Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE73A5CA66B911F086B9C27BDAE4EC9C.roa
File: BE73A5CA66B911F086B9C27BDAE4EC9C.roa (raw, json)
Hash identifier: xzsmuywjZyw4otCbYBsZRHMEOTEe4oWkVgwJykqWxPU=
Subject key identifier: A9:CF:0A:68:5E:10:ED:57:D4:C1:A8:E0:DD:EB:9B:FB:D0:AC:40:59
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01665D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE73A5CA66B911F086B9C27BDAE4EC9C.roa
Signing time: Tue 22 Jul 2025 05:07:20 +0000
ROA not before: Tue 22 Jul 2025 05:07:14 +0000
ROA not after: Mon 25 Aug 2025 05:07:14 +0000
asID: 203020
IP address blocks: 156.229.240.0/22 maxlen: 24
156.238.184.0/22 maxlen: 24
156.241.8.0/21 maxlen: 24
156.241.44.0/22 maxlen: 24
156.243.40.0/21 maxlen: 24
156.243.120.0/21 maxlen: 24
156.243.152.0/22 maxlen: 24
156.243.208.0/21 maxlen: 24
156.243.236.0/22 maxlen: 24
156.244.192.0/21 maxlen: 24
156.244.200.0/22 maxlen: 24
156.244.212.0/22 maxlen: 24
156.244.216.0/21 maxlen: 24
156.248.16.0/22 maxlen: 24
156.248.96.0/22 maxlen: 24
156.249.68.0/22 maxlen: 24
156.249.72.0/21 maxlen: 24
156.249.84.0/22 maxlen: 24
156.249.88.0/21 maxlen: 24
156.249.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 10 Aug 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91741 (0x1665d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 22 05:07:14 2025 GMT
Not After : Aug 25 05:07:14 2025 GMT
Subject: CN=687f1c88-0dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:59:8f:53:c4:af:ba:98:c1:09:3a:4b:54:fe:
0e:52:b8:a8:a3:b5:b2:d2:25:e8:93:68:3f:3b:f8:
4a:9a:d1:f5:c8:c7:4a:14:0c:1d:d3:eb:82:f8:cb:
a0:d6:e4:89:3f:ca:36:b5:f8:bb:4e:47:3b:6a:a9:
1a:ec:60:80:9c:16:85:1b:fa:a0:88:e7:ec:41:13:
8e:a8:da:07:f5:91:94:3b:47:a4:e6:4e:54:71:5b:
14:9c:d0:7f:f3:9f:ec:f6:d5:49:a9:2f:b5:fc:3c:
42:af:8e:4b:08:08:b7:16:5f:78:3d:dd:50:59:4a:
73:5b:25:09:1c:55:83:85:e3:16:16:83:a9:b9:20:
d9:90:b9:fa:81:40:e0:aa:1f:a7:2e:06:c5:a5:af:
b5:3a:f6:d7:10:fb:53:3a:1a:33:4b:52:4c:37:e3:
59:aa:1d:93:52:35:9b:2e:f2:f1:66:09:a7:2a:5a:
f8:34:07:77:ca:35:9f:df:d9:a7:46:23:5a:1e:92:
cd:48:4e:8b:5b:05:66:ee:f8:d9:c4:6b:cb:ca:20:
f3:64:e1:fe:e2:97:f8:af:46:ad:11:9c:5a:06:a6:
f0:e5:76:37:b0:54:8f:87:a1:61:d0:58:f0:10:f6:
dd:dd:69:96:db:5e:63:7a:19:b8:60:8c:f5:14:5e:
8d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CF:0A:68:5E:10:ED:57:D4:C1:A8:E0:DD:EB:9B:FB:D0:AC:40:59
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE73A5CA66B911F086B9C27BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.240.0/22
156.238.184.0/22
156.241.8.0/21
156.241.44.0/22
156.243.40.0/21
156.243.120.0/21
156.243.152.0/22
156.243.208.0/21
156.243.236.0/22
156.244.192.0-156.244.203.255
156.244.212.0-156.244.223.255
156.248.16.0/22
156.248.96.0/22
156.249.68.0-156.249.79.255
156.249.84.0-156.249.95.255
156.249.116.0/22
Signature Algorithm: sha256WithRSAEncryption
35:31:e0:4c:a4:ab:6f:b4:ff:70:17:d4:73:fe:02:cc:01:57:
0f:28:f7:8b:29:99:dc:da:ef:a7:19:04:8b:7d:56:1d:53:ac:
c2:73:bb:b0:d9:6f:a8:b2:bc:12:37:a2:a4:7c:2e:c6:93:a6:
87:b5:e6:41:e1:28:df:67:19:ba:54:94:91:d3:a7:4a:bb:da:
fa:6b:9e:20:0b:2b:d2:26:1c:0c:83:ef:bf:c9:db:8e:4d:12:
da:69:94:4b:80:42:c7:d6:d6:4d:b8:d3:3d:be:32:83:d3:e0:
73:3b:4e:39:3c:ef:51:03:5e:50:74:2e:8d:ae:c1:53:02:f8:
0d:8d:db:d5:d7:d8:86:11:a0:cf:9f:1d:2a:8f:a3:e8:d8:a1:
34:ba:09:c9:42:fd:5b:70:16:a0:aa:fe:be:06:2a:09:da:49:
d5:e3:77:b5:95:49:00:fa:e0:5f:3c:d7:70:85:6a:91:e3:8a:
f3:af:1a:6f:9f:b7:b7:d1:9d:db:2f:12:fc:cd:66:34:a9:d0:
09:3e:3b:01:5f:6d:c2:f1:53:61:47:5f:88:4c:c8:63:7e:e2:
a1:0d:ef:65:85:23:c2:d5:fd:25:ae:31:5b:34:34:ec:f5:35:
fd:da:be:5f:a5:7f:d2:79:80:14:9d:12:1f:5b:04:bb:e2:6c:
6a:05:8a:90
-----BEGIN CERTIFICATE-----
MIIGADCCBOigAwIBAgIDAWZdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzIyMDUwNzE0WhcNMjUwODI1MDUwNzE0WjAYMRYw
FAYDVQQDEw02ODdmMWM4OC0wZGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxlmPU8SvupjBCTpLVP4OUrioo7Wy0iXok2g/O/hKmtH1yMdKFAwd0+uC
+Mug1uSJP8o2tfi7Tkc7aqka7GCAnBaFG/qgiOfsQROOqNoH9ZGUO0ek5k5UcVsU
nNB/85/s9tVJqS+1/DxCr45LCAi3Fl94Pd1QWUpzWyUJHFWDheMWFoOpuSDZkLn6
gUDgqh+nLgbFpa+1OvbXEPtTOhozS1JMN+NZqh2TUjWbLvLxZgmnKlr4NAd3yjWf
39mnRiNaHpLNSE6LWwVm7vjZxGvLyiDzZOH+4pf4r0atEZxaBqbw5XY3sFSPh6Fh
0FjwEPbd3WmW215jehm4YIz1FF6N9QIDAQABo4IDITCCAx0wHQYDVR0OBBYEFKnP
CmheEO1X1MGo4N3rm/vQrEBZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTczQTVDQTY2QjkxMUYwODZCOUMyN0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAKc5fADBAKc7rgDBAOc
8QgDBAKc8SwDBAOc8ygDBAOc83gDBAKc85gDBAOc89ADBAKc8+wwDAMEBpz0wAME
Apz0yDAMAwQCnPTUAwQFnPTAAwQCnPgQAwQCnPhgMAwDBAKc+UQDBASc+UAwDAME
Apz5VAMEBZz5QAMEApz5dDANBgkqhkiG9w0BAQsFAAOCAQEANTHgTKSrb7T/cBfU
c/4CzAFXDyj3iymZ3NrvpxkEi31WHVOswnO7sNlvqLK8EjeipHwuxpOmh7XmQeEo
32cZulSUkdOnSrva+mueIAsr0iYcDIPvv8nbjk0S2mmUS4BCx9bWTbjTPb4yg9Pg
cztOOTzvUQNeUHQuja7BUwL4DY3b1dfYhhGgz58dKo+j6NihNLoJyUL9W3AWoKr+
vgYqCdpJ1eN3tZVJAPrgXzzXcIVqkeOK868ab5+3t9Gd2y8S/M1mNKnQCT47AV9t
wvFTYUdfiEzIY37ioQ3vZYUjwtX9Ja4xWzQ07PU1/dq+X6V/0nmAFJ0SH1sEu+Js
agWKkA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:09:13 2025 by rpki-client