Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC4507805AAC11F0A8EC2993DAE4EC9C.roa
File: BC4507805AAC11F0A8EC2993DAE4EC9C.roa (raw, json)
Hash identifier: Aapj5ITFb+PzOAKLmdrNsz2nAUgJiV1WvkF3Meo8o6k=
Subject key identifier: B9:60:4E:FD:1D:60:B7:EB:36:A3:51:13:6D:94:27:31:FB:71:9F:C4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016289
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC4507805AAC11F0A8EC2993DAE4EC9C.roa
Signing time: Sun 06 Jul 2025 21:03:59 +0000
ROA not before: Sun 06 Jul 2025 21:03:54 +0000
ROA not after: Sun 24 Aug 2025 21:03:54 +0000
asID: 8796
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90761 (0x16289)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 6 21:03:54 2025 GMT
Not After : Aug 24 21:03:54 2025 GMT
Subject: CN=686ae4bf-74ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:40:a0:d9:b5:a7:80:eb:3a:58:b6:6f:4a:
73:8f:4a:50:06:b9:0e:c5:a5:df:f6:29:60:01:5b:
1e:0e:de:a9:e7:63:8d:84:cc:f1:16:26:c3:78:95:
92:fb:9a:7c:8c:32:9f:37:bb:f8:52:a8:82:bc:62:
a2:cc:07:95:9b:4d:ab:1c:73:f0:8b:bc:73:52:8e:
cf:6e:4c:87:72:4c:2c:8f:0b:30:21:d5:b0:25:39:
29:0b:1e:79:33:c4:f7:26:0d:70:52:d7:77:ee:15:
66:ae:f9:bd:ea:a3:44:d9:66:b2:d8:3d:a4:30:5e:
7d:0c:5a:17:9d:d2:a3:5c:9c:0d:f6:ef:99:59:94:
88:99:f3:f4:83:68:27:b4:4c:a1:d5:a3:18:49:51:
26:28:fe:a2:4d:b1:61:77:b0:37:5e:15:2d:de:bf:
de:14:b1:31:2f:40:d6:bd:cb:2f:22:52:6b:5b:36:
7e:8c:59:f2:89:b7:5c:5c:24:90:c1:1a:21:83:93:
95:07:a9:d9:d0:ba:50:e4:bb:21:4d:ea:54:8a:a0:
db:6d:06:b6:b7:09:30:f3:4b:d2:b0:a0:80:55:ca:
09:87:7d:1c:0c:23:3d:1f:9e:13:18:4d:16:a2:19:
3f:b7:3c:5f:f0:02:d1:a1:14:d7:47:a7:49:7b:67:
e9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:60:4E:FD:1D:60:B7:EB:36:A3:51:13:6D:94:27:31:FB:71:9F:C4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC4507805AAC11F0A8EC2993DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
94:94:b6:e9:9c:17:e7:1e:fd:a7:5a:31:87:cb:05:c2:64:3c:
36:37:32:21:b3:cb:47:ea:82:42:30:0f:f5:7d:b7:14:6e:eb:
4e:20:01:57:5c:3e:c7:1a:37:6c:e8:73:8d:30:df:8d:b8:67:
db:c4:7c:1c:38:10:f9:8a:62:9c:a9:9c:6c:40:17:37:5f:2c:
95:6b:11:21:4b:ce:47:24:13:0b:6f:7f:8c:fa:34:6b:c8:93:
d2:9e:e2:1c:a9:b3:35:ee:dd:83:cb:86:19:99:94:ca:62:55:
13:2c:4c:f5:24:2e:70:98:29:05:63:91:15:57:08:53:43:ce:
91:fb:32:ec:34:82:e6:f7:e4:bd:e0:c0:98:db:a6:ba:a9:52:
b9:77:b1:37:fc:6e:27:6b:2e:bc:5a:8a:d5:ab:56:d6:ca:e1:
df:4a:1d:e9:a6:5b:b6:67:62:04:79:8f:03:0d:a0:a7:c2:86:
06:6f:b5:a3:c3:6a:d7:70:98:97:5f:94:3a:a3:3b:e6:48:86:
1e:e1:1c:d1:25:37:21:fd:cb:fd:a4:50:a9:90:06:8b:e8:7f:
34:c9:50:2e:81:c0:c3:62:eb:9f:2c:1b:f9:d9:ec:6d:c7:a6:
09:ac:11:0f:75:63:1e:ee:ff:6e:3f:0f:2f:b1:7d:9c:95:18:
98:97:b6:05
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWKJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA2MjEwMzU0WhcNMjUwODI0MjEwMzU0WjAYMRYw
FAYDVQQDEw02ODZhZTRiZi03NGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz/RAoNm1p4DrOli2b0pzj0pQBrkOxaXf9ilgAVseDt6p52ONhMzxFibD
eJWS+5p8jDKfN7v4UqiCvGKizAeVm02rHHPwi7xzUo7PbkyHckwsjwswIdWwJTkp
Cx55M8T3Jg1wUtd37hVmrvm96qNE2Way2D2kMF59DFoXndKjXJwN9u+ZWZSImfP0
g2gntEyh1aMYSVEmKP6iTbFhd7A3XhUt3r/eFLExL0DWvcsvIlJrWzZ+jFnyibdc
XCSQwRohg5OVB6nZ0LpQ5LshTepUiqDbbQa2twkw80vSsKCAVcoJh30cDCM9H54T
GE0Wohk/tzxf8ALRoRTXR6dJe2fpGwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLlg
Tv0dYLfrNqNRE22UJzH7cZ/EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQzQ1MDc4MDVBQUMxMUYwQThFQzI5OTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBAJSUtumcF+ce/adaMYfLBcJkPDY3MiGzy0fqgkIwD/V9txRu
604gAVdcPscaN2zoc40w3424Z9vEfBw4EPmKYpypnGxAFzdfLJVrESFLzkckEwtv
f4z6NGvIk9Ke4hypszXu3YPLhhmZlMpiVRMsTPUkLnCYKQVjkRVXCFNDzpH7Muw0
gub35L3gwJjbprqpUrl3sTf8bidrLrxaitWrVtbK4d9KHemmW7ZnYgR5jwMNoKfC
hgZvtaPDatdwmJdflDqjO+ZIhh7hHNElNyH9y/2kUKmQBovofzTJUC6BwMNi658s
G/nZ7G3HpgmsEQ91Yx7u/24/Dy+xfZyVGJiXtgU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:23:14 2025 by rpki-client