Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79CE42EA7F4611F08B9D7794DAE4EC9C.roa
File: 79CE42EA7F4611F08B9D7794DAE4EC9C.roa (raw, json)
Hash identifier: ELtllctN8Bu8nHBlJa/C4fupMWle0p3Dg8BZTDEUS7M=
Subject key identifier: 1C:1D:D1:33:94:BC:78:ED:B3:D9:0B:1C:2A:30:59:5D:A9:3C:72:B9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016EB8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79CE42EA7F4611F08B9D7794DAE4EC9C.roa
Signing time: Fri 22 Aug 2025 10:55:12 +0000
ROA not before: Fri 22 Aug 2025 10:55:07 +0000
ROA not after: Sun 05 Jul 2026 10:55:07 +0000
asID: 9318
IP address blocks: 156.228.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93880 (0x16eb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 22 10:55:07 2025 GMT
Not After : Jul 5 10:55:07 2026 GMT
Subject: CN=68a84c90-457e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:57:52:20:2b:09:1f:4c:79:c2:25:d6:fa:c4:
5d:4b:fc:1a:d0:49:84:3a:0a:77:02:0e:c1:d7:50:
eb:f4:79:cd:ea:87:b2:a2:2b:cf:ee:c8:de:4a:ac:
07:29:a8:e1:e5:3f:38:4b:1b:d1:72:0b:01:aa:e3:
5e:db:05:5a:9a:20:ea:d8:23:3d:41:b2:09:e0:1e:
b6:b3:19:8e:0a:19:a3:70:21:26:71:e6:f5:3d:41:
2f:b6:7a:12:43:5f:60:5c:b2:8e:eb:5f:5e:ff:b8:
5c:0b:6b:99:7f:0a:e2:94:08:d9:57:48:dc:cd:12:
7c:86:99:3a:64:de:72:d0:54:04:e4:46:16:a5:58:
4a:d3:f1:00:fc:2d:f2:72:5e:6c:bd:f0:13:64:68:
c4:a7:9c:70:9e:38:b1:44:8f:41:52:28:4c:ce:08:
1e:eb:22:e1:19:a4:e7:c2:76:8d:d3:7e:eb:da:22:
1c:71:b4:e6:85:fd:96:f0:f4:1e:77:31:f3:30:5a:
6e:a4:38:b0:cf:18:81:e4:71:c6:c4:60:9c:41:3d:
a3:17:f2:b7:18:97:39:18:11:fe:5e:9b:fc:36:95:
81:e2:15:ea:a3:9e:40:be:c6:5f:e3:be:0a:a4:6c:
60:50:92:01:f3:d5:78:57:1c:42:cb:9f:6d:88:1c:
3f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1D:D1:33:94:BC:78:ED:B3:D9:0B:1C:2A:30:59:5D:A9:3C:72:B9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79CE42EA7F4611F08B9D7794DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.2.0/24
Signature Algorithm: sha256WithRSAEncryption
25:a2:1f:38:91:90:87:4f:8c:94:e5:5d:0e:ab:6c:f2:f6:4d:
f5:ed:4c:34:be:61:35:9a:93:f7:f0:ec:8a:e7:ae:1b:63:06:
f5:8b:6d:3d:6c:9c:53:c1:b0:ed:13:77:97:61:a3:f3:27:e6:
9b:b9:b9:be:dd:28:dd:b1:04:87:c1:93:ab:79:03:a3:4f:47:
3b:64:92:5b:ef:44:4f:ad:4f:d1:79:cf:d4:51:06:0d:da:53:
b1:ee:2e:6e:94:d6:70:00:52:a2:44:35:bb:9e:33:93:2a:d3:
eb:c5:54:14:c8:2f:9b:ff:97:ca:b3:19:76:f1:68:7d:20:a3:
7c:b3:d2:b2:29:3f:d5:c0:89:0d:13:a9:46:fc:2c:15:95:c9:
4c:de:d0:54:74:09:fb:58:95:09:f8:c1:8d:38:f1:90:b5:49:
ff:fb:d3:05:a4:e7:db:29:91:08:dd:c4:c2:b1:69:67:4a:c8:
de:30:02:45:9e:f3:72:fd:62:7f:11:82:0c:ca:73:06:d7:e0:
34:86:75:0d:d9:54:a9:87:82:8d:29:b1:44:92:59:b3:62:7a:
af:da:8b:7f:ab:20:03:5e:18:c1:6c:23:21:eb:90:d9:2e:e0:
1e:ee:21:df:d2:d3:9f:0e:60:e5:50:7a:5b:86:a2:9f:00:ed:
af:9a:36:ba
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAW64MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIyMTA1NTA3WhcNMjYwNzA1MTA1NTA3WjAYMRYw
FAYDVQQDEw02OGE4NGM5MC00NTdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFdSICsJH0x5wiXW+sRdS/wa0EmEOgp3Ag7B11Dr9HnN6oeyoivP7sje
SqwHKajh5T84SxvRcgsBquNe2wVamiDq2CM9QbIJ4B62sxmOChmjcCEmceb1PUEv
tnoSQ19gXLKO619e/7hcC2uZfwrilAjZV0jczRJ8hpk6ZN5y0FQE5EYWpVhK0/EA
/C3ycl5svfATZGjEp5xwnjixRI9BUihMzgge6yLhGaTnwnaN037r2iIccbTmhf2W
8PQedzHzMFpupDiwzxiB5HHGxGCcQT2jF/K3GJc5GBH+Xpv8NpWB4hXqo55AvsZf
474KpGxgUJIB89V4VxxCy59tiBw/gwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBwd
0TOUvHjts9kLHCowWV2pPHK5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OUNFNDJFQTdGNDYxMUYwOEI5RDc3OTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQCMA0GCSqGSIb3DQEBCwUA
A4IBAQAloh84kZCHT4yU5V0Oq2zy9k317Uw0vmE1mpP38OyK564bYwb1i209bJxT
wbDtE3eXYaPzJ+abubm+3SjdsQSHwZOreQOjT0c7ZJJb70RPrU/Rec/UUQYN2lOx
7i5ulNZwAFKiRDW7njOTKtPrxVQUyC+b/5fKsxl28Wh9IKN8s9KyKT/VwIkNE6lG
/CwVlclM3tBUdAn7WJUJ+MGNOPGQtUn/+9MFpOfbKZEI3cTCsWlnSsjeMAJFnvNy
/WJ/EYIMynMG1+A0hnUN2VSph4KNKbFEklmzYnqv2ot/qyADXhjBbCMh65DZLuAe
7iHf0tOfDmDlUHpbhqKfAO2vmja6
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:17:40 2025 by rpki-client