Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D3F46C4995311F0A701F1E8DAE4EC9C.roa
File: 1D3F46C4995311F0A701F1E8DAE4EC9C.roa (raw, json)
Hash identifier: X1k8+lH6aXwcKg6DY7tjXLjNUa0G4qFzPFQManyC0vk=
Subject key identifier: 36:30:D6:7B:F0:BB:B0:6A:73:70:6F:5F:8B:BA:E0:76:82:8A:9D:0D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017CDD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D3F46C4995311F0A701F1E8DAE4EC9C.roa
Signing time: Wed 24 Sep 2025 14:31:10 +0000
ROA not before: Wed 24 Sep 2025 14:31:03 +0000
ROA not after: Wed 29 Oct 2025 14:31:03 +0000
asID: 3257
IP address blocks: 156.225.15.0/24 maxlen: 24
156.228.7.0/24 maxlen: 24
156.228.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97501 (0x17cdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 24 14:31:03 2025 GMT
Not After : Oct 29 14:31:03 2025 GMT
Subject: CN=68d400ae-a2b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:2d:89:fa:f8:74:78:c8:8b:92:47:6e:9a:
eb:a5:db:1b:ec:48:5f:6a:6f:0c:eb:36:56:22:f9:
0d:1f:a3:a6:ed:63:92:f2:87:ff:80:0d:2e:d6:e8:
64:f8:fe:98:77:41:a6:d3:29:f3:c1:39:62:48:d3:
7f:54:2f:cb:ed:39:90:56:9a:2b:b4:13:40:2c:4a:
e4:28:79:c8:3d:0c:3c:46:06:79:45:b1:0d:76:3f:
a1:3a:63:f0:4c:74:77:ab:e3:94:16:f3:5a:ad:c5:
e1:b5:ca:95:70:21:54:c2:64:db:b9:d2:4b:bf:da:
b0:23:60:06:a9:b3:32:99:7b:4c:2f:ec:50:36:b0:
ff:a9:97:8e:ff:bd:75:d4:85:53:39:07:ce:b5:57:
a2:57:12:b6:2c:c1:e3:cd:39:90:df:7f:cb:bc:ce:
01:99:e9:35:2b:bd:26:54:f1:7e:38:71:8e:14:15:
a6:2a:d8:fa:ce:e1:12:f6:47:47:b4:03:75:60:b6:
df:56:78:69:aa:ef:cd:20:94:a6:35:dd:0a:bf:b2:
03:a2:b7:f9:d9:d9:17:32:5a:8c:c6:b6:a1:44:9a:
4f:8b:e6:8c:0e:70:43:8b:f4:75:29:fc:b8:77:e0:
f2:59:70:0b:c4:4a:44:9e:be:b3:02:74:48:fb:cc:
b5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:30:D6:7B:F0:BB:B0:6A:73:70:6F:5F:8B:BA:E0:76:82:8A:9D:0D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D3F46C4995311F0A701F1E8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.15.0/24
156.228.7.0/24
156.228.9.0/24
Signature Algorithm: sha256WithRSAEncryption
09:80:c5:47:75:42:ba:0d:a7:b1:33:7d:72:23:93:47:10:c0:
22:0f:d6:26:5c:d5:63:3e:b9:55:6c:23:7a:c9:91:ca:53:69:
79:0e:95:6b:af:08:bd:01:01:71:48:5b:00:74:2b:d9:cc:db:
74:6f:d0:25:d9:6c:a2:d2:36:8a:4a:83:5b:5e:4a:34:b0:06:
25:50:27:e0:b6:d5:e0:35:9e:9d:90:7f:73:35:f4:f2:a4:b4:
c2:20:f6:3b:80:d8:e6:87:9d:35:63:14:53:79:f6:95:e4:2a:
5e:74:5e:0e:73:ba:3f:c1:c4:60:6e:ac:a2:02:a8:41:da:d2:
ba:0e:bb:6e:f3:6b:ea:21:88:a2:16:3b:89:d0:76:cc:de:09:
d7:9c:86:1f:41:a1:72:ab:96:df:8a:ee:93:8c:f8:7f:e8:79:
12:b4:fc:24:9e:3f:8c:e0:eb:44:e1:d1:f9:65:08:9a:ec:d5:
f1:fc:10:c0:e7:dd:20:f6:fb:d8:5f:f3:4c:b5:91:1a:08:e1:
d5:bd:c1:29:df:df:2a:66:24:c5:ef:4a:81:7e:3b:43:c1:e5:
fe:23:f4:c6:19:31:90:61:6c:45:33:6e:88:40:90:7d:e1:b6:
4f:f4:32:da:81:b9:99:dc:a1:96:3b:fd:ba:6d:f4:20:13:8b:
4b:e9:2d:d2
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAXzdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI0MTQzMTAzWhcNMjUxMDI5MTQzMTAzWjAYMRYw
FAYDVQQDEw02OGQ0MDBhZS1hMmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1ktifr4dHjIi5JHbprrpdsb7Ehfam8M6zZWIvkNH6Om7WOS8of/gA0u
1uhk+P6Yd0Gm0ynzwTliSNN/VC/L7TmQVportBNALErkKHnIPQw8RgZ5RbENdj+h
OmPwTHR3q+OUFvNarcXhtcqVcCFUwmTbudJLv9qwI2AGqbMymXtML+xQNrD/qZeO
/7111IVTOQfOtVeiVxK2LMHjzTmQ33/LvM4Bmek1K70mVPF+OHGOFBWmKtj6zuES
9kdHtAN1YLbfVnhpqu/NIJSmNd0Kv7IDorf52dkXMlqMxrahRJpPi+aMDnBDi/R1
Kfy4d+DyWXALxEpEnr6zAnRI+8y1CwIDAQABo4ICrjCCAqowHQYDVR0OBBYEFDYw
1nvwu7Bqc3BvX4u64HaCip0NMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDNGNDZDNDk5NTMxMUYwQTcwMUYxRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnOEPAwQAnOQHAwQAnOQJMA0G
CSqGSIb3DQEBCwUAA4IBAQAJgMVHdUK6DaexM31yI5NHEMAiD9YmXNVjPrlVbCN6
yZHKU2l5DpVrrwi9AQFxSFsAdCvZzNt0b9Al2Wyi0jaKSoNbXko0sAYlUCfgttXg
NZ6dkH9zNfTypLTCIPY7gNjmh501YxRTefaV5CpedF4Oc7o/wcRgbqyiAqhB2tK6
Drtu82vqIYiiFjuJ0HbM3gnXnIYfQaFyq5bfiu6TjPh/6HkStPwknj+M4OtE4dH5
ZQia7NXx/BDA590g9vvYX/NMtZEaCOHVvcEp398qZiTF70qBfjtDweX+I/TGGTGQ
YWxFM26IQJB94bZP9DLagbmZ3KGWO/26bfQgE4tL6S3S
-----END CERTIFICATE-----
Generated at Sun Oct 19 07:37:38 2025 by rpki-client