Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFBB98E67E0D11F0AE4A1579DAE4EC9C.roa
File: BFBB98E67E0D11F0AE4A1579DAE4EC9C.roa (raw, json)
Hash identifier: 52nub6eDvdTsq5fQ+CFcMiJI9t4L0BE/ZhI6EIv3mv8=
Subject key identifier: A1:6F:05:67:9D:B3:AF:BB:55:3C:50:71:27:37:85:5E:D1:DD:EF:8F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016CDE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFBB98E67E0D11F0AE4A1579DAE4EC9C.roa
Signing time: Wed 20 Aug 2025 21:36:37 +0000
ROA not before: Wed 20 Aug 2025 21:36:32 +0000
ROA not after: Wed 05 Jul 2028 21:36:32 +0000
asID: 17561
IP address blocks: 45.206.148.0/24 maxlen: 24
45.206.149.0/24 maxlen: 24
45.206.150.0/24 maxlen: 24
45.206.151.0/24 maxlen: 24
45.206.152.0/24 maxlen: 24
45.206.153.0/24 maxlen: 24
45.206.154.0/24 maxlen: 24
45.206.155.0/24 maxlen: 24
45.206.156.0/24 maxlen: 24
45.206.157.0/24 maxlen: 24
45.206.158.0/24 maxlen: 24
45.206.159.0/24 maxlen: 24
45.206.160.0/24 maxlen: 24
45.206.161.0/24 maxlen: 24
45.206.162.0/24 maxlen: 24
45.206.163.0/24 maxlen: 24
45.206.164.0/24 maxlen: 24
45.206.165.0/24 maxlen: 24
45.206.166.0/24 maxlen: 24
45.206.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 25 Aug 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93406 (0x16cde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 21:36:32 2025 GMT
Not After : Jul 5 21:36:32 2028 GMT
Subject: CN=68a63fe5-ae02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:03:40:57:cf:f3:72:73:6b:71:2f:43:63:d3:
ad:d5:6e:5c:a9:e9:d0:e4:f2:90:01:3b:60:bb:f7:
bc:49:7c:4f:01:29:f3:13:ff:a8:e8:16:c5:2b:12:
09:18:31:92:91:8e:3c:a9:9c:45:2b:8a:4d:cb:bc:
6d:d3:b7:d0:88:58:82:d0:9c:87:bf:e8:f6:eb:aa:
ba:0f:60:06:be:7e:17:ef:85:f0:49:18:cf:19:68:
ef:29:42:c8:3b:8f:36:b3:ef:7b:ce:68:5c:c2:d7:
ba:4f:3f:bb:79:39:4c:3b:73:72:1c:43:bd:2a:d8:
1f:a6:ea:86:81:f4:2e:11:f4:20:ed:00:da:00:d7:
8c:6f:ad:f6:82:5d:75:4e:0b:88:42:ae:60:47:81:
d4:ac:0a:15:46:34:a3:99:42:e0:06:6c:4c:99:48:
97:55:9a:b3:36:46:3d:c5:13:98:72:00:d3:f4:57:
7c:5c:e0:64:8b:d3:44:0d:62:73:d9:95:e1:2b:83:
ac:d2:9e:2f:f8:eb:2f:7c:de:2b:f1:ba:e4:b2:09:
16:0e:10:d3:25:8a:45:ba:8a:76:15:62:2c:3a:08:
93:27:e3:81:78:ea:35:91:1a:f5:c6:b8:4e:ea:1e:
77:8f:5f:ef:39:56:8a:ee:30:da:80:d5:07:fc:fa:
0a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6F:05:67:9D:B3:AF:BB:55:3C:50:71:27:37:85:5E:D1:DD:EF:8F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFBB98E67E0D11F0AE4A1579DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.206.148.0-45.206.167.255
Signature Algorithm: sha256WithRSAEncryption
32:4e:dd:dc:b7:70:e5:43:65:64:37:ce:f8:1b:13:dd:27:28:
c6:d4:12:d7:31:1a:4b:57:f6:e4:7d:78:59:bb:66:1a:91:71:
3a:e4:ff:86:a8:f7:40:18:c8:e1:fe:a2:84:b7:f0:0f:3f:47:
85:83:29:e5:94:cb:a7:73:23:4e:8f:9b:88:a7:b5:3d:2a:4c:
b3:82:0c:a0:4c:d6:21:89:2f:0f:52:18:8b:72:32:19:4f:58:
48:e6:cd:75:3e:6a:88:e6:6a:28:d3:76:53:36:58:92:e0:26:
59:cf:49:c9:7f:9a:78:18:59:43:8c:00:d5:2a:8d:92:19:09:
52:53:f8:09:9d:cb:6b:65:02:66:fb:a9:a3:6e:42:c0:60:50:
78:a0:91:a2:06:1e:0e:6b:e9:30:ec:12:ed:30:da:e2:5f:bf:
fe:e2:d8:59:53:80:27:c4:85:b4:5f:8f:67:c5:28:f7:7f:6f:
17:40:f0:6a:65:14:9a:02:c3:ce:3d:27:45:36:6f:32:e8:b7:
c0:a8:14:01:61:42:37:a8:0c:6e:0a:c5:cf:7c:6d:57:23:ec:
b8:f7:96:df:34:67:43:4f:bf:dc:da:f9:ce:bf:41:e6:f5:d7:
33:b3:2a:c6:cf:26:e0:31:ae:49:86:9e:7b:c0:64:58:4e:b0:
0f:2f:48:a6
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWzeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwODIwMjEzNjMyWhcNMjgwNzA1MjEzNjMyWjAYMRYw
FAYDVQQDEw02OGE2M2ZlNS1hZTAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6QNAV8/zcnNrcS9DY9Ot1W5cqenQ5PKQATtgu/e8SXxPASnzE/+o6BbF
KxIJGDGSkY48qZxFK4pNy7xt07fQiFiC0JyHv+j266q6D2AGvn4X74XwSRjPGWjv
KULIO482s+97zmhcwte6Tz+7eTlMO3NyHEO9KtgfpuqGgfQuEfQg7QDaANeMb632
gl11TguIQq5gR4HUrAoVRjSjmULgBmxMmUiXVZqzNkY9xROYcgDT9Fd8XOBki9NE
DWJz2ZXhK4Os0p4v+OsvfN4r8brksgkWDhDTJYpFuop2FWIsOgiTJ+OBeOo1kRr1
xrhO6h53j1/vOVaK7jDagNUH/PoKeQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKFv
BWeds6+7VTxQcSc3hV7R3e+PMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRkJCOThFNjdFMEQxMUYwQUU0QTE1NzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAItzpQDBAMtzqAwDQYJKoZI
hvcNAQELBQADggEBADJO3dy3cOVDZWQ3zvgbE90nKMbUEtcxGktX9uR9eFm7ZhqR
cTrk/4ao90AYyOH+ooS38A8/R4WDKeWUy6dzI06Pm4intT0qTLOCDKBM1iGJLw9S
GItyMhlPWEjmzXU+aojmaijTdlM2WJLgJlnPScl/mngYWUOMANUqjZIZCVJT+Amd
y2tlAmb7qaNuQsBgUHigkaIGHg5r6TDsEu0w2uJfv/7i2FlTgCfEhbRfj2fFKPd/
bxdA8GplFJoCw849J0U2bzLot8CoFAFhQjeoDG4Kxc98bVcj7Lj3lt80Z0NPv9za
+c6/Qeb11zOzKsbPJuAxrkmGnnvAZFhOsA8vSKY=
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:13:17 2025 by rpki-client