Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A3754168B1711F0A9F5B28DDAE4EC9C.roa
File: 1A3754168B1711F0A9F5B28DDAE4EC9C.roa (raw, json)
Hash identifier: 2zV6JGVPaDRjFRrfXK5EkCvaYBIKIGE2aSNHJggvrDQ=
Subject key identifier: 29:18:60:17:B8:E2:0F:5E:DD:65:F0:0F:FD:36:9E:20:4B:9E:86:69
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01794D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A3754168B1711F0A9F5B28DDAE4EC9C.roa
Signing time: Sat 06 Sep 2025 11:46:19 +0000
ROA not before: Sat 06 Sep 2025 11:46:13 +0000
ROA not after: Thu 03 Sep 2026 11:46:13 +0000
asID: 398704
IP address blocks: 156.245.192.0/23 maxlen: 24
156.245.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 20 Sep 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96589 (0x1794d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 6 11:46:13 2025 GMT
Not After : Sep 3 11:46:13 2026 GMT
Subject: CN=68bc1f0b-d72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:38:5f:3c:20:55:9d:3f:1a:c2:ff:3c:83:2a:
c9:1c:52:a5:c5:c5:4d:04:ca:ec:d9:9e:8d:1b:37:
75:13:9a:96:98:59:8d:9e:56:5d:78:78:2a:2a:7e:
6d:25:80:5b:4e:ae:b4:3c:3c:d1:7a:51:44:1d:83:
bf:58:13:58:12:13:cb:a8:02:46:53:54:53:c6:06:
59:cf:55:35:e9:a9:45:2c:3e:aa:58:16:25:16:f1:
00:08:a1:3f:4e:ae:93:4a:9f:28:0d:d4:ad:f1:22:
2a:03:52:a4:10:c7:49:dd:d0:ae:74:75:4c:69:1d:
6c:ac:ef:3f:c6:47:79:9f:25:4a:9e:5a:41:1b:37:
fe:87:26:4d:e6:2f:22:4f:e3:d3:5d:8c:10:3c:52:
dc:e9:40:c5:35:0c:2d:84:75:b5:e8:0b:f3:84:d7:
c8:78:cb:01:52:e2:18:fd:27:c4:eb:5d:6e:9a:94:
7e:56:56:d4:3e:8a:e3:4e:70:b4:aa:ba:a2:42:84:
05:f1:d4:77:f5:33:7f:a6:86:53:70:39:46:bb:2d:
81:5b:df:cf:8f:35:b6:13:f2:cb:ee:8b:5b:65:7d:
20:d7:a7:ea:1b:be:c2:44:84:72:88:1c:a2:9e:fd:
cb:34:16:68:0a:33:22:e2:cf:43:43:19:4c:97:eb:
e8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:18:60:17:B8:E2:0F:5E:DD:65:F0:0F:FD:36:9E:20:4B:9E:86:69
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1A3754168B1711F0A9F5B28DDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.192.0/23
Signature Algorithm: sha256WithRSAEncryption
14:9a:f9:d5:b5:ea:0d:a3:a2:23:92:78:1d:af:f1:82:f0:01:
f2:52:aa:c9:9a:9c:cc:b9:45:3e:3a:4a:05:c6:57:9d:1a:7b:
eb:c2:1b:19:be:a3:91:fd:1a:e1:92:8d:4d:c9:26:8d:06:bb:
96:35:f1:8f:66:c3:ab:58:de:56:66:9d:01:7d:a6:e6:38:7a:
19:e8:27:93:8b:ac:b2:a9:4e:ac:f7:7b:df:68:b7:03:ba:40:
4b:dc:58:20:18:cc:d3:34:d6:ff:ed:da:17:03:6a:55:03:de:
3a:07:5c:c5:e8:98:fa:f7:f4:5f:5c:2d:8e:c9:60:cd:54:94:
15:bc:97:f6:d3:cc:80:a2:15:5f:03:3b:da:6c:21:f9:7b:ce:
9a:67:d9:b5:5a:15:9a:1f:31:fa:14:38:74:02:47:77:3f:4e:
bf:b1:4f:d3:22:a3:1a:2b:88:b3:2b:31:ff:bc:68:d7:56:58:
10:bd:4d:28:b8:16:b3:6e:53:77:75:6e:3b:4f:25:9d:8b:b0:
b7:71:99:7b:48:7e:5f:3a:9d:c1:68:1c:60:22:11:6e:09:ef:
ea:1b:57:52:c2:5c:cd:c0:d8:4d:2b:9e:f5:38:2e:e3:27:cf:
a7:30:3a:68:4d:9e:39:f9:82:e8:4d:19:15:5b:99:d6:2d:d9:
3c:03:fc:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAXlNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTA2MTE0NjEzWhcNMjYwOTAzMTE0NjEzWjAYMRYw
FAYDVQQDEw02OGJjMWYwYi1kNzJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyzhfPCBVnT8awv88gyrJHFKlxcVNBMrs2Z6NGzd1E5qWmFmNnlZdeHgq
Kn5tJYBbTq60PDzRelFEHYO/WBNYEhPLqAJGU1RTxgZZz1U16alFLD6qWBYlFvEA
CKE/Tq6TSp8oDdSt8SIqA1KkEMdJ3dCudHVMaR1srO8/xkd5nyVKnlpBGzf+hyZN
5i8iT+PTXYwQPFLc6UDFNQwthHW16AvzhNfIeMsBUuIY/SfE611umpR+VlbUPorj
TnC0qrqiQoQF8dR39TN/poZTcDlGuy2BW9/PjzW2E/LL7otbZX0g16fqG77CRIRy
iByinv3LNBZoCjMi4s9DQxlMl+vovwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCkY
YBe44g9e3WXwD/02niBLnoZpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQTM3NTQxNjhCMTcxMUYwQTlGNUIyOEREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPXAMA0GCSqGSIb3DQEBCwUA
A4IBAQAUmvnVteoNo6Ijkngdr/GC8AHyUqrJmpzMuUU+OkoFxledGnvrwhsZvqOR
/Rrhko1NySaNBruWNfGPZsOrWN5WZp0BfabmOHoZ6CeTi6yyqU6s93vfaLcDukBL
3FggGMzTNNb/7doXA2pVA946B1zF6Jj69/RfXC2OyWDNVJQVvJf208yAohVfAzva
bCH5e86aZ9m1WhWaHzH6FDh0Akd3P06/sU/TIqMaK4izKzH/vGjXVlgQvU0ouBaz
blN3dW47TyWdi7C3cZl7SH5fOp3BaBxgIhFuCe/qG1dSwlzNwNhNK571OC7jJ8+n
MDpoTZ45+YLoTRkVW5nWLdk8A/xO
-----END CERTIFICATE-----
Generated at Thu Sep 18 02:51:26 2025 by rpki-client