Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F1280B258C511F0953CFFB4DAE4EC9C.roa
File: 0F1280B258C511F0953CFFB4DAE4EC9C.roa (raw, json)
Hash identifier: vxf2Fx3+GaFVtxfP8S8/uVFDe4vu1YrhTIiE1t4zOWM=
Subject key identifier: 45:5C:9C:E8:A4:1B:35:2F:F1:3F:F0:50:FB:CB:14:F8:7B:AC:B4:36
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0160E2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F1280B258C511F0953CFFB4DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 10:53:04 +0000
ROA not before: Fri 04 Jul 2025 10:52:59 +0000
ROA not after: Tue 09 Sep 2025 10:52:59 +0000
asID: 395793
IP address blocks: 156.225.2.0/23 maxlen: 24
156.225.50.0/23 maxlen: 24
156.243.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90338 (0x160e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 10:52:59 2025 GMT
Not After : Sep 9 10:52:59 2025 GMT
Subject: CN=6867b290-78cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:49:f1:77:d7:93:0b:d4:ab:6d:fd:20:4a:ab:
be:fe:eb:d2:49:e8:e5:fe:b3:e4:5d:a9:45:80:9f:
cf:9d:a7:fa:cb:4a:56:15:c0:97:59:44:bb:b3:02:
25:f1:d6:9b:1d:e2:af:3a:03:bc:d2:ae:00:5d:00:
70:e9:bd:00:d7:78:8f:ed:5f:9e:df:d0:7e:34:26:
8a:13:eb:17:43:b7:f2:01:d5:50:c3:a8:31:b5:39:
19:b9:a7:5f:83:ca:15:8b:27:0c:24:92:27:99:3d:
50:96:81:42:ca:1b:50:e2:af:3c:5f:cd:93:cf:75:
34:89:94:1d:2b:8a:f2:00:13:53:27:d2:97:a5:04:
b6:91:d0:44:f7:15:c3:cd:c3:e9:dd:3f:05:7c:3e:
2b:95:01:27:5b:17:46:a1:43:d6:05:76:ca:33:60:
7b:b1:bb:54:b0:93:6a:55:93:6d:1e:26:ef:5c:2e:
96:fc:ba:c1:5d:79:a9:24:81:e5:72:1e:0a:9d:ac:
fa:89:fc:1c:c0:9e:71:73:e9:52:2d:8d:36:77:ca:
aa:bc:d0:fc:f7:78:bd:80:bd:05:f6:59:ba:98:3f:
42:73:be:99:65:6e:05:11:2d:7d:25:bb:74:cb:53:
0d:36:b1:fc:82:3f:53:16:3f:f6:17:89:fa:bf:20:
69:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:5C:9C:E8:A4:1B:35:2F:F1:3F:F0:50:FB:CB:14:F8:7B:AC:B4:36
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F1280B258C511F0953CFFB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.2.0/23
156.225.50.0/23
156.243.225.0/24
Signature Algorithm: sha256WithRSAEncryption
94:58:ef:66:59:31:70:f5:b2:9c:2e:47:57:b4:0e:cf:92:0b:
27:79:6c:99:14:47:3f:07:9c:1a:04:e2:8a:7e:1b:00:25:04:
da:70:a6:c0:0d:3a:69:6b:8a:e4:cd:ab:b9:8f:e0:56:aa:c1:
07:6c:ef:9a:a1:9b:70:86:61:8c:48:9f:4c:f5:73:93:4a:9e:
cc:20:6d:22:cf:4d:d8:c2:03:9c:ce:5b:fd:16:9d:bd:fe:42:
b9:d4:49:46:51:a8:3c:11:51:7c:69:cb:30:ed:5e:e9:e0:a7:
a7:5d:3b:75:36:52:6f:54:d4:b9:bb:b5:e3:96:d2:33:86:e3:
e8:e6:41:99:e9:84:f7:ab:24:bf:c4:22:d1:95:f3:8b:3e:3e:
70:ae:7e:7b:3e:6d:7f:b0:60:a4:cf:cf:6b:54:4d:e5:39:25:
11:64:8a:d3:17:70:ae:e8:b8:e3:35:c6:90:13:97:e7:20:3d:
39:07:93:59:32:62:bd:79:e8:5e:1e:27:dc:c6:81:25:3b:5f:
f7:43:9a:0d:5e:d2:84:d5:98:0f:17:0c:fe:95:be:cb:c3:3d:
c4:44:28:5f:36:e3:60:3e:6d:9b:23:39:3d:19:6d:08:12:94:
55:a3:3b:3b:a0:81:e8:d6:53:9a:40:e6:c8:33:cd:24:1e:1a:
87:3d:6a:d9
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAWDiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MTA1MjU5WhcNMjUwOTA5MTA1MjU5WjAYMRYw
FAYDVQQDEw02ODY3YjI5MC03OGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmknxd9eTC9Srbf0gSqu+/uvSSejl/rPkXalFgJ/Pnaf6y0pWFcCXWUS7
swIl8dabHeKvOgO80q4AXQBw6b0A13iP7V+e39B+NCaKE+sXQ7fyAdVQw6gxtTkZ
uadfg8oViycMJJInmT1QloFCyhtQ4q88X82Tz3U0iZQdK4ryABNTJ9KXpQS2kdBE
9xXDzcPp3T8FfD4rlQEnWxdGoUPWBXbKM2B7sbtUsJNqVZNtHibvXC6W/LrBXXmp
JIHlch4Knaz6ifwcwJ5xc+lSLY02d8qqvND893i9gL0F9lm6mD9Cc76ZZW4FES19
Jbt0y1MNNrH8gj9TFj/2F4n6vyBpxQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFEVc
nOikGzUv8T/wUPvLFPh7rLQ2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjEyODBCMjU4QzUxMUYwOTUzQ0ZGQjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBnOECAwQBnOEyAwQAnPPhMA0G
CSqGSIb3DQEBCwUAA4IBAQCUWO9mWTFw9bKcLkdXtA7PkgsneWyZFEc/B5waBOKK
fhsAJQTacKbADTppa4rkzau5j+BWqsEHbO+aoZtwhmGMSJ9M9XOTSp7MIG0iz03Y
wgOczlv9Fp29/kK51ElGUag8EVF8acsw7V7p4KenXTt1NlJvVNS5u7XjltIzhuPo
5kGZ6YT3qyS/xCLRlfOLPj5wrn57Pm1/sGCkz89rVE3lOSURZIrTF3Cu6LjjNcaQ
E5fnID05B5NZMmK9eeheHifcxoElO1/3Q5oNXtKE1ZgPFwz+lb7Lwz3ERChfNuNg
Pm2bIzk9GW0IEpRVozs7oIHo1lOaQObIM80kHhqHPWrZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:17:59 2025 by rpki-client