Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29E532C8A76B11F0B579DFCADAE4EC9C.roa
File: 29E532C8A76B11F0B579DFCADAE4EC9C.roa (raw, json)
Hash identifier: 7ze9wkfQl0USVt9mOI6MMAAuOYmrh4Qsi0dttONRE9A=
Subject key identifier: D8:3A:37:A7:BB:B7:46:88:C6:68:D0:4F:27:60:5F:A0:B8:8E:94:75
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 018030
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29E532C8A76B11F0B579DFCADAE4EC9C.roa
Signing time: Sun 12 Oct 2025 12:58:36 +0000
ROA not before: Sun 12 Oct 2025 12:58:31 +0000
ROA not after: Thu 27 Nov 2025 12:58:31 +0000
asID: 134823
IP address blocks: 156.234.228.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98352 (0x18030)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 12 12:58:31 2025 GMT
Not After : Nov 27 12:58:31 2025 GMT
Subject: CN=68eba5fc-50a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7c:74:a0:6b:01:9d:ed:4a:07:74:99:ce:07:
2c:d8:ac:2d:8f:88:f5:c6:6a:fd:73:a3:42:62:ae:
38:3e:06:42:a4:46:88:1a:63:bd:1a:78:d7:92:12:
63:a9:ed:d6:f2:b5:2f:22:0d:77:1f:7f:17:16:14:
a4:8f:86:04:ce:51:43:27:c9:1d:a9:42:26:9d:73:
00:95:6e:5b:c0:c6:9e:44:70:9d:63:43:4b:cd:b3:
80:cd:63:e8:4b:c1:09:40:64:7c:28:ec:10:3e:4d:
d9:ea:a9:bf:8b:30:8c:9e:ff:9c:a1:3b:20:c3:e9:
ec:09:f8:2a:00:e5:05:ef:b8:13:04:01:b4:55:fe:
4b:cd:d2:5e:8d:23:b7:2c:dd:c2:20:01:ae:18:a5:
57:11:30:91:9d:ef:c8:64:19:a0:90:80:a3:25:5a:
8d:41:9c:26:9c:00:21:b5:62:23:1e:de:e4:51:c5:
b9:cd:9e:1d:cd:a0:a5:f0:ba:b4:e0:7e:c6:10:6c:
83:b0:8a:cc:5b:fa:f0:ff:65:20:a5:3e:e1:2c:90:
ff:54:8f:c8:9b:52:5a:91:f8:7f:e8:23:28:50:c1:
00:5f:59:96:6b:f1:b6:ab:20:b3:ba:7c:24:c1:50:
c5:ff:30:57:09:b8:6b:1b:ce:45:95:1a:f8:fc:34:
6b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3A:37:A7:BB:B7:46:88:C6:68:D0:4F:27:60:5F:A0:B8:8E:94:75
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29E532C8A76B11F0B579DFCADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.228.0/22
Signature Algorithm: sha256WithRSAEncryption
37:58:ba:ca:69:dd:e3:bd:77:89:6c:5b:9f:93:08:08:e5:33:
a8:7c:14:ec:4d:56:70:11:ce:cb:db:c5:c5:bd:69:f3:0e:54:
2d:87:8d:44:74:aa:8a:1e:1f:59:a1:ac:ba:df:b8:67:0e:86:
51:16:e8:1c:7c:7e:b2:d0:60:ee:6f:9b:1a:0d:7c:cf:d1:75:
65:8c:dc:70:e4:f0:c4:9e:c6:1b:37:c6:83:9d:95:0c:74:61:
02:87:f9:e9:f6:58:1e:af:43:34:b3:66:37:e2:38:c3:9e:a3:
17:17:78:43:47:43:df:ec:3d:b2:c2:08:f9:dd:d7:44:c6:01:
e1:0d:e3:b8:48:79:64:95:58:0b:e9:96:c9:ee:1c:26:6d:20:
43:b2:70:57:44:43:15:20:02:28:5e:b9:79:a4:a1:51:e9:2c:
15:71:ea:fc:7c:5a:ff:00:99:cb:5e:d2:8a:f8:5f:41:0c:6e:
cd:78:3d:6f:5e:87:15:20:f4:48:ad:23:02:8c:7f:05:aa:b9:
0e:bf:d0:a9:c6:66:1c:c9:a5:e3:7a:3f:c4:ab:73:ec:61:d5:
02:e6:ab:7f:3f:31:8f:d1:51:0c:4b:be:30:bc:a5:40:50:6e:
bf:3e:0c:ce:de:35:53:05:1e:48:c5:df:df:d5:f9:0c:70:e1:
ad:a0:d8:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAYAwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDEyMTI1ODMxWhcNMjUxMTI3MTI1ODMxWjAYMRYw
FAYDVQQDEw02OGViYTVmYy01MGEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo3x0oGsBne1KB3SZzgcs2Kwtj4j1xmr9c6NCYq44PgZCpEaIGmO9GnjX
khJjqe3W8rUvIg13H38XFhSkj4YEzlFDJ8kdqUImnXMAlW5bwMaeRHCdY0NLzbOA
zWPoS8EJQGR8KOwQPk3Z6qm/izCMnv+coTsgw+nsCfgqAOUF77gTBAG0Vf5LzdJe
jSO3LN3CIAGuGKVXETCRne/IZBmgkICjJVqNQZwmnAAhtWIjHt7kUcW5zZ4dzaCl
8Lq04H7GEGyDsIrMW/rw/2UgpT7hLJD/VI/Im1Jakfh/6CMoUMEAX1mWa/G2qyCz
unwkwVDF/zBXCbhrG85FlRr4/DRr2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNg6
N6e7t0aIxmjQTydgX6C4jpR1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOUU1MzJDOEE3NkIxMUYwQjU3OURGQ0FEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOrkMA0GCSqGSIb3DQEBCwUA
A4IBAQA3WLrKad3jvXeJbFufkwgI5TOofBTsTVZwEc7L28XFvWnzDlQth41EdKqK
Hh9Zoay637hnDoZRFugcfH6y0GDub5saDXzP0XVljNxw5PDEnsYbN8aDnZUMdGEC
h/np9lger0M0s2Y34jjDnqMXF3hDR0Pf7D2ywgj53ddExgHhDeO4SHlklVgL6ZbJ
7hwmbSBDsnBXREMVIAIoXrl5pKFR6SwVcer8fFr/AJnLXtKK+F9BDG7NeD1vXocV
IPRIrSMCjH8FqrkOv9CpxmYcyaXjej/Eq3PsYdUC5qt/PzGP0VEMS74wvKVAUG6/
PgzO3jVTBR5Ixd/f1fkMcOGtoNj1
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:07:03 2025 by rpki-client