Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B12EBF62D0211F085CD7894DAE4EC9C.roa
File: 7B12EBF62D0211F085CD7894DAE4EC9C.roa (raw, json)
Hash identifier: AuMX1d1ikqnIAQRz6iW6SrZSMTrjj1TvD/24wSDFIQw=
Subject key identifier: D3:41:D1:EA:9D:87:24:80:A9:ED:0B:60:8E:36:E5:3A:61:D3:00:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015335
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B12EBF62D0211F085CD7894DAE4EC9C.roa
Signing time: Fri 09 May 2025 18:21:53 +0000
ROA not before: Fri 09 May 2025 18:21:48 +0000
ROA not after: Sun 09 Nov 2025 18:21:48 +0000
asID: 17561
IP address blocks: 156.228.11.0/24 maxlen: 24
156.228.23.0/24 maxlen: 24
156.228.24.0/24 maxlen: 24
156.228.28.0/22 maxlen: 24
156.228.32.0/20 maxlen: 24
156.228.56.0/22 maxlen: 24
156.228.60.0/23 maxlen: 24
156.228.63.0/24 maxlen: 24
156.228.64.0/21 maxlen: 24
156.228.72.0/22 maxlen: 24
156.228.120.0/24 maxlen: 24
156.228.131.0/24 maxlen: 24
156.228.132.0/22 maxlen: 24
156.228.136.0/23 maxlen: 24
156.228.188.0/24 maxlen: 24
156.228.193.0/24 maxlen: 24
156.228.195.0/24 maxlen: 24
156.228.196.0/22 maxlen: 24
156.228.200.0/23 maxlen: 24
156.228.204.0/22 maxlen: 24
156.228.212.0/22 maxlen: 24
156.228.216.0/21 maxlen: 24
156.228.224.0/21 maxlen: 24
156.228.234.0/23 maxlen: 24
156.228.236.0/22 maxlen: 24
156.228.240.0/21 maxlen: 24
156.228.248.0/23 maxlen: 24
156.228.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 18 Jun 2025 00:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86837 (0x15335)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 9 18:21:48 2025 GMT
Not After : Nov 9 18:21:48 2025 GMT
Subject: CN=681e47c1-a733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:55:17:5a:2c:6c:ec:ff:c4:d1:92:63:4e:f3:
11:88:94:ff:34:f2:28:bc:4c:26:b7:8d:df:c8:a4:
58:e2:66:4e:ff:0b:c1:a4:06:56:4c:b7:e7:a7:26:
9f:74:84:2c:78:6c:62:d2:95:4c:84:94:4e:91:57:
a7:08:0d:b7:50:5e:21:4e:44:79:1e:bc:be:d1:76:
0d:46:58:df:33:3d:d6:ae:b8:5b:7e:8f:52:60:ea:
2e:56:0a:75:64:63:16:f9:64:65:2b:9a:ef:72:41:
eb:67:50:d3:ee:58:46:80:c2:ce:38:95:3c:b3:1c:
4b:61:e5:03:ab:8a:94:b8:04:b6:50:31:ce:d9:21:
a7:ac:68:79:52:b8:ec:90:ab:f4:59:8e:78:bb:f3:
b4:b3:b1:0f:7d:7d:c0:62:b4:f8:63:cc:67:df:3e:
24:24:0a:71:35:cc:68:2e:8b:1a:de:ed:4f:76:3d:
e0:15:75:48:ae:f5:a9:b4:3a:e3:3a:57:bf:61:77:
69:53:07:04:2f:6a:aa:3c:ba:9f:4a:9c:40:34:13:
be:37:11:6b:54:e7:84:c9:1f:b3:fd:cd:21:67:7e:
7d:0e:b3:6f:12:c6:b0:85:cc:77:64:dd:49:9c:6e:
27:56:9b:d0:01:34:fb:1d:65:78:7a:f2:3d:c1:89:
67:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:41:D1:EA:9D:87:24:80:A9:ED:0B:60:8E:36:E5:3A:61:D3:00:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B12EBF62D0211F085CD7894DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.11.0/24
156.228.23.0-156.228.24.255
156.228.28.0-156.228.47.255
156.228.56.0-156.228.61.255
156.228.63.0-156.228.75.255
156.228.120.0/24
156.228.131.0-156.228.137.255
156.228.188.0/24
156.228.193.0/24
156.228.195.0-156.228.201.255
156.228.204.0/22
156.228.212.0-156.228.231.255
156.228.234.0-156.228.249.255
156.228.252.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:2f:b0:aa:4f:b9:09:d4:68:30:29:9b:d2:62:fb:09:86:d7:
f7:a4:62:2e:78:a4:19:9e:8f:c6:ce:4f:3f:02:69:e2:06:8e:
08:28:38:d4:15:15:ce:0a:c0:7a:20:74:c8:fe:06:00:4a:64:
a2:fa:cf:11:de:28:0d:a1:ab:37:05:ec:47:76:ed:6c:05:bd:
84:3a:9d:b2:14:47:04:6e:8a:e6:b5:72:b2:49:79:17:ed:43:
c6:98:4e:9f:e1:a1:88:c5:09:c3:71:46:f3:39:1a:cb:65:e1:
2d:c7:27:98:02:71:63:57:11:a5:bd:da:44:18:e4:bc:38:a3:
57:3c:ad:b6:a0:f7:a8:1f:e3:e3:f7:2a:cb:f2:94:c5:93:fa:
c5:61:c6:76:6e:97:9a:25:21:3f:16:e6:0a:2e:43:c9:c4:40:
7f:f4:3c:b1:1b:1e:64:8c:d1:0e:c0:e6:a7:a5:3f:64:e5:fd:
14:21:1c:53:c9:65:cb:55:5a:d3:eb:5d:b6:36:03:71:95:17:
04:67:35:ca:85:17:b5:b2:aa:30:db:79:2b:51:73:b8:2c:c0:
df:3b:89:69:eb:9f:67:bd:bc:06:c1:d5:3d:35:ff:a4:db:f2:
fa:e8:ba:de:bd:51:2c:0d:06:ca:0b:d3:6c:b5:84:be:9e:d1:
28:95:14:38
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgIDAVM1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA5MTgyMTQ4WhcNMjUxMTA5MTgyMTQ4WjAYMRYw
FAYDVQQDEw02ODFlNDdjMS1hNzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3FUXWixs7P/E0ZJjTvMRiJT/NPIovEwmt43fyKRY4mZO/wvBpAZWTLfn
pyafdIQseGxi0pVMhJROkVenCA23UF4hTkR5Hry+0XYNRljfMz3Wrrhbfo9SYOou
Vgp1ZGMW+WRlK5rvckHrZ1DT7lhGgMLOOJU8sxxLYeUDq4qUuAS2UDHO2SGnrGh5
UrjskKv0WY54u/O0s7EPfX3AYrT4Y8xn3z4kJApxNcxoLosa3u1Pdj3gFXVIrvWp
tDrjOle/YXdpUwcEL2qqPLqfSpxANBO+NxFrVOeEyR+z/c0hZ359DrNvEsawhcx3
ZN1JnG4nVpvQATT7HWV4evI9wYlnYQIDAQABo4IDNTCCAzEwHQYDVR0OBBYEFNNB
0eqdhySAqe0LYI425Tph0wDTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QjEyRUJGNjJEMDIxMUYwODVDRDc4OTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBACc5AswDAMEAJzkFwME
AJzkGDAMAwQCnOQcAwQEnOQgMAwDBAOc5DgDBAGc5DwwDAMEAJzkPwMEApzkSAME
AJzkeDAMAwQAnOSDAwQBnOSIAwQAnOS8AwQAnOTBMAwDBACc5MMDBAGc5MgDBAKc
5MwwDAMEApzk1AMEA5zk4DAMAwQBnOTqAwQBnOT4AwQCnOT8MA0GCSqGSIb3DQEB
CwUAA4IBAQBuL7CqT7kJ1GgwKZvSYvsJhtf3pGIueKQZno/Gzk8/AmniBo4IKDjU
FRXOCsB6IHTI/gYASmSi+s8R3igNoas3BexHdu1sBb2EOp2yFEcEbormtXKySXkX
7UPGmE6f4aGIxQnDcUbzORrLZeEtxyeYAnFjVxGlvdpEGOS8OKNXPK22oPeoH+Pj
9yrL8pTFk/rFYcZ2bpeaJSE/FuYKLkPJxEB/9DyxGx5kjNEOwOanpT9k5f0UIRxT
yWXLVVrT6122NgNxlRcEZzXKhRe1sqow23krUXO4LMDfO4lp659nvbwGwdU9Nf+k
2/L66LrevVEsDQbKC9NstYS+ntEolRQ4
-----END CERTIFICATE-----
Generated at Mon Jun 16 08:56:03 2025 by rpki-client