Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E781EDC9EA011F08F7B04CCDAE4EC9C.roa
File: 7E781EDC9EA011F08F7B04CCDAE4EC9C.roa (raw, json)
Hash identifier: 95DB3L16Cu7xrEIZEw6FhpjU3L/7StBGtUSpCnlcHjY=
Subject key identifier: 11:ED:37:74:80:D9:85:FC:A5:DC:84:BA:81:F3:22:FF:94:09:CF:FA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017E42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E781EDC9EA011F08F7B04CCDAE4EC9C.roa
Signing time: Wed 01 Oct 2025 08:27:40 +0000
ROA not before: Wed 01 Oct 2025 08:27:35 +0000
ROA not after: Thu 30 Oct 2025 08:27:35 +0000
asID: 57043
IP address blocks: 156.229.232.0/23 maxlen: 24
156.229.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97858 (0x17e42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 1 08:27:35 2025 GMT
Not After : Oct 30 08:27:35 2025 GMT
Subject: CN=68dce5fc-acb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a8:bd:0c:fd:5c:95:9a:e8:6f:21:45:cf:1b:
2d:6a:62:53:d4:54:53:91:49:81:f4:f0:d3:96:09:
06:4e:fb:9d:04:4f:1c:94:74:11:09:23:39:5b:8e:
0f:d5:e9:df:49:8c:fb:00:b1:72:eb:c6:0c:18:58:
d1:ab:f4:aa:a9:a3:69:34:85:ca:0d:64:6e:7a:22:
d1:21:b5:08:cb:0c:1b:03:7a:df:6e:79:55:52:4e:
cf:0d:fe:5e:c8:36:86:75:dd:b8:bc:9b:2d:5b:41:
cc:4d:3a:1e:e3:b1:14:94:f1:60:8b:ff:c5:38:7b:
7a:1b:28:60:58:fb:dd:28:64:cc:a3:2d:c6:12:a1:
a1:46:2a:63:5b:70:e7:a1:79:1c:c3:e9:89:95:32:
ef:d8:18:54:77:e3:46:eb:3d:9b:72:cd:f8:06:12:
da:1e:d5:12:a5:8e:35:f8:76:71:bf:0d:ad:a4:41:
91:58:ff:7e:1d:13:42:51:8d:77:8d:91:7f:4c:17:
fd:69:01:90:e0:9b:a9:77:c4:94:5f:c4:db:a9:4a:
4d:8f:b9:ee:00:ed:19:a9:e6:0c:27:fb:42:25:9c:
a4:a2:df:17:cd:01:cf:6a:45:ea:13:be:1f:b6:9c:
84:bc:c8:77:36:a6:bb:e1:db:06:fc:5e:41:02:2a:
20:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:ED:37:74:80:D9:85:FC:A5:DC:84:BA:81:F3:22:FF:94:09:CF:FA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E781EDC9EA011F08F7B04CCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.232.0/22
Signature Algorithm: sha256WithRSAEncryption
24:a3:67:2e:fd:1c:e3:a3:3e:11:76:37:78:4d:56:1c:61:d3:
22:21:e6:5c:8e:e8:c2:c2:61:c9:17:9f:24:a1:60:dc:5e:0a:
e7:88:97:3c:83:e0:d6:f5:58:7e:55:47:19:79:7d:81:ce:62:
41:7f:75:05:47:7c:1d:7c:20:32:69:2f:d2:2a:57:1c:ec:bc:
ee:b0:f4:0f:57:11:98:2f:19:c5:67:d7:35:fe:94:2a:a3:34:
71:27:fd:8b:ce:a9:d3:a5:f3:61:0e:9d:e9:d8:74:5d:02:c9:
c3:d2:76:f3:2b:cd:3f:fb:a4:32:fe:2d:01:d6:bf:a4:4f:d5:
e9:09:f6:00:bc:56:d4:08:cf:97:b7:1e:16:94:94:de:a8:15:
c4:cb:f5:ef:73:a6:bc:fc:8e:e4:4f:0c:40:2e:3d:ce:6b:9e:
c5:a3:1a:c0:b9:74:55:88:7c:92:9a:d8:0a:79:0c:c7:27:d1:
4d:0f:ee:0d:c0:59:95:f7:92:83:1c:5a:62:93:e8:97:6c:5e:
aa:46:6c:8d:f0:8d:fb:1c:7c:e4:ae:2e:ca:a6:d9:de:ff:b3:
86:df:2c:24:79:d6:7d:88:d9:49:ec:0f:d8:52:30:3f:e7:6b:
4b:9a:71:cb:ad:d9:77:c5:b3:80:d5:97:8d:88:78:41:93:73:
89:a1:6c:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX5CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDAxMDgyNzM1WhcNMjUxMDMwMDgyNzM1WjAYMRYw
FAYDVQQDEw02OGRjZTVmYy1hY2I1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx6i9DP1clZrobyFFzxstamJT1FRTkUmB9PDTlgkGTvudBE8clHQRCSM5
W44P1enfSYz7ALFy68YMGFjRq/SqqaNpNIXKDWRueiLRIbUIywwbA3rfbnlVUk7P
Df5eyDaGdd24vJstW0HMTToe47EUlPFgi//FOHt6GyhgWPvdKGTMoy3GEqGhRipj
W3DnoXkcw+mJlTLv2BhUd+NG6z2bcs34BhLaHtUSpY41+HZxvw2tpEGRWP9+HRNC
UY13jZF/TBf9aQGQ4Jupd8SUX8TbqUpNj7nuAO0ZqeYMJ/tCJZykot8XzQHPakXq
E74ftpyEvMh3Nqa74dsG/F5BAiogdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBHt
N3SA2YX8pdyEuoHzIv+UCc/6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RTc4MUVEQzlFQTAxMUYwOEY3QjA0Q0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOXoMA0GCSqGSIb3DQEBCwUA
A4IBAQAko2cu/Rzjoz4Rdjd4TVYcYdMiIeZcjujCwmHJF58koWDcXgrniJc8g+DW
9Vh+VUcZeX2BzmJBf3UFR3wdfCAyaS/SKlcc7LzusPQPVxGYLxnFZ9c1/pQqozRx
J/2LzqnTpfNhDp3p2HRdAsnD0nbzK80/+6Qy/i0B1r+kT9XpCfYAvFbUCM+Xtx4W
lJTeqBXEy/Xvc6a8/I7kTwxALj3Oa57FoxrAuXRViHySmtgKeQzHJ9FND+4NwFmV
95KDHFpik+iXbF6qRmyN8I37HHzkri7Kptne/7OG3ywkedZ9iNlJ7A/YUjA/52tL
mnHLrdl3xbOA1ZeNiHhBk3OJoWzE
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:41 2025 by rpki-client