen: 24
156.238.172.0/22 maxlen: 24
156.238.184.0/22 maxlen: 24
156.243.152.0/22 maxlen: 24
156.243.208.0/21 maxlen: 24
156.249.72.0/21 maxlen: 24
156.249.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98592 (0x18120)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 16 10:27:43 2025 GMT
Not After : Nov 25 10:27:43 2025 GMT
Subject: CN=68f0c8a4-8dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7d:d9:e2:ea:78:e3:ad:ff:80:ba:ec:de:44:
0e:93:fb:6b:76:62:ca:0b:01:c3:aa:b8:4d:e3:45:
5d:0c:ad:ba:10:cc:36:b9:1a:b3:c5:7a:81:26:eb:
29:b2:44:c3:cf:1f:dc:c9:4b:fc:2c:59:bc:93:d6:
06:58:94:8e:21:22:4e:41:08:a9:98:e9:0c:46:82:
69:2d:b4:64:be:c2:c2:79:42:b4:58:d7:a0:22:ef:
9a:f9:2b:0e:c2:69:1b:40:2b:3d:f5:2a:f0:79:80:
d5:21:96:31:df:87:5f:dc:f6:bd:05:3b:bc:02:c2:
8a:b4:68:07:df:f3:a9:2c:56:b5:c7:96:4e:8b:51:
07:85:07:dc:f4:44:49:5f:9d:8d:98:58:9f:05:61:
95:df:b2:e7:5e:f7:48:0f:9a:87:d6:83:9e:b9:7f:
91:d6:e8:64:a0:8a:0c:28:48:ea:76:97:f6:72:ef:
e7:ad:b2:b6:d5:74:79:ab:95:87:59:96:4b:5a:30:
23:99:ef:73:fd:06:2b:b4:93:1c:87:11:8c:05:b1:
80:74:c6:84:7d:29:03:1b:5e:84:2a:9c:42:e4:3e:
a1:d7:94:e4:82:7c:16:ae:ae:fd:66:d0:e1:2f:9f:
b4:64:e8:e2:f6:26:c2:58:cd:d3:ff:32:0a:bf:4c:
fb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:08:C6:1D:F3:C5:C2:E2:0E:3C:80:C7:44:61:4D:9F:EF:86:C8:80
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2E2E7D8AA7A11F0AB9AB5DEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.122.0/23
156.229.240.0/22
156.233.196.0-156.233.203.255
156.238.172.0/22
156.238.184.0/22
156.243.152.0/22
156.243.208.0/21
156.249.72.0/21
156.249.104.0/21
Signature Algorithm: sha256WithRSAEncryption
87:d9:d2:e9:1a:38:b4:68:bc:f7:cf:8c:54:49:02:c9:05:8a:
4b:9b:17:de:84:b7:8a:74:fc:29:86:5b:b1:14:d7:60:14:67:
2e:29:e2:fb:fa:d3:2f:4e:31:21:83:c2:4d:f0:71:72:32:13:
65:a0:0d:73:72:4b:02:3a:40:b4:fc:f8:cf:7d:06:34:90:ae:
85:6c:51:c3:22:fa:f7:bc:dc:d1:92:9b:3c:18:97:1f:f3:b4:
79:7d:17:a8:6b:76:0c:8a:fe:f3:6a:0e:ce:ff:6a:19:19:8c:
6c:24:27:df:e3:25:19:37:d5:01:c1:6d:44:1e:53:f5:d7:03:
58:a0:b1:f9:05:72:5b:d0:60:93:72:47:49:28:fb:ed:a1:77:
00:03:9f:cb:1d:62:fb:93:0e:b2:5f:de:1b:d4:ec:85:4f:f5:
c3:8d:c6:2a:38:e6:7b:b4:d2:23:55:37:e7:e6:6a:9c:1b:88:
64:c5:2e:9e:c9:d9:7c:ca:bf:1c:f1:7c:2c:2d:55:69:a8:59:
8a:53:c2:ef:d9:2e:8e:b0:7a:82:fb:27:9d:98:e1:47:35:57:
4c:83:1b:96:a2:9a:d9:f5:b7:47:85:2c:24:37:5d:23:ce:a1:
21:a6:be:01:fa:cf:09:09:1f:2b:55:93:d8:16:c4:58:82:d0:
2f:b5:00:04
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAYEgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDE2MTAyNzQzWhcNMjUxMTI1MTAyNzQzWjAYMRYw
FAYDVQQDEw02OGYwYzhhNC04ZGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0H3Z4up4463/gLrs3kQOk/trdmLKCwHDqrhN40VdDK26EMw2uRqzxXqB
JuspskTDzx/cyUv8LFm8k9YGWJSOISJOQQipmOkMRoJpLbRkvsLCeUK0WNegIu+a
+SsOwmkbQCs99SrweYDVIZYx34df3Pa9BTu8AsKKtGgH3/OpLFa1x5ZOi1EHhQfc
9ERJX52NmFifBWGV37LnXvdID5qH1oOeuX+R1uhkoIoMKEjqdpf2cu/nrbK21XR5
q5WHWZZLWjAjme9z/QYrtJMchxGMBbGAdMaEfSkDG16EKpxC5D6h15TkgnwWrq79
ZtDhL5+0ZOji9ibCWM3T/zIKv0z7YwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFNQI
xh3zxcLiDjyAx0RhTZ/vhsiAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMkUyRTdEOEFBN0ExMUYwQUI5QUI1REVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBnOV6AwQCnOXwMAwDBAKc6cQD
BAKc6cgDBAKc7qwDBAKc7rgDBAKc85gDBAOc89ADBAOc+UgDBAOc+WgwDQYJKoZI
hvcNAQELBQADggEBAIfZ0ukaOLRovPfPjFRJAskFikubF96Et4p0/CmGW7EU12AU
Zy4p4vv60y9OMSGDwk3wcXIyE2WgDXNySwI6QLT8+M99BjSQroVsUcMi+ve83NGS
mzwYlx/ztHl9F6hrdgyK/vNqDs7/ahkZjGwkJ9/jJRk31QHBbUQeU/XXA1igsfkF
clvQYJNyR0ko++2hdwADn8sdYvuTDrJf3hvU7IVP9cONxio45nu00iNVN+fmapwb
iGTFLp7J2XzKvxzxfCwtVWmoWYpTwu/ZLo6weoL7J52Y4Uc1V0yDG5aimtn1t0eF
LCQ3XSPOoSGmvgH6zwkJHytVk9gWxFiC0C+1AAQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:49 2025 by rpki-client