Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDBE8644590911F08CA1DFEADAE4EC9C.roa
File: BDBE8644590911F08CA1DFEADAE4EC9C.roa (raw, json)
Hash identifier: Sr6KEbLyOvPg5eZFJ1QfJuR5WL50dppDaUJmZNewmeU=
Subject key identifier: 5E:FC:AE:EA:19:E9:B3:4C:DE:85:FA:CC:08:FA:8B:0A:6A:9E:E1:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016138
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDBE8644590911F08CA1DFEADAE4EC9C.roa
Signing time: Fri 04 Jul 2025 19:04:43 +0000
ROA not before: Fri 04 Jul 2025 19:04:38 +0000
ROA not after: Fri 17 Jul 2026 19:04:38 +0000
asID: 36137
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.245.64.0/18 maxlen: 24
156.252.96.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90424 (0x16138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 19:04:38 2025 GMT
Not After : Jul 17 19:04:38 2026 GMT
Subject: CN=686825ca-b906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:d9:9e:b4:12:ed:4a:88:23:d5:fc:5a:47:89:
d9:d0:b8:a2:83:ea:be:de:48:0d:7f:aa:d4:ef:c2:
2d:08:b2:86:ac:40:1b:c6:a9:13:1a:c1:bc:12:72:
32:2e:47:f5:05:2b:06:40:2e:7c:43:db:a1:96:d3:
45:94:95:88:bb:d8:82:80:b1:44:40:76:a9:41:eb:
c9:ce:f0:d7:cd:c4:0e:60:e3:44:d2:fc:dc:de:92:
bb:66:fb:b4:8c:26:fa:60:27:ec:a4:96:17:c6:60:
02:8e:a3:f7:f1:b8:cd:4c:09:5f:c5:b1:57:08:3f:
a3:75:6c:10:34:15:e9:c7:b9:cb:a6:f3:cb:ce:d0:
a1:cd:1e:19:cd:a7:a1:8d:66:97:73:6c:c4:a9:8e:
75:7c:b1:a6:12:de:8b:f2:b2:76:9c:df:f6:a7:83:
e1:71:f2:9c:69:dc:a7:5a:28:48:82:65:e5:e9:76:
55:2c:16:b9:00:ff:84:cc:12:11:55:67:80:a7:cc:
a5:ca:53:49:29:58:7d:3e:a5:ca:41:51:c7:1b:e7:
ac:e5:5b:26:8d:20:dd:fa:8e:a0:58:5e:ba:c5:a0:
bc:35:c5:92:a6:d5:e8:fc:b4:07:a5:bf:21:64:e6:
ce:61:77:e2:7c:cc:32:1d:1d:a4:77:e6:77:0f:f5:
a8:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FC:AE:EA:19:E9:B3:4C:DE:85:FA:CC:08:FA:8B:0A:6A:9E:E1:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDBE8644590911F08CA1DFEADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.245.64.0/18
156.252.96.0/19
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
18:e4:df:42:e3:ec:1c:bb:0d:9b:b2:d0:19:35:f0:fe:96:e9:
28:a1:c2:b8:e9:95:59:43:e3:c1:8f:9c:25:76:48:6f:b8:bb:
a3:45:6f:b1:91:53:78:33:31:1a:c3:a1:17:19:e1:2a:9d:71:
25:a7:21:66:52:a3:13:50:19:85:76:ba:03:fb:07:0e:32:31:
3f:8e:98:c3:e6:f3:ca:27:b4:0b:c4:a3:0a:36:74:2a:a0:dd:
33:0a:06:e2:c7:b7:ed:48:54:de:c2:9e:eb:5e:e5:f2:6e:df:
3a:80:86:22:c4:8e:69:01:fb:12:77:60:4d:4c:1b:56:a3:5f:
b4:51:01:95:9f:c1:e1:ca:b5:fb:95:84:23:50:75:1b:e1:59:
55:c3:52:04:ec:c4:9d:f7:8b:ee:4e:f9:01:72:74:41:9a:fd:
76:a5:e7:61:be:4d:bb:23:b7:6e:91:26:3e:04:37:5d:73:53:
0d:a2:aa:c4:50:1b:c1:5e:fa:03:3c:a1:a6:06:fa:42:37:0c:
66:72:03:eb:b3:80:91:5b:68:24:36:5a:0a:83:f9:ad:08:33:
01:d5:1e:01:a8:e5:70:a7:59:14:4b:1b:41:ce:67:f4:54:42:
28:6a:a1:84:dd:43:8a:2e:96:4c:27:83:af:e7:df:0e:dc:72:
e3:62:c4:d4
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAWE4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MTkwNDM4WhcNMjYwNzE3MTkwNDM4WjAYMRYw
FAYDVQQDEw02ODY4MjVjYS1iOTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8dmetBLtSogj1fxaR4nZ0Liig+q+3kgNf6rU78ItCLKGrEAbxqkTGsG8
EnIyLkf1BSsGQC58Q9uhltNFlJWIu9iCgLFEQHapQevJzvDXzcQOYONE0vzc3pK7
Zvu0jCb6YCfspJYXxmACjqP38bjNTAlfxbFXCD+jdWwQNBXpx7nLpvPLztChzR4Z
zaehjWaXc2zEqY51fLGmEt6L8rJ2nN/2p4PhcfKcadynWihIgmXl6XZVLBa5AP+E
zBIRVWeAp8ylylNJKVh9PqXKQVHHG+es5VsmjSDd+o6gWF66xaC8NcWSptXo/LQH
pb8hZObOYXfifMwyHR2kd+Z3D/WobwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFF78
ruoZ6bNM3oX6zAj6iwpqnuE6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CREJFODY0NDU5MDkxMUYwOENBMURGRUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQFnOOgAwQGnPVAAwQFnPxgMAwD
BASc/JADBASc/KAwDQYJKoZIhvcNAQELBQADggEBABjk30Lj7By7DZuy0Bk18P6W
6SihwrjplVlD48GPnCV2SG+4u6NFb7GRU3gzMRrDoRcZ4SqdcSWnIWZSoxNQGYV2
ugP7Bw4yMT+OmMPm88ontAvEowo2dCqg3TMKBuLHt+1IVN7Cnute5fJu3zqAhiLE
jmkB+xJ3YE1MG1ajX7RRAZWfweHKtfuVhCNQdRvhWVXDUgTsxJ33i+5O+QFydEGa
/Xal52G+Tbsjt26RJj4EN11zUw2iqsRQG8Fe+gM8oaYG+kI3DGZyA+uzgJFbaCQ2
WgqD+a0IMwHVHgGo5XCnWRRLG0HOZ/RUQihqoYTdQ4oulkwng6/n3w7ccuNixNQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:19:41 2025 by rpki-client