Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D879908665611F08C007FE8DAE4EC9C.roa
File: 2D879908665611F08C007FE8DAE4EC9C.roa (raw, json)
Hash identifier: BBOk1pUGokZNI+Hc2UHlY2Z9K616SR8Sy3yAwX1FSX0=
Subject key identifier: B7:B2:87:F3:55:ED:F1:88:8B:66:EE:9F:C4:CC:6A:4D:34:43:9B:C2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01664A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D879908665611F08C007FE8DAE4EC9C.roa
Signing time: Mon 21 Jul 2025 17:14:37 +0000
ROA not before: Mon 21 Jul 2025 17:14:32 +0000
ROA not after: Thu 28 Aug 2025 17:14:32 +0000
asID: 25160
IP address blocks: 156.225.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 08 Aug 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91722 (0x1664a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 21 17:14:32 2025 GMT
Not After : Aug 28 17:14:32 2025 GMT
Subject: CN=687e757d-d824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2f:04:d7:f2:1a:90:bf:10:03:1c:08:c0:cd:
19:59:19:22:f4:47:10:ef:53:53:71:ee:24:d7:ca:
a8:86:4a:81:e1:f2:f4:da:3f:5d:39:76:29:74:c3:
a4:db:1a:12:85:7a:9e:f9:91:c4:87:5d:3a:9e:c9:
af:3c:ee:7b:3e:82:f6:10:40:bb:33:a3:ca:bf:94:
12:f2:5e:46:ac:8d:9f:73:ad:b2:be:9c:53:40:96:
04:ed:fa:20:8a:20:46:52:b1:ae:d4:f9:91:e6:ea:
1a:7d:4b:f3:02:e2:0b:fd:c8:80:25:db:59:9e:48:
dd:6e:74:c0:da:81:78:43:fc:fd:8f:dc:e3:c6:06:
44:85:3e:80:26:48:89:d6:16:0b:c3:55:57:da:3b:
ef:28:3d:c4:84:dd:a7:69:f9:1a:2c:c1:30:ae:cb:
a6:08:0e:ef:20:63:ec:6d:70:6c:46:3f:63:aa:44:
7d:e6:97:1c:73:28:ee:2b:a0:f9:ed:d8:7d:c9:e1:
5f:3c:fd:6c:8c:96:c4:93:b9:3e:da:c1:52:3a:1c:
0d:fc:26:af:9d:ff:86:d5:32:da:63:8a:c5:11:c9:
de:db:54:5c:13:5c:9a:91:b0:21:b5:0b:85:44:f2:
eb:61:d6:a2:92:8f:eb:b8:63:30:9d:80:bd:d0:98:
e3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B2:87:F3:55:ED:F1:88:8B:66:EE:9F:C4:CC:6A:4D:34:43:9B:C2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2D879908665611F08C007FE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.15.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:de:ab:17:44:fc:3b:12:11:ad:79:a3:b6:85:6c:3a:a5:f9:
55:d4:9c:e5:30:e8:3d:d5:b2:e7:9f:c1:32:a9:3e:0b:5f:80:
f0:66:4d:f6:21:58:13:bf:51:93:27:3e:4c:67:d6:52:03:96:
ef:73:25:23:6e:6f:8f:2b:6b:40:22:cd:ae:f0:3f:ce:26:60:
fe:33:3c:2b:2f:44:ee:28:49:b3:68:f2:02:09:e2:25:bf:f6:
a4:80:4d:60:b3:19:10:e9:f4:cc:4e:1c:f5:1e:fe:4b:98:1f:
f9:58:77:f0:b4:d7:81:e7:6f:03:19:4b:1e:5a:75:74:0b:3f:
71:85:69:0e:32:f6:2f:63:6c:b4:7a:61:cd:eb:63:80:05:40:
3f:50:65:55:2d:0a:6f:3d:3b:03:1a:2f:22:29:ca:fa:88:64:
6a:aa:f5:81:9a:ed:fc:47:f9:19:dd:65:5e:26:50:ad:54:b1:
26:78:7f:67:01:98:b4:68:c1:a0:9e:c6:1a:4c:28:ce:7d:b0:
b1:29:4e:26:2b:b2:08:78:22:c1:58:57:3f:f8:a8:30:6c:e8:
d8:31:b2:3c:fe:93:6f:42:ab:bd:cf:b3:5e:48:54:84:fa:d0:
27:89:3f:78:e8:3b:53:dc:b8:c7:df:8e:c8:9c:2c:d5:00:e4:
39:d2:73:e2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWZKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIxMTcxNDMyWhcNMjUwODI4MTcxNDMyWjAYMRYw
FAYDVQQDEw02ODdlNzU3ZC1kODI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1S8E1/IakL8QAxwIwM0ZWRki9EcQ71NTce4k18qohkqB4fL02j9dOXYp
dMOk2xoShXqe+ZHEh106nsmvPO57PoL2EEC7M6PKv5QS8l5GrI2fc62yvpxTQJYE
7fogiiBGUrGu1PmR5uoafUvzAuIL/ciAJdtZnkjdbnTA2oF4Q/z9j9zjxgZEhT6A
JkiJ1hYLw1VX2jvvKD3EhN2nafkaLMEwrsumCA7vIGPsbXBsRj9jqkR95pcccyju
K6D57dh9yeFfPP1sjJbEk7k+2sFSOhwN/Cavnf+G1TLaY4rFEcne21RcE1yakbAh
tQuFRPLrYdaiko/ruGMwnYC90Jjj9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLey
h/NV7fGIi2bun8TMak00Q5vCMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRDg3OTkwODY2NTYxMUYwOEMwMDdGRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEPMA0GCSqGSIb3DQEBCwUA
A4IBAQA/3qsXRPw7EhGteaO2hWw6pflV1JzlMOg91bLnn8EyqT4LX4DwZk32IVgT
v1GTJz5MZ9ZSA5bvcyUjbm+PK2tAIs2u8D/OJmD+MzwrL0TuKEmzaPICCeIlv/ak
gE1gsxkQ6fTMThz1Hv5LmB/5WHfwtNeB528DGUseWnV0Cz9xhWkOMvYvY2y0emHN
62OABUA/UGVVLQpvPTsDGi8iKcr6iGRqqvWBmu38R/kZ3WVeJlCtVLEmeH9nAZi0
aMGgnsYaTCjOfbCxKU4mK7IIeCLBWFc/+KgwbOjYMbI8/pNvQqu9z7NeSFSE+tAn
iT946DtT3LjH347InCzVAOQ50nPi
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:12:40 2025 by rpki-client