Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0C0C13E43A511F0A2DF2BAFDAE4EC9C.roa
File: A0C0C13E43A511F0A2DF2BAFDAE4EC9C.roa (raw, json)
Hash identifier: gcTCrqFALjGZWtfHKTlesdge4MiyY6BOSsTBSY9Uzwg=
Subject key identifier: A0:CC:EF:FB:CE:8F:1B:E9:48:9D:FB:05:1D:80:0B:27:E2:35:5B:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015A65
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0C0C13E43A511F0A2DF2BAFDAE4EC9C.roa
Signing time: Sat 07 Jun 2025 13:45:10 +0000
ROA not before: Sat 07 Jun 2025 13:45:04 +0000
ROA not after: Tue 15 Jul 2025 13:45:04 +0000
asID: 20473
IP address blocks: 156.236.77.0/24 maxlen: 24
156.236.78.0/23 maxlen: 24
156.240.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 17 Jun 2025 00:26:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88677 (0x15a65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 7 13:45:04 2025 GMT
Not After : Jul 15 13:45:04 2025 GMT
Subject: CN=68444266-17bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2a:f2:0d:ef:3e:34:1d:56:63:39:13:29:17:
c5:d9:26:71:a9:22:0f:70:e7:93:82:e7:c2:48:97:
a2:73:e5:03:49:d4:ce:30:bc:92:8c:bd:3a:38:1c:
7e:4c:b3:06:27:c1:26:7a:20:ed:13:dc:f5:5b:60:
68:36:c7:3e:af:38:e2:16:9a:71:4c:94:a6:dd:62:
a3:d7:43:14:34:ce:71:bc:09:16:45:8e:80:37:42:
ef:25:e8:35:93:04:ab:30:40:e1:5c:7b:bb:10:04:
58:18:d4:a4:d3:cf:8a:43:5f:20:7c:6c:d8:2f:96:
4d:fa:22:16:4f:ca:ac:75:2b:01:50:4a:a9:e4:74:
57:52:9d:41:b3:1d:54:6c:4e:9a:9c:7b:32:c3:ba:
a5:30:98:b6:50:b8:e1:49:c5:22:39:ff:d3:dd:16:
23:7b:c2:0a:27:12:fa:55:3f:75:97:82:d0:25:45:
ed:a9:c9:87:1c:0a:69:5f:f2:10:87:aa:25:ea:82:
1f:23:c0:74:d4:ae:bc:71:cf:06:46:f9:6e:2e:e8:
62:08:42:62:d7:d9:de:46:b2:0b:dd:9d:c7:be:f0:
df:a3:a7:d7:2f:5e:3e:14:db:85:3e:93:0a:a2:37:
f7:8d:8e:2b:0c:50:52:a4:d8:13:32:9f:ab:99:0a:
53:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CC:EF:FB:CE:8F:1B:E9:48:9D:FB:05:1D:80:0B:27:E2:35:5B:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0C0C13E43A511F0A2DF2BAFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.77.0-156.236.79.255
156.240.98.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a6:e0:2f:bb:16:63:c4:f7:30:bc:c6:2a:a0:a3:0d:12:f7:
6e:db:06:17:c4:48:18:f4:a4:a0:82:61:ea:b3:3a:7a:ec:2f:
d8:92:b6:3f:dc:41:93:54:fc:14:fa:39:9b:c5:b0:96:6c:c2:
82:54:2a:13:cb:1e:87:d3:15:b3:e9:de:a8:bc:4b:7c:2e:12:
5e:0e:51:8c:c1:96:6f:eb:50:23:23:fc:ae:9c:58:bd:d4:98:
ea:36:e3:91:0b:cc:92:ec:83:1e:4f:f1:b7:0f:63:88:b4:56:
f1:e1:8e:e1:d3:df:d7:01:eb:9e:c4:22:ae:fe:ae:f4:50:d2:
90:6a:9d:fd:eb:c8:ad:fa:3f:18:f2:ac:47:c4:8d:47:12:fe:
06:71:35:d9:1a:37:44:f3:28:e7:ae:f6:ee:13:d8:42:05:c6:
a1:16:8c:61:9a:3b:36:4b:fa:b7:53:5e:2f:33:ed:0a:aa:ea:
2e:ca:96:2d:ce:c1:e9:7d:fa:b9:83:ee:cc:62:d3:52:c0:a5:
41:5b:4f:13:a2:95:27:84:e1:13:02:25:46:bd:93:e8:1d:98:
dc:3e:af:dc:cf:80:1c:02:c5:ef:9f:9e:08:a3:17:50:14:07:
b2:49:ec:7f:2b:ba:06:d5:39:c5:fb:30:f8:41:fd:3f:43:eb:
62:c8:7e:77
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAVplMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjA3MTM0NTA0WhcNMjUwNzE1MTM0NTA0WjAYMRYw
FAYDVQQDEw02ODQ0NDI2Ni0xN2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxyryDe8+NB1WYzkTKRfF2SZxqSIPcOeTgufCSJeic+UDSdTOMLySjL06
OBx+TLMGJ8EmeiDtE9z1W2BoNsc+rzjiFppxTJSm3WKj10MUNM5xvAkWRY6AN0Lv
Jeg1kwSrMEDhXHu7EARYGNSk08+KQ18gfGzYL5ZN+iIWT8qsdSsBUEqp5HRXUp1B
sx1UbE6anHsyw7qlMJi2ULjhScUiOf/T3RYje8IKJxL6VT91l4LQJUXtqcmHHApp
X/IQh6ol6oIfI8B01K68cc8GRvluLuhiCEJi19neRrIL3Z3HvvDfo6fXL14+FNuF
PpMKojf3jY4rDFBSpNgTMp+rmQpTeQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFKDM
7/vOjxvpSJ37BR2ACyfiNVs3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMEMwQzEzRTQzQTUxMUYwQTJERjJCQUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACc7E0DBASc7EADBACc8GIw
DQYJKoZIhvcNAQELBQADggEBAC+m4C+7FmPE9zC8xiqgow0S927bBhfESBj0pKCC
YeqzOnrsL9iStj/cQZNU/BT6OZvFsJZswoJUKhPLHofTFbPp3qi8S3wuEl4OUYzB
lm/rUCMj/K6cWL3UmOo245ELzJLsgx5P8bcPY4i0VvHhjuHT39cB657EIq7+rvRQ
0pBqnf3ryK36PxjyrEfEjUcS/gZxNdkaN0TzKOeu9u4T2EIFxqEWjGGaOzZL+rdT
Xi8z7Qqq6i7Kli3Owel9+rmD7sxi01LApUFbTxOilSeE4RMCJUa9k+gdmNw+r9zP
gBwCxe+fngijF1AUB7JJ7H8rugbVOcX7MPhB/T9D62LIfnc=
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:33:04 2025 by rpki-client