Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8169C1FC452411F09EE09EE8DAE4EC9C.roa
File: 8169C1FC452411F09EE09EE8DAE4EC9C.roa (raw, json)
Hash identifier: wKVg53FpNY4aPR3Z4x6sgFWTQStwfYhI5zAyzBL8OWE=
Subject key identifier: 8C:45:0E:50:75:79:BF:51:C2:9D:89:DC:C2:BD:0B:53:55:0C:0F:DC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A8F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8169C1FC452411F09EE09EE8DAE4EC9C.roa
Signing time: Mon 09 Jun 2025 11:25:55 +0000
ROA not before: Mon 09 Jun 2025 11:25:47 +0000
ROA not after: Tue 11 Nov 2025 11:25:47 +0000
asID: 152849
IP address blocks: 156.235.96.0/21 maxlen: 24
156.235.104.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 21 Jun 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88719 (0x15a8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 9 11:25:47 2025 GMT
Not After : Nov 11 11:25:47 2025 GMT
Subject: CN=6846c4c3-7957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ea:c6:85:e9:75:8a:10:68:ea:ad:92:8f:f4:
c7:61:6c:18:16:1d:22:53:d9:b3:50:92:d4:91:29:
49:c1:5b:35:26:0c:a0:38:83:a5:26:bf:92:53:9f:
4d:4d:aa:a6:90:ae:08:d7:f3:6a:1f:61:6d:ec:70:
51:aa:ab:99:5c:ad:05:3d:4d:42:9f:93:a5:ad:fd:
39:af:00:5c:64:f0:c8:c5:f4:62:0a:8b:c0:6c:8a:
3c:12:43:44:8d:c7:67:03:80:27:e6:af:ff:7a:dc:
f6:7d:6f:c8:15:af:4d:bc:fd:f4:29:38:9a:1d:bd:
c5:d1:ec:6d:07:01:85:93:43:8d:29:5c:c2:90:f8:
c0:ea:81:8e:68:2d:ec:f4:26:3c:aa:b0:ae:be:0c:
ee:68:c5:7c:21:90:d5:1d:97:ff:4a:c8:0a:ff:b4:
64:73:79:64:b7:4c:a6:22:cd:e3:25:d0:c4:dd:fb:
71:92:e4:c6:f4:5a:0e:c2:41:42:33:de:5c:aa:75:
00:b6:b9:5e:1c:62:40:ce:1f:74:15:be:7c:10:b4:
3e:36:02:ea:e7:6e:55:a2:32:14:b7:4b:a6:b5:ac:
75:2c:df:b1:b1:c0:e0:8b:79:0f:2f:ec:fc:3e:f6:
2a:22:60:d3:9d:7b:ce:62:2c:c4:fc:51:92:1e:d5:
e6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:45:0E:50:75:79:BF:51:C2:9D:89:DC:C2:BD:0B:53:55:0C:0F:DC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8169C1FC452411F09EE09EE8DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.96.0/20
Signature Algorithm: sha256WithRSAEncryption
46:35:f2:95:4c:b0:15:67:d3:b2:a0:f1:ac:bd:e6:6d:72:50:
fa:15:f6:ce:3b:d2:ec:91:29:84:c6:f4:0b:7b:67:85:14:74:
10:ab:10:de:f5:93:e1:67:c0:aa:17:5e:b9:ab:11:c5:ac:b7:
eb:42:74:50:3e:6c:c6:c8:33:fe:48:79:61:e4:6b:c3:55:bb:
61:2e:64:3b:f1:8d:ec:fd:a9:26:17:55:d4:71:02:7d:f6:90:
71:d1:b0:f2:53:c0:1f:cc:0a:d2:6c:df:30:53:b6:61:7c:fe:
26:f2:60:86:43:a2:0d:dd:37:0c:b6:31:6b:68:14:57:c4:9a:
3b:66:0c:15:23:81:8f:8f:a5:90:44:f7:c9:b1:c9:55:9e:e4:
a6:e5:42:e0:95:17:27:79:f7:47:d3:a5:5d:12:57:4f:03:b1:
cd:a7:f1:6c:91:ec:b9:b3:04:b0:5c:ee:e0:d2:7f:48:79:5a:
d2:6c:eb:2e:70:f2:7a:79:d9:04:51:45:75:aa:d1:a7:b3:09:
d6:85:5d:d9:05:e1:0c:33:f5:8b:a2:83:aa:e4:23:06:e3:44:
e7:84:a4:c0:59:a1:11:f2:00:98:3b:62:9b:5d:40:42:f2:43:
88:39:ae:91:42:f1:0f:08:45:13:58:5b:39:54:96:86:cd:73:
74:67:b4:ec
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVqPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA5MTEyNTQ3WhcNMjUxMTExMTEyNTQ3WjAYMRYw
FAYDVQQDEw02ODQ2YzRjMy03OTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx+rGhel1ihBo6q2Sj/THYWwYFh0iU9mzUJLUkSlJwVs1JgygOIOlJr+S
U59NTaqmkK4I1/NqH2Ft7HBRqquZXK0FPU1Cn5Olrf05rwBcZPDIxfRiCovAbIo8
EkNEjcdnA4An5q//etz2fW/IFa9NvP30KTiaHb3F0extBwGFk0ONKVzCkPjA6oGO
aC3s9CY8qrCuvgzuaMV8IZDVHZf/SsgK/7Rkc3lkt0ymIs3jJdDE3ftxkuTG9FoO
wkFCM95cqnUAtrleHGJAzh90Fb58ELQ+NgLq525VojIUt0umtax1LN+xscDgi3kP
L+z8PvYqImDTnXvOYizE/FGSHtXmOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIxF
DlB1eb9Rwp2J3MK9C1NVDA/cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MTY5QzFGQzQ1MjQxMUYwOUVFMDlFRThEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEnOtgMA0GCSqGSIb3DQEBCwUA
A4IBAQBGNfKVTLAVZ9OyoPGsveZtclD6FfbOO9LskSmExvQLe2eFFHQQqxDe9ZPh
Z8CqF165qxHFrLfrQnRQPmzGyDP+SHlh5GvDVbthLmQ78Y3s/akmF1XUcQJ99pBx
0bDyU8AfzArSbN8wU7ZhfP4m8mCGQ6IN3TcMtjFraBRXxJo7ZgwVI4GPj6WQRPfJ
sclVnuSm5ULglRcnefdH06VdEldPA7HNp/Fskey5swSwXO7g0n9IeVrSbOsucPJ6
edkEUUV1qtGnswnWhV3ZBeEMM/WLooOq5CMG40TnhKTAWaER8gCYO2KbXUBC8kOI
Oa6RQvEPCEUTWFs5VJaGzXN0Z7Ts
-----END CERTIFICATE-----
Generated at Thu Jun 19 06:30:20 2025 by rpki-client