Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF64508E490811F0B9C208CCDAE4EC9C.roa
File: BF64508E490811F0B9C208CCDAE4EC9C.roa (raw, json)
Hash identifier: eEtw46pFMoZcqOIv+K4pkQ03bD9hUL0w67LXd86AloE=
Subject key identifier: A7:13:54:FE:E4:95:C3:CB:35:12:4B:D0:C0:79:6A:BD:31:4F:B6:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015C09
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF64508E490811F0B9C208CCDAE4EC9C.roa
Signing time: Sat 14 Jun 2025 10:17:17 +0000
ROA not before: Sat 14 Jun 2025 10:17:12 +0000
ROA not after: Fri 04 Jul 2025 10:17:12 +0000
asID: 398993
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.252.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 04 Jul 2025 10:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89097 (0x15c09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 14 10:17:12 2025 GMT
Not After : Jul 4 10:17:12 2025 GMT
Subject: CN=684d4c2d-0d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0c:62:4c:47:01:08:69:43:c5:ec:a9:5f:8d:
e3:6c:4b:9b:50:dd:e2:e1:14:64:21:d4:47:43:7d:
d9:81:f3:50:5b:88:24:46:f8:f0:7f:0f:bb:11:79:
f9:5f:f4:98:37:7c:00:ac:d9:2c:38:2b:80:99:e0:
6d:80:89:ca:b9:45:a5:7f:5e:98:61:bb:bc:ed:bf:
f6:54:5d:49:7a:12:34:00:a0:f4:e5:56:7c:a7:22:
81:ac:a0:98:f9:0e:bc:88:c6:5e:78:f7:1b:38:69:
e6:e0:f6:cd:1e:73:70:69:98:dc:3d:d2:d2:01:6b:
84:04:05:fd:40:e5:cc:8d:11:30:06:2b:3b:fe:17:
31:f1:d8:20:9e:ed:6e:e2:93:98:df:87:a8:93:be:
03:7b:48:29:59:0c:f8:30:3b:64:86:b8:b6:e9:5b:
79:16:cf:50:2d:42:75:33:89:d0:b9:32:a8:79:4c:
04:90:a0:8d:83:7e:76:cc:27:a7:86:97:31:48:36:
ae:11:92:1c:70:82:f9:07:f8:23:63:60:59:e5:de:
c7:64:ff:a4:02:dc:74:73:ce:1a:b7:68:0b:8e:12:
7e:ac:93:8a:7e:da:a4:18:e1:ae:6c:c1:50:21:6c:
41:65:4c:07:75:a5:8c:b3:f9:78:1a:7a:3e:46:a6:
b0:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:13:54:FE:E4:95:C3:CB:35:12:4B:D0:C0:79:6A:BD:31:4F:B6:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF64508E490811F0B9C208CCDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.252.96.0/19
Signature Algorithm: sha256WithRSAEncryption
01:4a:16:5f:75:a6:42:b2:1e:fd:55:dc:fe:b2:89:59:81:2b:
c5:f8:69:8e:ad:ec:d1:a5:3e:4d:4f:52:70:72:c4:26:35:3b:
ad:71:79:00:7f:b7:ba:47:9a:05:02:48:7f:f8:f3:ed:d9:d9:
4e:46:3e:cb:40:4f:08:3d:21:21:ff:59:95:93:0f:92:18:2d:
e6:fd:27:34:25:4c:37:fc:ec:0f:d6:09:e2:92:57:85:d8:b5:
67:a9:6e:8e:ff:70:2f:00:a7:af:8b:02:49:ed:67:ef:17:e2:
63:3f:f5:1c:eb:ca:be:fd:1b:64:1e:4b:2a:7c:98:21:b9:11:
1b:d6:cc:6f:a8:d2:0e:94:32:8d:b4:d6:ec:c9:38:d6:a6:0b:
09:8f:a9:6c:60:95:6a:ac:43:37:3f:36:2b:09:0b:29:ff:fe:
1f:54:10:a5:67:cb:cf:64:a8:5e:39:26:e4:74:5b:f8:b0:b1:
ae:08:57:8f:98:d6:d5:f8:40:71:3b:49:7f:ec:6f:86:b1:b4:
ae:fd:77:82:09:12:75:eb:04:a2:ff:42:40:3c:d4:f7:b8:7f:
8f:ed:36:4c:4e:80:52:05:59:e4:6b:e9:f7:09:4a:9d:80:ef:
8b:fc:6a:94:c4:06:4e:6d:63:c9:23:c1:b6:d8:32:1a:99:70:
12:cd:91:72
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAVwJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjE0MTAxNzEyWhcNMjUwNzA0MTAxNzEyWjAYMRYw
FAYDVQQDEw02ODRkNGMyZC0wZDEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyQxiTEcBCGlDxeypX43jbEubUN3i4RRkIdRHQ33ZgfNQW4gkRvjwfw+7
EXn5X/SYN3wArNksOCuAmeBtgInKuUWlf16YYbu87b/2VF1JehI0AKD05VZ8pyKB
rKCY+Q68iMZeePcbOGnm4PbNHnNwaZjcPdLSAWuEBAX9QOXMjREwBis7/hcx8dgg
nu1u4pOY34eok74De0gpWQz4MDtkhri26Vt5Fs9QLUJ1M4nQuTKoeUwEkKCNg352
zCenhpcxSDauEZIccIL5B/gjY2BZ5d7HZP+kAtx0c84at2gLjhJ+rJOKftqkGOGu
bMFQIWxBZUwHdaWMs/l4Gno+RqawSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKcT
VP7klcPLNRJL0MB5ar0xT7YpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjY0NTA4RTQ5MDgxMUYwQjlDMjA4Q0NEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFnOOgAwQFnPxgMA0GCSqGSIb3
DQEBCwUAA4IBAQABShZfdaZCsh79Vdz+solZgSvF+GmOrezRpT5NT1JwcsQmNTut
cXkAf7e6R5oFAkh/+PPt2dlORj7LQE8IPSEh/1mVkw+SGC3m/Sc0JUw3/OwP1gni
kleF2LVnqW6O/3AvAKeviwJJ7WfvF+JjP/Uc68q+/RtkHksqfJghuREb1sxvqNIO
lDKNtNbsyTjWpgsJj6lsYJVqrEM3PzYrCQsp//4fVBClZ8vPZKheOSbkdFv4sLGu
CFePmNbV+EBxO0l/7G+GsbSu/XeCCRJ16wSi/0JAPNT3uH+P7TZMToBSBVnka+n3
CUqdgO+L/GqUxAZObWPJI8G22DIamXASzZFy
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:24:04 2025 by rpki-client