Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDFC660424C911F0AA22349BDAE4EC9C.roa
File: BDFC660424C911F0AA22349BDAE4EC9C.roa (raw, json)
Hash identifier: f8Q1YpqxDH/Yyjixp9Pxha46uqd+TC28UwuLZ4keOYc=
Subject key identifier: 67:01:2A:00:E6:17:EB:78:13:7E:94:2A:2A:4A:37:E3:8E:F3:84:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015013
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDFC660424C911F0AA22349BDAE4EC9C.roa
Signing time: Tue 29 Apr 2025 07:15:35 +0000
ROA not before: Tue 29 Apr 2025 07:15:30 +0000
ROA not after: Wed 31 Dec 2025 07:15:30 +0000
asID: 139057
IP address blocks: 156.246.18.0/23 maxlen: 24
156.246.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86035 (0x15013)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 07:15:30 2025 GMT
Not After : Dec 31 07:15:30 2025 GMT
Subject: CN=68107c97-55f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:5a:a7:07:af:a7:45:47:17:8b:89:7b:67:
b6:6b:2b:91:cf:3a:0b:dd:d3:02:fa:c9:68:2b:63:
85:97:42:ff:22:cf:d6:32:ef:54:af:4a:d8:02:94:
b2:44:58:73:aa:dd:7a:40:9d:5c:6b:08:bf:5d:de:
ac:b6:40:05:f4:7f:27:f7:6d:2b:67:f1:c0:9c:c5:
24:ce:c6:34:6e:4b:95:dd:15:1f:a5:67:ae:8a:3d:
34:61:54:50:f3:c1:bf:23:7f:aa:67:17:e7:5a:3d:
b1:3a:07:ce:cd:13:88:0b:f8:a9:ce:1e:50:8c:9a:
c0:cc:58:9a:e2:f3:0b:57:cc:3e:a5:f9:1b:5e:da:
b4:34:dd:c4:72:80:9b:1e:2f:ec:4e:2d:84:94:dc:
ec:3b:5f:f2:aa:fc:b5:02:56:5f:96:34:56:5f:a3:
e7:a2:89:5a:ca:6e:47:81:13:09:dd:a5:52:be:50:
55:0d:a9:1c:46:7d:f5:30:7a:6d:05:66:fb:af:df:
2c:70:e8:d7:ad:74:e9:de:bf:6c:65:e5:a6:af:e7:
3e:b2:b7:7e:d2:29:fa:4f:96:59:67:0d:14:d0:08:
e1:0b:da:bb:0d:58:24:d7:71:5c:e1:f8:57:57:8a:
c6:55:1e:5b:69:4f:35:31:4f:a9:b9:d9:cb:2a:8d:
75:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:01:2A:00:E6:17:EB:78:13:7E:94:2A:2A:4A:37:E3:8E:F3:84:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BDFC660424C911F0AA22349BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.18.0-156.246.20.255
Signature Algorithm: sha256WithRSAEncryption
20:0f:6b:cc:06:06:8a:1b:fc:64:2a:8b:51:f9:ff:29:aa:4f:
4b:3f:76:35:27:10:e6:a1:8a:44:82:c7:27:9f:81:bb:b2:2e:
ad:6d:bc:96:b1:cb:cc:e0:2b:b3:7b:ab:04:c1:9a:fb:4f:0f:
37:4d:b2:99:ae:9a:27:50:e9:a1:7d:a9:df:d8:fd:49:a5:99:
ab:71:80:5c:b0:57:f6:09:c8:4f:ae:db:5a:2b:97:a6:50:e7:
fc:77:56:fc:bb:f3:57:e3:6f:3c:91:ba:b7:46:61:3d:bc:95:
d2:fd:8a:f0:19:96:df:04:ff:55:2b:77:08:f7:60:9a:87:9a:
71:ba:7c:e9:17:b4:12:5d:38:36:18:2b:10:20:a6:20:20:af:
3c:30:4e:a1:f7:06:fc:da:91:cc:ac:f3:28:1d:81:61:bf:17:
f3:17:c2:e5:ef:c8:ba:63:52:d4:b7:b8:84:66:bb:42:43:72:
2e:ed:f7:fd:a4:1b:6d:76:50:b0:67:bd:7b:37:8e:0f:a4:67:
f3:a1:71:19:3f:47:42:8d:53:e9:e1:13:07:93:c4:58:6a:b1:
f2:31:87:4b:54:a6:40:f4:19:7f:4c:d0:f0:f4:e7:8c:a1:bc:
af:55:db:3a:f1:7e:5a:10:a6:01:5f:17:c9:7a:a7:e7:b7:56:
e6:3a:2f:8c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVATMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDcxNTMwWhcNMjUxMjMxMDcxNTMwWjAYMRYw
FAYDVQQDEw02ODEwN2M5Ny01NWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAn8Vapwevp0VHF4uJe2e2ayuRzzoL3dMC+sloK2OFl0L/Is/WMu9Ur0rY
ApSyRFhzqt16QJ1cawi/Xd6stkAF9H8n920rZ/HAnMUkzsY0bkuV3RUfpWeuij00
YVRQ88G/I3+qZxfnWj2xOgfOzROIC/ipzh5QjJrAzFia4vMLV8w+pfkbXtq0NN3E
coCbHi/sTi2ElNzsO1/yqvy1AlZfljRWX6Pnoolaym5HgRMJ3aVSvlBVDakcRn31
MHptBWb7r98scOjXrXTp3r9sZeWmr+c+srd+0in6T5ZZZw0U0AjhC9q7DVgk13Fc
4fhXV4rGVR5baU81MU+pudnLKo119wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFGcB
KgDmF+t4E36UKipKN+OO84T4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CREZDNjYwNDI0QzkxMUYwQUEyMjM0OUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGc9hIDBACc9hQwDQYJKoZI
hvcNAQELBQADggEBACAPa8wGBoob/GQqi1H5/ymqT0s/djUnEOahikSCxyefgbuy
Lq1tvJaxy8zgK7N7qwTBmvtPDzdNspmumidQ6aF9qd/Y/UmlmatxgFywV/YJyE+u
21orl6ZQ5/x3Vvy781fjbzyRurdGYT28ldL9ivAZlt8E/1Urdwj3YJqHmnG6fOkX
tBJdODYYKxAgpiAgrzwwTqH3Bvzakcys8ygdgWG/F/MXwuXvyLpjUtS3uIRmu0JD
ci7t9/2kG212ULBnvXs3jg+kZ/OhcRk/R0KNU+nhEweTxFhqsfIxh0tUpkD0GX9M
0PD054yhvK9V2zrxfloQpgFfF8l6p+e3VuY6L4w=
-----END CERTIFICATE-----
Generated at Mon May 12 10:23:34 2025 by rpki-client