Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78C1BF949D0A11F0901B6B87DAE4EC9C.roa
File: 78C1BF949D0A11F0901B6B87DAE4EC9C.roa (raw, json)
Hash identifier: FMXsLIbSQJrPoGNFytl7kVwEO5VSQVueaV5niujIzuc=
Subject key identifier: C5:D6:A7:9E:B7:48:FD:7F:93:86:4C:69:98:1E:0A:72:69:C6:49:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017D99
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78C1BF949D0A11F0901B6B87DAE4EC9C.roa
Signing time: Mon 29 Sep 2025 08:01:16 +0000
ROA not before: Mon 29 Sep 2025 08:01:11 +0000
ROA not after: Sat 01 Nov 2025 08:01:11 +0000
asID: 9304
IP address blocks: 156.245.136.0/23 maxlen: 24
156.245.152.0/22 maxlen: 24
156.245.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97689 (0x17d99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 08:01:11 2025 GMT
Not After : Nov 1 08:01:11 2025 GMT
Subject: CN=68da3ccc-43c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:be:b2:f1:03:74:6d:ec:4d:73:ef:7c:ec:73:
c7:8b:27:dc:a1:85:0d:89:9d:42:93:73:5a:a7:95:
88:54:45:c2:9d:ec:c1:47:ef:e9:55:43:59:89:b0:
33:fb:92:61:28:a2:98:a3:a6:52:49:d9:75:5b:00:
39:ea:f7:f4:19:47:a0:56:ad:16:d3:08:26:58:77:
84:5e:15:1a:06:c8:93:93:62:15:33:f7:ba:77:6d:
45:dd:a8:dd:50:6e:02:b4:0f:cd:09:90:75:ee:01:
7e:44:be:fd:8a:bb:83:0d:88:2d:b0:ad:ef:9d:88:
cb:4e:13:30:a5:cf:c6:6e:95:6e:af:6a:8d:46:3e:
cd:35:b3:b0:de:eb:a3:77:ab:3f:dd:bb:e5:bd:5f:
e1:8e:76:6d:bc:91:15:4b:23:2d:55:72:ee:60:a5:
a1:91:67:80:d9:86:3b:f3:ff:6f:9d:ff:83:07:dd:
e5:d9:30:5e:a5:6d:68:e0:10:b8:89:14:ec:6b:24:
70:3a:d6:cd:8f:3d:3a:2d:3f:aa:9a:54:38:ba:7b:
68:16:6b:78:78:55:7f:c5:15:0f:52:70:b1:0d:18:
15:ac:e2:01:21:25:3f:f8:56:d2:d5:8e:58:21:1a:
05:22:e9:b5:b8:75:bf:27:e0:37:9e:0f:33:0d:3e:
8c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:D6:A7:9E:B7:48:FD:7F:93:86:4C:69:98:1E:0A:72:69:C6:49:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/78C1BF949D0A11F0901B6B87DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.136.0/23
156.245.152.0/21
Signature Algorithm: sha256WithRSAEncryption
a5:50:3b:57:6e:04:19:df:5f:b9:45:68:c8:54:84:d4:6f:6d:
7f:5e:ee:77:fe:a6:2e:de:dd:57:e1:0d:59:d8:30:74:47:f8:
89:36:a0:07:13:50:a4:ab:5c:ba:6d:16:c1:89:d2:34:3c:ec:
28:65:a5:fe:4a:41:4c:b2:37:40:02:da:18:84:ef:45:e0:08:
b0:f5:7c:91:10:14:b7:e2:04:74:77:4a:66:dc:95:b1:5e:dd:
4c:75:e1:e2:63:e7:cf:d1:35:c6:f0:23:cc:60:b0:4c:ad:80:
74:c8:8f:87:3e:6f:d7:03:92:b9:c8:2c:0d:6f:c4:78:d6:4c:
f5:45:6d:86:96:4f:0b:be:93:c6:a9:25:90:f3:7e:91:57:5e:
1b:f0:2d:4e:82:ee:de:02:7b:ba:8b:1d:4e:76:26:89:5e:3c:
a9:33:fc:e4:5b:da:f5:a6:f3:23:77:18:da:aa:72:1e:0f:16:
a2:ce:87:0f:22:ee:45:23:32:1d:83:90:ef:99:66:57:c2:40:
38:0d:f5:df:31:86:56:bf:ae:9f:57:1d:ea:a7:87:95:22:a9:
3d:ec:75:0c:22:3e:56:9f:a5:49:26:50:2e:1f:fe:3e:21:32:
24:b6:cc:42:ec:75:dd:0b:b5:86:5f:4b:13:cf:3b:7c:ff:fc:
8a:55:3a:18
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAX2ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI5MDgwMTExWhcNMjUxMTAxMDgwMTExWjAYMRYw
FAYDVQQDEw02OGRhM2NjYy00M2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1L6y8QN0bexNc+987HPHiyfcoYUNiZ1Ck3Nap5WIVEXCnezBR+/pVUNZ
ibAz+5JhKKKYo6ZSSdl1WwA56vf0GUegVq0W0wgmWHeEXhUaBsiTk2IVM/e6d21F
3ajdUG4CtA/NCZB17gF+RL79iruDDYgtsK3vnYjLThMwpc/GbpVur2qNRj7NNbOw
3uujd6s/3bvlvV/hjnZtvJEVSyMtVXLuYKWhkWeA2YY78/9vnf+DB93l2TBepW1o
4BC4iRTsayRwOtbNjz06LT+qmlQ4untoFmt4eFV/xRUPUnCxDRgVrOIBISU/+FbS
1Y5YIRoFIum1uHW/J+A3ng8zDT6MxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMXW
p563SP1/k4ZMaZgeCnJpxkkpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OEMxQkY5NDlEMEExMUYwOTAxQjZCODdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnPWIAwQDnPWYMA0GCSqGSIb3
DQEBCwUAA4IBAQClUDtXbgQZ31+5RWjIVITUb21/Xu53/qYu3t1X4Q1Z2DB0R/iJ
NqAHE1Ckq1y6bRbBidI0POwoZaX+SkFMsjdAAtoYhO9F4Aiw9XyREBS34gR0d0pm
3JWxXt1MdeHiY+fP0TXG8CPMYLBMrYB0yI+HPm/XA5K5yCwNb8R41kz1RW2Glk8L
vpPGqSWQ836RV14b8C1Ogu7eAnu6ix1OdiaJXjypM/zkW9r1pvMjdxjaqnIeDxai
zocPIu5FIzIdg5DvmWZXwkA4DfXfMYZWv66fVx3qp4eVIqk97HUMIj5Wn6VJJlAu
H/4+ITIktsxC7HXdC7WGX0sTzzt8//yKVToY
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:51:23 2025 by rpki-client