Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/012BF828879D11F08B8857E7DAE4EC9C.roa
File: 012BF828879D11F08B8857E7DAE4EC9C.roa (raw, json)
Hash identifier: nm+H7nAUx/oDHDcQRekrJXCAG25g+/F/FZgeABbcMvA=
Subject key identifier: 9D:3E:29:84:EF:6B:B1:BC:9F:CD:2A:64:5E:AE:B5:CE:66:2B:F3:60
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0175CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/012BF828879D11F08B8857E7DAE4EC9C.roa
Signing time: Tue 02 Sep 2025 01:34:45 +0000
ROA not before: Tue 02 Sep 2025 01:34:40 +0000
ROA not after: Thu 02 Oct 2025 01:34:40 +0000
asID: 213707
IP address blocks: 156.225.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95695 (0x175cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 2 01:34:40 2025 GMT
Not After : Oct 2 01:34:40 2025 GMT
Subject: CN=68b649b5-d9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6f:05:18:8b:0a:8c:aa:bb:dd:dc:df:48:e6:
a5:b8:40:28:57:58:e7:4b:ec:58:ce:e2:06:a2:fd:
ab:93:b9:48:87:35:02:b0:9a:60:9a:67:50:9c:f0:
2d:f1:57:88:8d:b3:15:36:cc:e4:a6:63:a2:19:82:
20:1a:49:b6:3b:47:92:20:40:9a:25:81:6f:1e:2e:
4d:6f:08:f3:c7:b2:e4:53:22:05:ed:de:24:ac:84:
8c:c5:38:06:63:23:83:27:c7:44:44:f0:cf:ed:a0:
f5:79:12:74:d9:1a:aa:fd:6c:07:fc:a6:f6:bb:5e:
7d:15:55:74:98:1b:83:2d:3f:e1:50:df:ed:f6:5d:
b8:d6:f5:fa:ae:8e:22:79:12:8b:0d:dc:81:05:a1:
d9:62:e7:33:f0:eb:9d:a9:a0:d7:a8:cd:23:df:8e:
29:ca:66:d6:4e:e5:61:35:99:16:95:49:9f:6e:47:
a1:ab:c3:e0:51:44:53:9f:77:74:ee:57:8b:1b:af:
24:b8:5c:c7:46:e3:cb:ca:46:67:99:10:16:c0:ed:
93:cf:fc:c8:85:1b:38:83:13:8b:aa:ea:aa:1e:71:
a6:ed:33:aa:4b:e3:3d:9a:d1:7c:02:5b:1b:28:05:
e1:7a:0c:6e:4b:33:40:6f:ed:e8:20:74:87:b9:f3:
83:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3E:29:84:EF:6B:B1:BC:9F:CD:2A:64:5E:AE:B5:CE:66:2B:F3:60
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/012BF828879D11F08B8857E7DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.41.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:d7:f7:4a:75:69:3b:fe:14:40:90:88:2d:81:79:73:0a:3f:
ac:eb:7a:8f:ce:43:90:e6:b5:9c:5d:f5:22:ed:5a:48:08:7b:
93:66:88:6c:69:5e:6b:92:97:9a:53:97:78:e7:78:38:4f:9a:
00:b7:53:a5:de:44:05:15:a4:8f:25:c6:a5:26:6e:e3:f6:93:
aa:b3:66:a8:ef:e7:0a:9d:0a:a5:55:5f:eb:76:68:e8:74:dd:
56:02:f0:65:da:f7:ff:73:f0:21:85:7c:ed:ab:42:bb:3f:44:
eb:d2:b4:bb:c4:6a:d3:31:14:b2:39:8b:2a:ed:aa:c2:1e:f4:
8d:f7:19:57:3a:e1:93:25:46:f4:a8:7d:46:17:b4:86:22:3b:
ec:7a:39:0b:44:08:ea:c8:0e:04:b8:dc:91:25:6f:f4:bd:07:
f4:45:96:4f:b3:9b:bc:27:ef:46:63:0f:f8:d3:bf:3a:fd:81:
ec:43:d6:10:e6:68:98:17:f5:71:a5:85:af:a8:d4:1c:58:2e:
88:df:ff:f9:73:53:92:d8:0b:26:36:ed:22:ce:83:3c:19:b3:
dd:75:2d:82:c0:bc:f8:87:60:7b:3c:aa:5e:68:06:b9:34:6a:
22:b8:ce:58:a0:09:78:a7:8a:b2:bb:e5:1b:f8:75:e9:02:0c:
78:2b:e0:2c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXXPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAyMDEzNDQwWhcNMjUxMDAyMDEzNDQwWjAYMRYw
FAYDVQQDEw02OGI2NDliNS1kOWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqm8FGIsKjKq73dzfSOaluEAoV1jnS+xYzuIGov2rk7lIhzUCsJpgmmdQ
nPAt8VeIjbMVNszkpmOiGYIgGkm2O0eSIECaJYFvHi5Nbwjzx7LkUyIF7d4krISM
xTgGYyODJ8dERPDP7aD1eRJ02Rqq/WwH/Kb2u159FVV0mBuDLT/hUN/t9l241vX6
ro4ieRKLDdyBBaHZYucz8OudqaDXqM0j344pymbWTuVhNZkWlUmfbkehq8PgUURT
n3d07leLG68kuFzHRuPLykZnmRAWwO2Tz/zIhRs4gxOLquqqHnGm7TOqS+M9mtF8
AlsbKAXhegxuSzNAb+3oIHSHufODOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ0+
KYTva7G8n80qZF6utc5mK/NgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMTJCRjgyODg3OUQxMUYwOEI4ODU3RTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEpMA0GCSqGSIb3DQEBCwUA
A4IBAQBu1/dKdWk7/hRAkIgtgXlzCj+s63qPzkOQ5rWcXfUi7VpICHuTZohsaV5r
kpeaU5d453g4T5oAt1Ol3kQFFaSPJcalJm7j9pOqs2ao7+cKnQqlVV/rdmjodN1W
AvBl2vf/c/AhhXztq0K7P0Tr0rS7xGrTMRSyOYsq7arCHvSN9xlXOuGTJUb0qH1G
F7SGIjvsejkLRAjqyA4EuNyRJW/0vQf0RZZPs5u8J+9GYw/40786/YHsQ9YQ5miY
F/VxpYWvqNQcWC6I3//5c1OS2AsmNu0izoM8GbPddS2CwLz4h2B7PKpeaAa5NGoi
uM5YoAl4p4qyu+Ub+HXpAgx4K+As
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:22:02 2025 by rpki-client