Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BC28960939D11F0AE2D857FDAE4EC9C.roa
File: 7BC28960939D11F0AE2D857FDAE4EC9C.roa (raw, json)
Hash identifier: lFVuRli3M5X4qtuwFqvjUiI2ejlBNfmMstFzSjZ77+U=
Subject key identifier: B3:39:24:05:72:7A:6C:B3:01:6C:B9:1D:E7:AE:AF:80:94:F5:3E:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017B9F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BC28960939D11F0AE2D857FDAE4EC9C.roa
Signing time: Wed 17 Sep 2025 08:08:25 +0000
ROA not before: Wed 17 Sep 2025 08:08:20 +0000
ROA not after: Tue 21 Oct 2025 08:08:20 +0000
asID: 139880
IP address blocks: 156.254.32.0/19 maxlen: 24
156.254.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97183 (0x17b9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 17 08:08:20 2025 GMT
Not After : Oct 21 08:08:20 2025 GMT
Subject: CN=68ca6c79-b0d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:12:3c:15:f8:28:f3:d3:01:47:1f:e3:6f:2a:
01:02:b3:35:bb:37:5e:52:e4:77:35:b7:dd:fe:5b:
c6:91:ee:46:af:bc:f3:64:81:0c:e6:5b:97:8f:14:
a0:6a:45:c7:c3:3f:40:c2:40:59:af:b5:d7:7f:80:
08:08:35:3a:d3:52:b3:4e:f5:4c:06:e3:ca:fb:64:
d0:34:f8:10:c6:0c:26:d7:20:fb:e8:fb:b3:d1:d3:
87:b1:e0:4a:dc:97:c4:ce:df:d9:1d:77:dc:e9:a1:
fb:29:6c:29:0e:e3:27:f9:07:a3:79:74:8a:f6:0e:
10:6a:2e:d8:8e:5f:76:46:73:e3:68:ae:12:b9:29:
67:34:5f:45:5b:47:ac:1d:28:50:a0:98:ba:18:b3:
af:a0:07:f7:99:1b:35:28:ff:d2:3e:c0:0e:4f:64:
54:4b:3b:45:77:09:75:2b:22:7e:e9:f3:ec:f1:50:
65:e3:d7:55:3e:79:a5:46:ce:8b:05:7e:7b:e7:0a:
b3:0c:0d:c2:12:32:34:5a:cc:9b:55:4f:05:73:cb:
41:1b:6b:57:84:64:c8:d1:72:dd:e6:28:71:de:5e:
f7:f5:6a:bf:05:e9:82:53:b0:3c:9b:e7:09:04:8a:
41:ea:43:68:9c:10:74:31:63:2e:d2:be:32:68:4e:
50:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:24:05:72:7A:6C:B3:01:6C:B9:1D:E7:AE:AF:80:94:F5:3E:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7BC28960939D11F0AE2D857FDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.32.0-156.254.95.255
Signature Algorithm: sha256WithRSAEncryption
2d:08:96:db:7b:67:b0:2e:13:cb:51:e8:46:b0:31:5e:78:87:
de:3e:d5:85:71:38:2e:bf:18:dc:c6:c3:ac:d7:c7:fd:20:43:
0e:b6:0a:d1:41:e2:b9:ea:1c:05:1f:df:bd:2b:c3:c1:38:1f:
dc:ec:17:3e:23:82:5c:08:3b:6c:c7:7f:e1:69:3c:ab:b3:8e:
79:b5:2c:ea:5f:7a:1f:31:31:e8:97:a6:61:87:d2:53:13:bf:
97:3a:3c:93:43:1a:5e:8b:d8:72:d2:4f:e2:72:f7:43:3b:54:
54:bc:46:3e:ee:7f:f7:b1:73:52:f8:54:0f:ed:4a:73:ae:5d:
34:42:22:f2:f2:87:a5:bb:e9:92:72:9f:93:7e:a9:2f:3e:06:
30:7f:c7:4a:ea:ac:fe:e6:da:0b:d9:0f:9f:00:ce:a4:3c:0b:
2f:32:d9:42:21:81:da:36:b7:af:e0:ee:52:16:49:49:c2:91:
92:b7:73:08:b4:22:64:15:85:b1:ab:cf:82:e2:fb:bc:0a:cb:
d0:d1:e8:eb:e4:99:99:84:f5:07:85:8c:21:c3:5a:b9:ef:77:
b1:61:e8:1d:40:eb:0b:69:61:80:fb:6a:2b:c2:93:7d:22:a1:
67:81:12:b1:26:b7:bd:41:73:f7:bd:5c:d4:a6:93:93:f1:30:
73:50:73:31
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAXufMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTE3MDgwODIwWhcNMjUxMDIxMDgwODIwWjAYMRYw
FAYDVQQDEw02OGNhNmM3OS1iMGQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAphI8Ffgo89MBRx/jbyoBArM1uzdeUuR3Nbfd/lvGke5Gr7zzZIEM5luX
jxSgakXHwz9AwkBZr7XXf4AICDU601KzTvVMBuPK+2TQNPgQxgwm1yD76Puz0dOH
seBK3JfEzt/ZHXfc6aH7KWwpDuMn+QejeXSK9g4Qai7Yjl92RnPjaK4SuSlnNF9F
W0esHShQoJi6GLOvoAf3mRs1KP/SPsAOT2RUSztFdwl1KyJ+6fPs8VBl49dVPnml
Rs6LBX575wqzDA3CEjI0WsybVU8Fc8tBG2tXhGTI0XLd5ihx3l739Wq/BemCU7A8
m+cJBIpB6kNonBB0MWMu0r4yaE5QuQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLM5
JAVyemyzAWy5Heeur4CU9T4+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QkMyODk2MDkzOUQxMUYwQUUyRDg1N0ZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAWc/iADBAWc/kAwDQYJKoZI
hvcNAQELBQADggEBAC0Iltt7Z7AuE8tR6EawMV54h94+1YVxOC6/GNzGw6zXx/0g
Qw62CtFB4rnqHAUf370rw8E4H9zsFz4jglwIO2zHf+FpPKuzjnm1LOpfeh8xMeiX
pmGH0lMTv5c6PJNDGl6L2HLST+Jy90M7VFS8Rj7uf/exc1L4VA/tSnOuXTRCIvLy
h6W76ZJyn5N+qS8+BjB/x0rqrP7m2gvZD58AzqQ8Cy8y2UIhgdo2t6/g7lIWSUnC
kZK3cwi0ImQVhbGrz4Li+7wKy9DR6OvkmZmE9QeFjCHDWrnvd7Fh6B1A6wtpYYD7
aivCk30ioWeBErEmt71Bc/e9XNSmk5PxMHNQczE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:16 2025 by rpki-client