Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC61CC45E7711F0BF70519BDAE4EC9C.roa
File: BDC61CC45E7711F0BF70519BDAE4EC9C.roa (raw, json)
Hash identifier: uO9SXSiclPeHimOWIP53iOoiUqY7j47OZJ8+MPzBHkc=
Subject key identifier: 9D:EC:9E:AE:D6:2E:DE:8C:39:FD:7A:34:37:07:37:CB:BD:27:C1:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0164C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC61CC45E7711F0BF70519BDAE4EC9C.roa
Signing time: Fri 11 Jul 2025 16:54:43 +0000
ROA not before: Fri 11 Jul 2025 16:54:38 +0000
ROA not after: Sun 20 Jul 2025 16:54:38 +0000
asID: 142002
IP address blocks: 45.197.12.0/24 maxlen: 24
45.197.13.0/24 maxlen: 24
45.197.14.0/24 maxlen: 24
45.197.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 20 Jul 2025 16:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91332 (0x164c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 11 16:54:38 2025 GMT
Not After : Jul 20 16:54:38 2025 GMT
Subject: CN=687141d3-460d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:19:02:59:95:a4:8a:5f:88:4b:7f:28:fd:fc:
50:2f:27:01:70:bc:22:29:64:82:d3:53:77:49:f6:
13:71:f4:20:b5:29:d0:67:da:44:d0:1e:78:2e:4c:
f6:9c:1c:bd:88:bc:b9:0f:d7:13:32:7a:c9:00:21:
f8:6a:3e:dd:45:99:1c:1e:0e:e6:e2:fd:85:8e:01:
18:d2:d9:df:f2:3a:c6:53:07:c9:02:f7:14:76:2b:
55:54:2a:98:c6:fc:b1:65:d4:83:40:de:43:7b:7a:
bb:20:8d:9b:10:84:6a:9c:03:f5:ae:15:fd:6f:11:
c1:07:6a:d2:e6:85:f7:94:b9:c2:2b:5d:3d:25:7e:
25:93:1a:dd:c8:d0:f8:1b:ba:95:d1:e2:6e:68:7a:
44:64:7f:ae:62:08:89:20:58:96:f2:8c:64:5b:74:
1b:08:b9:cb:ff:50:7e:c2:a1:61:e1:be:d1:b9:99:
3f:6a:db:f1:21:6d:bf:36:52:14:44:bc:01:3f:bb:
63:9b:01:ea:2b:98:0b:ab:8a:c7:37:97:3b:e4:e9:
bf:dd:6f:a7:6c:52:50:c0:70:aa:86:5e:95:40:39:
97:09:79:a7:92:f8:62:6a:1c:34:5f:9b:62:e1:42:
d2:e2:9e:51:d3:05:7b:83:b1:69:e1:07:4a:9a:09:
78:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:EC:9E:AE:D6:2E:DE:8C:39:FD:7A:34:37:07:37:CB:BD:27:C1:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC61CC45E7711F0BF70519BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.197.12.0/22
Signature Algorithm: sha256WithRSAEncryption
97:ab:3d:2c:9f:a1:0e:49:3b:3c:44:36:e4:65:35:8c:dd:c0:
67:ca:e7:4b:ab:16:59:32:48:6c:77:28:db:6b:96:9e:f4:54:
a5:9a:bd:1f:9b:1f:d9:d0:06:ed:68:bd:f9:30:8c:fb:1e:02:
db:0c:59:51:ba:32:c4:a4:08:96:a5:21:0f:7e:ce:24:88:3b:
16:c8:f1:78:af:eb:72:94:77:bb:fb:45:8b:65:7f:6b:40:f9:
9b:79:06:ee:82:84:5f:4a:a8:23:09:ed:59:91:fe:e7:c5:ff:
ce:09:eb:bb:36:bc:cd:c6:ab:a0:1b:31:4e:48:91:30:5c:d0:
be:f5:33:a7:47:b1:32:e7:1c:ce:3e:33:22:d3:3d:ca:0f:17:
6a:7a:e2:7b:3f:35:32:34:17:42:3f:b7:69:11:ab:ef:55:86:
35:66:dc:7e:0c:71:1f:91:3f:0e:e4:9f:95:16:96:9f:e3:9d:
e6:44:63:82:92:36:59:9d:8a:52:9c:7d:aa:d2:fe:e0:0d:41:
bb:b9:04:c8:2c:3f:9c:e1:a1:6e:ac:35:ab:ef:56:77:e3:06:
43:06:45:54:19:9c:53:30:b3:ea:fa:a7:0b:f9:e3:7d:96:9b:
55:9c:d2:7e:fb:7c:aa:88:a1:eb:e2:9b:a0:9f:ae:52:bd:d6:
72:8a:62:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAWTEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzExMTY1NDM4WhcNMjUwNzIwMTY1NDM4WjAYMRYw
FAYDVQQDEw02ODcxNDFkMy00NjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAphkCWZWkil+IS38o/fxQLycBcLwiKWSC01N3SfYTcfQgtSnQZ9pE0B54
Lkz2nBy9iLy5D9cTMnrJACH4aj7dRZkcHg7m4v2FjgEY0tnf8jrGUwfJAvcUditV
VCqYxvyxZdSDQN5De3q7II2bEIRqnAP1rhX9bxHBB2rS5oX3lLnCK109JX4lkxrd
yND4G7qV0eJuaHpEZH+uYgiJIFiW8oxkW3QbCLnL/1B+wqFh4b7RuZk/atvxIW2/
NlIURLwBP7tjmwHqK5gLq4rHN5c75Om/3W+nbFJQwHCqhl6VQDmXCXmnkvhiahw0
X5ti4ULS4p5R0wV7g7Fp4QdKmgl43wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ3s
nq7WLt6MOf16NDcHN8u9J8ECMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CREM2MUNDNDVFNzcxMUYwQkY3MDUxOUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcUMMA0GCSqGSIb3DQEBCwUA
A4IBAQCXqz0sn6EOSTs8RDbkZTWM3cBnyudLqxZZMkhsdyjba5ae9FSlmr0fmx/Z
0AbtaL35MIz7HgLbDFlRujLEpAiWpSEPfs4kiDsWyPF4r+tylHe7+0WLZX9rQPmb
eQbugoRfSqgjCe1Zkf7nxf/OCeu7NrzNxqugGzFOSJEwXNC+9TOnR7Ey5xzOPjMi
0z3KDxdqeuJ7PzUyNBdCP7dpEavvVYY1Ztx+DHEfkT8O5J+VFpaf453mRGOCkjZZ
nYpSnH2q0v7gDUG7uQTILD+c4aFurDWr71Z34wZDBkVUGZxTMLPq+qcL+eN9lptV
nNJ++3yqiKHr4pugn65SvdZyimIL
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:33:42 2025 by rpki-client