Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07BC40329D6711F08BA76ACFDAE4EC9C.roa
File: 07BC40329D6711F08BA76ACFDAE4EC9C.roa (raw, json)
Hash identifier: ZzQ/iJ6kG3hABJ5dxz5CmshJPws0KJpt9phe5biH6O8=
Subject key identifier: A1:0B:6E:50:C6:22:49:D5:64:18:D8:E3:5D:7F:D8:B8:9B:C2:DF:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017DDB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07BC40329D6711F08BA76ACFDAE4EC9C.roa
Signing time: Mon 29 Sep 2025 19:03:49 +0000
ROA not before: Mon 29 Sep 2025 19:03:44 +0000
ROA not after: Sat 01 Nov 2025 19:03:44 +0000
asID: 62513
IP address blocks: 156.225.32.0/21 maxlen: 24
156.225.40.0/24 maxlen: 24
156.225.43.0/24 maxlen: 24
156.225.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97755 (0x17ddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 19:03:44 2025 GMT
Not After : Nov 1 19:03:44 2025 GMT
Subject: CN=68dad815-570f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:60:31:52:26:ef:05:a8:9a:5b:6f:dd:40:
2b:88:1a:54:23:ee:56:39:ed:be:9f:0a:c3:5c:71:
dc:c1:40:0a:df:11:45:70:cb:83:09:78:92:56:d0:
ec:08:1e:04:3c:6c:08:7b:57:a8:a0:05:cf:cf:61:
87:d4:a5:7c:4e:12:eb:4b:06:5e:5c:49:b6:46:0d:
ad:01:a1:6b:9c:30:32:1b:fe:51:bf:ad:ee:70:72:
61:73:f5:93:61:34:79:43:f8:db:8e:37:db:d0:d1:
7c:31:27:1d:c9:11:c9:1b:5a:63:ad:0b:b8:c3:66:
46:fd:40:5f:94:f6:06:be:d6:8f:b1:36:c3:4e:d9:
6f:95:fd:fa:29:e2:6a:17:50:02:7b:48:b0:37:2d:
2a:0d:f2:1b:45:4b:56:07:07:f1:6f:d5:a2:44:f7:
3d:c2:92:a9:7b:28:d2:23:c1:b4:cb:34:7e:b4:d7:
85:0d:d1:71:78:fb:9c:8c:09:64:ea:bd:6c:f0:a7:
db:bb:fc:20:71:46:1d:2c:05:21:4a:01:98:71:6d:
45:8e:6f:4d:f2:ac:8a:aa:5c:8d:23:6d:f9:d3:93:
a7:46:ba:ac:5d:58:c7:a8:c4:0c:aa:47:41:af:a5:
53:9a:35:09:bc:bf:1e:cd:d9:91:a7:da:82:8b:26:
a8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0B:6E:50:C6:22:49:D5:64:18:D8:E3:5D:7F:D8:B8:9B:C2:DF:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/07BC40329D6711F08BA76ACFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.32.0-156.225.40.255
156.225.43.0-156.225.44.255
Signature Algorithm: sha256WithRSAEncryption
0a:0e:96:c6:cf:a2:a8:ea:c4:43:6e:10:41:2e:82:1f:e2:5b:
fb:1a:3f:e5:ff:d1:71:de:2c:a0:21:6c:88:c5:69:2b:e8:08:
3b:b1:ac:b6:a3:50:8a:3b:a3:d0:89:f9:4f:52:1d:ed:49:62:
fb:4a:dc:60:8d:f9:f8:45:21:63:ef:e0:56:45:6f:ea:7c:22:
c8:9c:36:5e:d4:f4:f4:77:0b:b5:0f:89:d5:13:71:ea:61:2c:
5e:90:8c:41:32:4e:7b:9d:3f:29:a3:c9:b5:d7:72:9f:8c:c3:
da:92:b7:89:58:ea:b5:6d:af:d6:b6:df:54:94:1c:ca:a8:2e:
4e:45:0d:58:f4:60:16:11:99:74:4c:33:aa:08:a3:fc:de:23:
ab:a5:73:8f:39:f5:85:4e:7a:d2:70:37:2d:99:be:b3:9a:29:
84:69:4f:f4:de:69:0d:c3:c4:c0:4f:d2:34:36:d8:e5:99:22:
4f:df:cb:3f:53:b4:e1:a2:35:42:72:76:95:5c:d6:a8:e3:3d:
16:a7:ea:fa:35:bd:a9:ec:59:17:71:b0:20:4b:5a:d4:50:c9:
4d:ca:f9:43:c7:51:1f:d5:e5:77:2c:7a:41:aa:1b:ba:64:7e:
1d:a7:ef:ea:3e:0c:85:34:c7:52:76:6a:1e:08:ce:c4:50:4d:
88:6f:37:a0
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAX3bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI5MTkwMzQ0WhcNMjUxMTAxMTkwMzQ0WjAYMRYw
FAYDVQQDEw02OGRhZDgxNS01NzBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo/ZgMVIm7wWomltv3UAriBpUI+5WOe2+nwrDXHHcwUAK3xFFcMuDCXiS
VtDsCB4EPGwIe1eooAXPz2GH1KV8ThLrSwZeXEm2Rg2tAaFrnDAyG/5Rv63ucHJh
c/WTYTR5Q/jbjjfb0NF8MScdyRHJG1pjrQu4w2ZG/UBflPYGvtaPsTbDTtlvlf36
KeJqF1ACe0iwNy0qDfIbRUtWBwfxb9WiRPc9wpKpeyjSI8G0yzR+tNeFDdFxePuc
jAlk6r1s8Kfbu/wgcUYdLAUhSgGYcW1Fjm9N8qyKqlyNI23505OnRrqsXVjHqMQM
qkdBr6VTmjUJvL8ezdmRp9qCiyaotwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFKEL
blDGIknVZBjY411/2Libwt9SMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wN0JDNDAzMjlENjcxMUYwOEJBNzZBQ0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAWc4SADBACc4SgwDAMEAJzh
KwMEAJzhLDANBgkqhkiG9w0BAQsFAAOCAQEACg6Wxs+iqOrEQ24QQS6CH+Jb+xo/
5f/Rcd4soCFsiMVpK+gIO7GstqNQijuj0In5T1Id7Uli+0rcYI35+EUhY+/gVkVv
6nwiyJw2XtT09HcLtQ+J1RNx6mEsXpCMQTJOe50/KaPJtddyn4zD2pK3iVjqtW2v
1rbfVJQcyqguTkUNWPRgFhGZdEwzqgij/N4jq6Vzjzn1hU560nA3LZm+s5ophGlP
9N5pDcPEwE/SNDbY5ZkiT9/LP1O04aI1QnJ2lVzWqOM9Fqfq+jW9qexZF3GwIEta
1FDJTcr5Q8dRH9Xldyx6QaobumR+Hafv6j4MhTTHUnZqHgjOxFBNiG83oA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:43 2025 by rpki-client