Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC1928C8870111F08B81BE82DAE4EC9C.roa
File: BC1928C8870111F08B81BE82DAE4EC9C.roa (raw, json)
Hash identifier: QyMCdgM1ZEcQRnPB22S4qN04QRxXdT61npQO2NjGb64=
Subject key identifier: BA:65:31:3D:FE:14:2E:63:7B:9D:CB:F2:7D:D3:F7:DD:38:61:26:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0174C0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC1928C8870111F08B81BE82DAE4EC9C.roa
Signing time: Mon 01 Sep 2025 07:03:17 +0000
ROA not before: Mon 01 Sep 2025 07:03:13 +0000
ROA not after: Tue 23 Sep 2025 07:03:13 +0000
asID: 141167
IP address blocks: 156.225.0.0/23 maxlen: 24
156.225.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 05 Sep 2025 00:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95424 (0x174c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 1 07:03:13 2025 GMT
Not After : Sep 23 07:03:13 2025 GMT
Subject: CN=68b54535-e757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:60:71:ae:b3:90:d2:09:3c:10:5c:e6:b2:1d:
22:0d:c5:7f:8a:58:13:f1:e4:b2:f8:8f:52:68:ab:
7e:7f:d7:3e:27:13:fb:5a:aa:2a:22:60:8b:2d:8f:
1c:67:2c:2e:06:eb:de:12:78:ca:2f:52:81:f7:6d:
f9:ab:54:42:15:1a:e7:8a:40:fa:3b:6c:1f:2f:b6:
a6:cd:3a:37:10:2d:e3:30:9b:e4:3c:45:0b:7b:56:
09:86:a9:eb:fa:83:07:2b:79:fd:e8:13:00:7d:9e:
0d:22:4e:ef:06:86:fb:78:ec:e7:d3:26:d9:d0:67:
32:76:de:8a:d8:27:2d:08:af:e1:ce:a4:20:05:a2:
76:ed:da:2f:c5:0a:82:0f:d3:82:c0:26:11:99:ca:
17:01:e2:74:3e:76:f2:5f:a6:67:71:30:52:31:17:
b0:14:b3:ab:27:55:4b:3a:e3:e2:45:7c:6e:7a:ad:
63:09:9d:e1:21:6b:3e:b7:3a:f1:33:1e:bc:b1:a0:
7a:ac:77:3b:5c:97:25:d5:de:0e:bd:41:c8:e6:00:
5d:a3:77:6d:8e:92:95:17:c3:c0:0e:21:86:25:20:
b6:0a:7c:c6:f2:35:79:25:4f:0d:4b:8b:97:4f:2b:
f6:62:8f:1b:55:01:4d:26:0b:ed:fe:c1:1b:ba:1d:
be:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:65:31:3D:FE:14:2E:63:7B:9D:CB:F2:7D:D3:F7:DD:38:61:26:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC1928C8870111F08B81BE82DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.0.0/23
156.225.12.0/23
Signature Algorithm: sha256WithRSAEncryption
63:60:e8:78:9a:eb:96:29:ea:47:f8:de:2e:49:5e:27:c1:18:
cd:4a:3e:c4:c8:21:97:d6:ed:74:4d:3b:b0:92:55:7a:1a:cf:
6e:b7:bb:07:9e:d8:59:e4:f5:fa:16:a7:5a:04:d0:2e:77:4a:
c3:ad:f5:d2:6b:25:c4:7d:39:1a:5b:26:52:11:e5:41:11:78:
0e:a7:c1:3d:f7:1e:f8:a7:f1:d8:5e:6b:bb:cd:78:d3:26:91:
70:e4:03:aa:49:3f:ce:21:95:cd:3e:58:90:c3:3b:90:f1:5b:
ae:8b:89:d1:f4:58:cb:c3:42:a0:d9:82:75:63:69:36:af:30:
c3:72:94:68:86:d7:94:79:9d:80:b6:b2:ad:bf:fd:67:69:a0:
98:7e:48:89:0d:d8:29:96:7c:8a:89:0a:49:99:fc:81:df:0a:
16:b1:b3:9a:ad:c0:5d:b1:ab:2f:98:63:fe:78:9a:bd:9e:07:
14:41:52:94:25:e8:4c:f2:a1:f7:65:0c:9f:ce:d5:f7:d6:7e:
06:24:8a:9c:fb:82:ea:a5:e6:f9:a1:f0:2b:8c:db:52:37:2f:
dc:bc:23:7b:e6:ea:e7:38:e3:b9:3b:34:e8:32:4c:e2:fc:28:
68:87:48:2e:77:07:11:93:7b:2b:f8:0d:b6:e0:c8:e3:c9:0a:
ed:52:60:ff
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAXTAMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTAxMDcwMzEzWhcNMjUwOTIzMDcwMzEzWjAYMRYw
FAYDVQQDEw02OGI1NDUzNS1lNzU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmWBxrrOQ0gk8EFzmsh0iDcV/ilgT8eSy+I9SaKt+f9c+JxP7WqoqImCL
LY8cZywuBuveEnjKL1KB9235q1RCFRrnikD6O2wfL7amzTo3EC3jMJvkPEULe1YJ
hqnr+oMHK3n96BMAfZ4NIk7vBob7eOzn0ybZ0Gcydt6K2CctCK/hzqQgBaJ27dov
xQqCD9OCwCYRmcoXAeJ0PnbyX6ZncTBSMRewFLOrJ1VLOuPiRXxueq1jCZ3hIWs+
tzrxMx68saB6rHc7XJcl1d4OvUHI5gBdo3dtjpKVF8PADiGGJSC2CnzG8jV5JU8N
S4uXTyv2Yo8bVQFNJgvt/sEbuh2+rwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLpl
MT3+FC5je53L8n3T9904YSbhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQzE5MjhDODg3MDExMUYwOEI4MUJFODJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOEAAwQBnOEMMA0GCSqGSIb3
DQEBCwUAA4IBAQBjYOh4muuWKepH+N4uSV4nwRjNSj7EyCGX1u10TTuwklV6Gs9u
t7sHnthZ5PX6FqdaBNAud0rDrfXSayXEfTkaWyZSEeVBEXgOp8E99x74p/HYXmu7
zXjTJpFw5AOqST/OIZXNPliQwzuQ8Vuui4nR9FjLw0Kg2YJ1Y2k2rzDDcpRohteU
eZ2AtrKtv/1naaCYfkiJDdgplnyKiQpJmfyB3woWsbOarcBdsasvmGP+eJq9ngcU
QVKUJehM8qH3ZQyfztX31n4GJIqc+4Lqpeb5ofArjNtSNy/cvCN75urnOOO5OzTo
Mkzi/Choh0gudwcRk3sr+A224MjjyQrtUmD/
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:18:46 2025 by rpki-client