Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEBF6DD4688011F09FD7A08EDAE4EC9C.roa
File: BEBF6DD4688011F09FD7A08EDAE4EC9C.roa (raw, json)
Hash identifier: 8eKvr99c0SpOlFprHdPbnSfawnTpNCAiqb9lSDYTS60=
Subject key identifier: 2A:5A:59:FF:A1:14:C0:5C:9A:7C:F2:4E:6D:03:B6:B6:34:07:51:88
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01674B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEBF6DD4688011F09FD7A08EDAE4EC9C.roa
Signing time: Thu 24 Jul 2025 11:24:22 +0000
ROA not before: Thu 24 Jul 2025 11:24:17 +0000
ROA not after: Thu 28 Aug 2025 11:24:17 +0000
asID: 44559
IP address blocks: 156.246.150.0/24 maxlen: 24
156.246.151.0/24 maxlen: 24
156.246.152.0/24 maxlen: 24
156.246.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 06 Aug 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91979 (0x1674b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 24 11:24:17 2025 GMT
Not After : Aug 28 11:24:17 2025 GMT
Subject: CN=688217e6-a713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:30:99:8d:5e:e3:b4:e7:a5:68:e9:72:f4:30:
e3:f1:c3:1c:fb:04:1b:95:30:9a:aa:cb:cb:e2:5b:
b8:e1:cc:7d:86:7c:37:f0:07:7c:48:b6:a5:3e:fb:
dd:f6:c3:07:2c:9b:ac:2f:7d:75:66:b4:f9:b1:40:
a9:0c:5b:45:47:21:54:4d:75:77:75:0b:4a:4b:d3:
df:73:4c:54:cb:f1:bd:2f:37:e6:b8:13:09:1d:55:
eb:fe:7f:d7:7c:e3:cf:0c:92:87:ad:51:bf:85:bd:
dc:8a:62:e5:66:2b:14:7c:f9:5b:24:08:e1:f2:ab:
04:80:ea:60:68:02:c2:20:6a:22:b2:5d:cc:d4:22:
51:6e:d9:8b:23:64:18:42:9d:35:e9:b5:ff:90:05:
6f:7d:60:48:0c:13:1e:17:f9:20:af:e4:d1:bc:42:
08:47:8d:33:ce:6a:c3:7b:4f:d2:b5:7d:7b:65:f5:
90:31:aa:ce:e6:05:69:26:bb:98:dd:ba:96:33:32:
e2:72:af:7d:19:df:ae:91:a1:29:3c:0e:4c:67:3d:
ec:9a:54:d9:07:18:ba:6f:39:ba:86:3e:42:ed:63:
03:12:6d:5c:15:ba:00:4b:ec:3c:b7:c1:a1:0d:56:
ff:82:a6:2b:50:fa:32:24:8a:8b:81:f2:ad:d2:05:
db:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:59:FF:A1:14:C0:5C:9A:7C:F2:4E:6D:03:B6:B6:34:07:51:88
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEBF6DD4688011F09FD7A08EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.150.0-156.246.153.255
Signature Algorithm: sha256WithRSAEncryption
59:73:d3:1b:34:b4:10:83:8f:f4:2a:6b:53:ef:89:c2:aa:2f:
3d:59:9e:94:44:49:79:31:66:de:63:1d:7b:0e:f6:e3:13:6a:
10:16:7b:0b:2c:23:a9:18:64:9d:1f:ed:81:67:e4:80:12:ae:
c6:9c:3d:dd:4d:55:3f:99:97:6f:bc:7b:4d:3b:94:1f:3f:79:
56:dd:7f:dd:5d:0f:e2:6f:65:d2:95:c6:09:8f:67:14:c6:1e:
5d:70:b2:77:c8:57:76:0a:f3:42:82:f5:b2:d3:81:b6:c9:f7:
ac:60:55:65:ae:87:c7:2d:53:43:34:e3:74:2f:e5:af:61:88:
8a:e1:b3:c5:2d:18:fd:9f:cd:da:ef:d2:7e:08:bd:26:cd:9d:
56:10:c9:17:8d:b3:6d:ad:47:5b:23:ea:ac:bc:9b:10:13:8e:
e2:11:bf:9a:04:66:4b:ab:f4:e3:dd:a2:7b:b3:80:83:8c:70:
b3:79:4d:9c:97:69:34:5e:d0:34:81:c2:18:9b:54:f2:f4:a5:
8a:8a:f7:a1:a0:66:be:9a:a2:7a:6e:83:20:c2:06:57:a0:4c:
bd:09:bc:c4:94:8c:82:b8:ac:3b:57:c1:6b:07:01:66:63:bd:
d5:ca:79:f1:6a:69:80:5f:81:5a:76:1b:3d:13:f0:e3:2d:bd:
ee:9d:9b:81
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAWdLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzI0MTEyNDE3WhcNMjUwODI4MTEyNDE3WjAYMRYw
FAYDVQQDEw02ODgyMTdlNi1hNzEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlTCZjV7jtOelaOly9DDj8cMc+wQblTCaqsvL4lu44cx9hnw38Ad8SLal
Pvvd9sMHLJusL311ZrT5sUCpDFtFRyFUTXV3dQtKS9Pfc0xUy/G9LzfmuBMJHVXr
/n/XfOPPDJKHrVG/hb3cimLlZisUfPlbJAjh8qsEgOpgaALCIGoisl3M1CJRbtmL
I2QYQp016bX/kAVvfWBIDBMeF/kgr+TRvEIIR40zzmrDe0/StX17ZfWQMarO5gVp
JruY3bqWMzLicq99Gd+ukaEpPA5MZz3smlTZBxi6bzm6hj5C7WMDEm1cFboAS+w8
t8GhDVb/gqYrUPoyJIqLgfKt0gXbNQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFCpa
Wf+hFMBcmnzyTm0DtrY0B1GIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRUJGNkRENDY4ODAxMUYwOUZEN0EwOEVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGc9pYDBAGc9pgwDQYJKoZI
hvcNAQELBQADggEBAFlz0xs0tBCDj/Qqa1PvicKqLz1ZnpRESXkxZt5jHXsO9uMT
ahAWewssI6kYZJ0f7YFn5IASrsacPd1NVT+Zl2+8e007lB8/eVbdf91dD+JvZdKV
xgmPZxTGHl1wsnfIV3YK80KC9bLTgbbJ96xgVWWuh8ctU0M043Qv5a9hiIrhs8Ut
GP2fzdrv0n4IvSbNnVYQyReNs22tR1sj6qy8mxATjuIRv5oEZkur9OPdonuzgIOM
cLN5TZyXaTRe0DSBwhibVPL0pYqK96GgZr6aonpugyDCBlegTL0JvMSUjIK4rDtX
wWsHAWZjvdXKefFqaYBfgVp2Gz0T8OMtve6dm4E=
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:29:16 2025 by rpki-client