Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC52E6476C211F0A58C42E5DAE4EC9C.roa
File: BDC52E6476C211F0A58C42E5DAE4EC9C.roa (raw, json)
Hash identifier: 5SYvgqSKveDwpqczsbgTxdX54D/AnHKMKWXKpytFc2U=
Subject key identifier: A9:01:9C:B6:29:4E:91:E5:6A:BE:EE:1C:D4:44:D8:3A:60:D6:8A:84
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016A42
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC52E6476C211F0A58C42E5DAE4EC9C.roa
Signing time: Mon 11 Aug 2025 14:52:03 +0000
ROA not before: Mon 11 Aug 2025 14:51:58 +0000
ROA not after: Wed 17 Sep 2025 14:51:58 +0000
asID: 22773
IP address blocks: 156.233.44.0/23 maxlen: 24
156.233.47.0/24 maxlen: 24
156.233.56.0/24 maxlen: 24
156.233.58.0/24 maxlen: 24
156.233.60.0/23 maxlen: 24
156.233.63.0/24 maxlen: 24
156.233.126.0/24 maxlen: 24
156.238.188.0/24 maxlen: 24
156.238.190.0/23 maxlen: 24
156.239.57.0/24 maxlen: 24
156.239.58.0/23 maxlen: 24
156.239.61.0/24 maxlen: 24
156.239.62.0/23 maxlen: 24
156.248.92.0/22 maxlen: 24
156.248.104.0/21 maxlen: 24
156.249.0.0/24 maxlen: 24
156.249.2.0/23 maxlen: 24
156.249.4.0/22 maxlen: 24
156.249.16.0/24 maxlen: 24
156.249.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92738 (0x16a42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 11 14:51:58 2025 GMT
Not After : Sep 17 14:51:58 2025 GMT
Subject: CN=689a0393-fdb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a7:ea:22:fe:a7:52:f2:6b:8b:ca:a3:10:f5:
f8:96:83:71:77:dd:d0:19:48:c9:11:3d:c6:e8:bb:
61:5c:a8:67:e1:da:f6:65:24:1f:45:9f:9c:7b:33:
2b:98:22:8d:be:f9:06:fc:5a:ee:54:b2:8d:70:9c:
de:bf:b1:b1:6e:0f:7d:c1:8e:7c:e0:69:43:a6:3e:
99:bf:6a:d4:76:aa:80:b5:ec:b1:a5:d8:93:dd:f4:
eb:86:1f:4e:e9:1c:7f:a4:59:52:17:c2:c9:f5:01:
3b:64:48:95:98:f0:79:9a:d5:44:4b:ec:4f:d1:b0:
c4:94:e7:0d:4d:55:70:ef:80:cb:92:41:43:dc:c1:
c1:ec:06:3d:a5:42:e5:51:08:1e:36:47:ca:be:bc:
7c:51:f1:a7:5d:30:10:60:7e:2a:fb:4a:8d:43:7c:
54:31:a0:32:89:27:62:7d:04:4a:e1:72:0b:49:ca:
6c:ab:f6:95:b0:03:a3:09:4d:c5:9e:88:a1:ad:3a:
8b:21:d1:e2:f4:02:e5:30:35:40:4f:90:78:3c:48:
12:fe:4b:6f:cd:c1:f5:ca:fe:38:a8:8f:96:45:8a:
03:6a:c9:36:35:1d:62:92:a4:74:0f:f7:9a:64:20:
02:78:b9:ef:bb:a5:b3:ba:a0:cf:33:69:17:a9:53:
9e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:01:9C:B6:29:4E:91:E5:6A:BE:EE:1C:D4:44:D8:3A:60:D6:8A:84
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDC52E6476C211F0A58C42E5DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.44.0/23
156.233.47.0/24
156.233.56.0/24
156.233.58.0/24
156.233.60.0/23
156.233.63.0/24
156.233.126.0/24
156.238.188.0/24
156.238.190.0/23
156.239.57.0-156.239.59.255
156.239.61.0-156.239.63.255
156.248.92.0/22
156.248.104.0/21
156.249.0.0/24
156.249.2.0-156.249.7.255
156.249.16.0/24
156.249.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:5d:5e:b7:9a:d2:1f:88:fd:7a:f9:04:ea:4e:86:0b:7c:bc:
a4:83:d8:3e:94:79:33:0e:57:99:5b:1a:39:6d:f9:4c:0e:1c:
4f:02:29:b3:83:df:b6:94:6d:87:f7:6e:95:8f:ba:e6:2b:8c:
61:99:76:c3:38:18:eb:8a:e7:10:6f:85:ae:35:ee:d2:b6:de:
b7:86:0d:01:ec:76:06:d3:f2:ac:1c:62:d0:5c:60:75:2f:9c:
96:43:6c:2e:95:d7:c2:18:2f:74:ee:51:10:b6:a8:6a:31:de:
70:87:be:8c:b2:01:2d:91:d2:14:09:68:2a:f4:10:78:52:af:
0f:dd:59:34:32:5f:4d:67:fc:70:08:b7:f8:a4:59:6b:b0:e0:
16:27:97:63:57:59:a1:9c:b4:1d:e4:b9:1d:59:51:52:c7:8e:
f3:aa:9e:66:bf:7c:48:f3:73:f8:ce:f6:ce:90:8a:a0:09:a6:
9d:f4:92:c2:7b:73:94:b9:d6:94:37:b9:4c:0e:05:b7:b4:7c:
11:48:74:8b:ee:af:82:29:0e:8d:46:83:46:d3:b5:8c:14:2c:
f7:34:83:65:77:d5:5b:67:ba:7a:04:e2:a6:37:65:cf:ad:18:
e1:dd:0d:0f:d8:4f:5e:aa:b8:cf:9b:ef:0c:64:25:11:c9:fd:
a3:b5:43:68
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgIDAWpCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODExMTQ1MTU4WhcNMjUwOTE3MTQ1MTU4WjAYMRYw
FAYDVQQDEw02ODlhMDM5My1mZGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxKfqIv6nUvJri8qjEPX4loNxd93QGUjJET3G6LthXKhn4dr2ZSQfRZ+c
ezMrmCKNvvkG/FruVLKNcJzev7Gxbg99wY584GlDpj6Zv2rUdqqAteyxpdiT3fTr
hh9O6Rx/pFlSF8LJ9QE7ZEiVmPB5mtVES+xP0bDElOcNTVVw74DLkkFD3MHB7AY9
pULlUQgeNkfKvrx8UfGnXTAQYH4q+0qNQ3xUMaAyiSdifQRK4XILScpsq/aVsAOj
CU3FnoihrTqLIdHi9ALlMDVAT5B4PEgS/ktvzcH1yv44qI+WRYoDask2NR1ikqR0
D/eaZCACeLnvu6WzuqDPM2kXqVOeuQIDAQABo4IDHjCCAxowHQYDVR0OBBYEFKkB
nLYpTpHlar7uHNRE2Dpg1oqEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CREM1MkU2NDc2QzIxMUYwQTU4QzQyRTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAZzpLAMEAJzpLwMEAJzp
OAMEAJzpOgMEAZzpPAMEAJzpPwMEAJzpfgMEAJzuvAMEAZzuvjAMAwQAnO85AwQC
nO84MAwDBACc7z0DBAac7wADBAKc+FwDBAOc+GgDBACc+QAwDAMEAZz5AgMEA5z5
AAMEAJz5EAMEApz5FDANBgkqhkiG9w0BAQsFAAOCAQEAP11et5rSH4j9evkE6k6G
C3y8pIPYPpR5Mw5XmVsaOW35TA4cTwIps4PftpRth/dulY+65iuMYZl2wzgY64rn
EG+FrjXu0rbet4YNAex2BtPyrBxi0FxgdS+clkNsLpXXwhgvdO5RELaoajHecIe+
jLIBLZHSFAloKvQQeFKvD91ZNDJfTWf8cAi3+KRZa7DgFieXY1dZoZy0HeS5HVlR
UseO86qeZr98SPNz+M72zpCKoAmmnfSSwntzlLnWlDe5TA4Ft7R8EUh0i+6vgikO
jUaDRtO1jBQs9zSDZXfVW2e6egTipjdlz60Y4d0ND9hPXqq4z5vvDGQlEcn9o7VD
aA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:00:25 2025 by rpki-client