Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02A480C257F911F0940F1F84DAE4EC9C.roa
File: 02A480C257F911F0940F1F84DAE4EC9C.roa (raw, json)
Hash identifier: XDVYHwNbk2QXMpxsnvYP2MFQ8apKP5KUGfviq4lL7PU=
Subject key identifier: D7:1F:E6:86:EF:F2:07:60:23:A9:35:5C:AA:7D:17:0B:09:91:F4:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 016041
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02A480C257F911F0940F1F84DAE4EC9C.roa
Signing time: Thu 03 Jul 2025 10:32:25 +0000
ROA not before: Thu 03 Jul 2025 10:32:21 +0000
ROA not after: Thu 21 Aug 2025 10:32:21 +0000
asID: 203020
IP address blocks: 156.233.12.0/22 maxlen: 24
156.233.36.0/22 maxlen: 24
156.233.76.0/22 maxlen: 24
156.233.112.0/22 maxlen: 24
156.233.180.0/22 maxlen: 24
156.233.184.0/21 maxlen: 24
156.233.192.0/24 maxlen: 24
156.241.16.0/20 maxlen: 24
156.241.32.0/21 maxlen: 24
156.241.60.0/22 maxlen: 24
156.243.140.0/22 maxlen: 24
156.244.132.0/22 maxlen: 24
156.244.136.0/21 maxlen: 24
156.248.32.0/19 maxlen: 24
156.251.96.0/20 maxlen: 24
156.251.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90177 (0x16041)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 3 10:32:21 2025 GMT
Not After : Aug 21 10:32:21 2025 GMT
Subject: CN=68665c39-0e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:43:28:9b:2b:38:7a:94:b7:2c:14:42:a5:68:
06:6d:fe:f8:18:f8:b4:49:9a:28:ce:51:7a:40:d1:
c5:42:41:4a:8e:da:61:eb:59:98:61:80:6f:46:57:
e5:58:69:7e:23:6b:b0:46:fe:c7:15:32:23:06:bf:
1c:e1:41:13:42:4a:a0:eb:5a:45:b8:6f:c0:4b:39:
7a:bb:e0:dc:fb:1b:2c:78:95:2c:24:79:dc:0d:0e:
32:69:e9:28:15:8d:f3:cc:f7:68:b9:c7:7b:ad:82:
de:9c:44:65:6f:3c:0c:03:d9:47:2f:79:35:5f:3c:
73:9e:a5:2e:02:ff:6c:2a:3d:85:b8:4a:9f:c5:6f:
94:7d:15:da:e5:34:83:a8:54:4e:c9:0b:08:7a:14:
ee:8c:02:a4:b1:50:f5:e3:f4:9f:6a:9e:ed:b3:f4:
3b:35:bc:d0:ac:53:04:30:81:1a:26:17:ee:8c:a9:
23:33:03:23:d1:9b:82:67:91:ea:85:cd:5f:5e:33:
3c:2e:c1:49:2b:5c:1f:c3:74:8c:d5:8b:09:ba:4e:
16:5c:ef:c7:64:bf:6d:48:f6:b8:78:80:ee:d5:55:
7d:a7:10:a1:4c:bd:58:96:7d:6b:c1:b9:6e:f4:57:
62:b0:28:c7:46:f6:9c:dd:9c:85:dd:5a:6c:38:3c:
62:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1F:E6:86:EF:F2:07:60:23:A9:35:5C:AA:7D:17:0B:09:91:F4:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/02A480C257F911F0940F1F84DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.12.0/22
156.233.36.0/22
156.233.76.0/22
156.233.112.0/22
156.233.180.0-156.233.192.255
156.241.16.0-156.241.39.255
156.241.60.0/22
156.243.140.0/22
156.244.132.0-156.244.143.255
156.248.32.0/19
156.251.96.0-156.251.119.255
Signature Algorithm: sha256WithRSAEncryption
66:06:2c:5b:d9:3c:14:6e:02:1f:7b:d5:cb:ac:e8:51:88:cf:
f1:79:eb:f3:8a:57:b4:be:fb:18:73:56:55:cf:88:d9:d0:6c:
86:33:36:4d:b7:36:79:83:84:d5:99:17:40:6f:4c:e6:2a:fc:
2d:ec:3a:de:25:c9:38:c3:0c:03:8b:97:a9:02:b7:4f:43:ee:
37:c3:b1:40:9b:4f:8f:7d:ec:b8:25:76:0f:fb:6d:b3:85:20:
d2:21:49:30:fc:dc:7b:a3:20:b5:84:96:ef:09:0e:dd:fc:cc:
96:ce:ff:63:5f:49:a2:13:b8:5a:be:89:6d:df:91:34:1b:38:
02:e0:6b:a2:b8:28:54:5b:0e:db:7c:45:50:ab:5b:31:a1:af:
c0:77:32:6d:ba:39:07:aa:ec:f8:ef:f4:67:9b:0c:ed:8f:6d:
5a:35:88:d7:41:78:3c:ee:8d:42:4f:89:78:fa:fe:d4:1b:e2:
91:bb:a9:bd:ff:50:42:82:af:99:9b:9d:24:14:7b:e8:e8:ca:
95:72:82:c0:cd:72:aa:59:b7:7e:bf:68:8b:8a:b0:b8:0a:1c:
48:31:2f:b9:c5:76:0c:09:50:60:f9:b1:ce:dd:32:ed:72:3f:
1d:7c:64:5a:35:fb:75:20:04:c6:9d:e8:cd:c8:dd:11:ee:89:
db:c5:80:bd
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIDAWBBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzAzMTAzMjIxWhcNMjUwODIxMTAzMjIxWjAYMRYw
FAYDVQQDEw02ODY2NWMzOS0wZTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvkMomys4epS3LBRCpWgGbf74GPi0SZoozlF6QNHFQkFKjtph61mYYYBv
RlflWGl+I2uwRv7HFTIjBr8c4UETQkqg61pFuG/ASzl6u+Dc+xsseJUsJHncDQ4y
aekoFY3zzPdoucd7rYLenERlbzwMA9lHL3k1XzxznqUuAv9sKj2FuEqfxW+UfRXa
5TSDqFROyQsIehTujAKksVD14/Sfap7ts/Q7NbzQrFMEMIEaJhfujKkjMwMj0ZuC
Z5Hqhc1fXjM8LsFJK1wfw3SM1YsJuk4WXO/HZL9tSPa4eIDu1VV9pxChTL1Yln1r
wblu9FdisCjHRvac3ZyF3VpsODxizQIDAQABo4IC/jCCAvowHQYDVR0OBBYEFNcf
5obv8gdgI6k1XKp9FwsJkfQSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMkE0ODBDMjU3RjkxMUYwOTQwRjFGODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCnOkMAwQCnOkkAwQCnOlMAwQC
nOlwMAwDBAKc6bQDBACc6cAwDAMEBJzxEAMEA5zxIAMEApzxPAMEApzzjDAMAwQC
nPSEAwQEnPSAAwQFnPggMAwDBAWc+2ADBAOc+3AwDQYJKoZIhvcNAQELBQADggEB
AGYGLFvZPBRuAh971cus6FGIz/F56/OKV7S++xhzVlXPiNnQbIYzNk23NnmDhNWZ
F0BvTOYq/C3sOt4lyTjDDAOLl6kCt09D7jfDsUCbT4997Lgldg/7bbOFINIhSTD8
3HujILWElu8JDt38zJbO/2NfSaITuFq+iW3fkTQbOALga6K4KFRbDtt8RVCrWzGh
r8B3Mm26OQeq7Pjv9GebDO2PbVo1iNdBeDzujUJPiXj6/tQb4pG7qb3/UEKCr5mb
nSQUe+joypVygsDNcqpZt36/aIuKsLgKHEgxL7nFdgwJUGD5sc7dMu1yPx18ZFo1
+3UgBMad6M3I3RHuidvFgL0=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:31:04 2025 by rpki-client