Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA78B19EA29211F0A24EEEE6DAE4EC9C.roa
File: BA78B19EA29211F0A24EEEE6DAE4EC9C.roa (raw, json)
Hash identifier: zDoH2EZTg633whFN6uAuSQBO44/F8rvGkW2WjB9rM8M=
Subject key identifier: 51:49:30:BE:47:49:E9:9C:DA:33:03:36:27:71:BE:48:A0:64:CA:B3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017EF8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA78B19EA29211F0A24EEEE6DAE4EC9C.roa
Signing time: Mon 06 Oct 2025 08:59:13 +0000
ROA not before: Mon 06 Oct 2025 08:59:08 +0000
ROA not after: Wed 12 Nov 2025 08:59:08 +0000
asID: 134548
IP address blocks: 45.207.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98040 (0x17ef8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Oct 6 08:59:08 2025 GMT
Not After : Nov 12 08:59:08 2025 GMT
Subject: CN=68e384e1-efa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:87:8c:e3:84:7f:d5:4e:b6:dd:81:7a:63:e2:
d9:c3:4b:6c:52:0f:22:89:d3:15:93:27:1f:13:fc:
65:8d:79:ff:ca:e0:56:67:dd:fa:ba:fc:df:ae:96:
af:ee:aa:d9:d7:d4:12:e5:83:15:84:e7:bc:96:c5:
6e:2b:df:bd:7e:5a:e4:68:9b:d7:ee:de:51:6f:6f:
e4:dc:a8:ed:5e:e2:14:9a:a4:d3:ab:31:6c:80:b0:
a9:34:87:14:44:42:d1:2b:13:5f:28:f3:25:80:f9:
89:5a:47:bf:1e:fe:9b:6f:93:13:e2:a9:8c:06:c0:
7f:e6:1b:d9:6c:1e:2c:89:84:fc:be:17:98:21:bb:
9e:4e:ce:5e:e3:f4:1a:dd:be:e3:66:4c:fe:22:22:
0a:01:5e:93:e9:95:41:94:aa:99:24:3c:d3:d6:2b:
c8:3a:8f:f6:ac:88:ab:78:fa:66:a6:16:66:18:77:
67:61:9a:bc:31:03:3e:80:05:c7:93:ad:57:56:d7:
3d:f9:1e:21:d3:9e:dd:ee:5c:0d:6d:fd:a7:48:a5:
fa:a0:dc:dd:58:a9:d9:24:4d:5d:08:8a:2e:e4:6b:
0c:54:c4:bb:42:c8:db:3e:fd:32:22:e9:54:17:66:
68:ab:5b:b9:b9:8f:fe:0a:bc:3f:50:4e:fb:ea:8d:
1b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:49:30:BE:47:49:E9:9C:DA:33:03:36:27:71:BE:48:A0:64:CA:B3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA78B19EA29211F0A24EEEE6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.22.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:5e:28:82:9f:63:4d:4d:47:62:ea:56:01:01:89:40:e2:23:
09:e7:0a:4a:25:e4:c2:83:74:5a:f1:f2:c8:41:33:80:2c:34:
91:21:99:03:f5:f4:91:e6:55:b2:01:9d:7c:9c:49:2e:17:60:
94:ab:0a:f8:57:df:a1:3f:a9:b6:14:06:3d:08:86:6c:1e:e3:
18:e3:77:8c:d3:94:26:5b:38:bb:11:77:c2:f8:3f:b0:5c:d7:
5c:29:d6:87:de:ce:73:56:ba:18:84:b1:86:ce:76:c8:8b:07:
51:57:9c:3a:8a:12:fa:17:21:3a:1a:50:50:1a:18:7b:75:e0:
1d:d3:28:35:30:46:e9:78:91:ee:b5:f5:e2:8b:44:93:bc:9a:
5f:4c:d8:78:30:4d:45:e7:8f:7c:5f:f1:5a:69:b6:0a:ae:63:
6f:d1:a1:1f:2a:cc:93:02:7c:07:c7:b7:53:04:11:10:f4:18:
fd:e0:35:69:8b:02:9e:f8:6a:40:c7:22:dc:e4:5f:57:3c:85:
e3:0d:ff:e4:34:1a:f7:af:1a:b7:5b:66:e4:38:a4:65:9c:20:
ab:bc:3f:0c:fb:e0:82:27:c6:df:e8:dd:c8:db:4d:89:49:85:
9f:0b:9b:ab:99:55:e9:8a:77:a3:c5:04:a3:5f:45:86:e8:bc:
fe:61:bc:02
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAX74MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUxMDA2MDg1OTA4WhcNMjUxMTEyMDg1OTA4WjAYMRYw
FAYDVQQDEw02OGUzODRlMS1lZmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoeM44R/1U623YF6Y+LZw0tsUg8iidMVkycfE/xljXn/yuBWZ936uvzf
rpav7qrZ19QS5YMVhOe8lsVuK9+9flrkaJvX7t5Rb2/k3KjtXuIUmqTTqzFsgLCp
NIcURELRKxNfKPMlgPmJWke/Hv6bb5MT4qmMBsB/5hvZbB4siYT8vheYIbueTs5e
4/Qa3b7jZkz+IiIKAV6T6ZVBlKqZJDzT1ivIOo/2rIirePpmphZmGHdnYZq8MQM+
gAXHk61XVtc9+R4h057d7lwNbf2nSKX6oNzdWKnZJE1dCIou5GsMVMS7QsjbPv0y
IulUF2Zoq1u5uY/+Crw/UE776o0bbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFFJ
ML5HSemc2jMDNidxvkigZMqzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTc4QjE5RUEyOTIxMUYwQTI0RUVFRTZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLc8WMA0GCSqGSIb3DQEBCwUA
A4IBAQBLXiiCn2NNTUdi6lYBAYlA4iMJ5wpKJeTCg3Ra8fLIQTOALDSRIZkD9fSR
5lWyAZ18nEkuF2CUqwr4V9+hP6m2FAY9CIZsHuMY43eM05QmWzi7EXfC+D+wXNdc
KdaH3s5zVroYhLGGznbIiwdRV5w6ihL6FyE6GlBQGhh7deAd0yg1MEbpeJHutfXi
i0STvJpfTNh4ME1F5498X/FaabYKrmNv0aEfKsyTAnwHx7dTBBEQ9Bj94DVpiwKe
+GpAxyLc5F9XPIXjDf/kNBr3rxq3W2bkOKRlnCCrvD8M++CCJ8bf6N3I202JSYWf
C5urmVXpinejxQSjX0WG6Lz+YbwC
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:34:05 2025 by rpki-client