Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B19088C858B811F0A9B07EE4DAE4EC9C.roa
File: B19088C858B811F0A9B07EE4DAE4EC9C.roa (raw, json)
Hash identifier: EXEfnTkF3fLtNyYNKMvWJBJ1TTbs6aG4yOddCYbbBLE=
Subject key identifier: C1:92:B7:9C:87:39:CD:5D:2C:5A:7A:CC:A8:C4:46:EF:A1:5E:96:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0160B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B19088C858B811F0A9B07EE4DAE4EC9C.roa
Signing time: Fri 04 Jul 2025 09:24:33 +0000
ROA not before: Fri 04 Jul 2025 09:24:28 +0000
ROA not after: Thu 21 Aug 2025 09:24:28 +0000
asID: 203020
IP address blocks: 156.233.12.0/22 maxlen: 24
156.233.36.0/22 maxlen: 24
156.233.76.0/22 maxlen: 24
156.233.112.0/22 maxlen: 24
156.233.180.0/22 maxlen: 24
156.233.184.0/21 maxlen: 24
156.233.192.0/24 maxlen: 24
156.241.16.0/20 maxlen: 24
156.241.32.0/21 maxlen: 24
156.241.60.0/22 maxlen: 24
156.243.140.0/22 maxlen: 24
156.244.132.0/22 maxlen: 24
156.244.136.0/21 maxlen: 24
156.248.32.0/19 maxlen: 24
156.251.96.0/20 maxlen: 24
156.251.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90297 (0x160b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 4 09:24:28 2025 GMT
Not After : Aug 21 09:24:28 2025 GMT
Subject: CN=68679dd1-5761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dd:5b:47:5c:76:b8:d6:1c:a0:94:de:73:f2:
cb:38:2e:44:95:3a:04:bf:1f:79:1e:fe:a7:ab:c6:
9e:7f:89:eb:23:73:05:98:70:86:9d:51:a7:8e:45:
7c:ff:69:f7:50:47:72:ee:00:20:1d:95:95:0f:c2:
ba:8e:40:ba:1e:6f:51:18:9b:c3:75:27:5d:52:9c:
43:1a:c2:c8:cb:05:f9:3b:68:a8:f3:9d:74:3e:53:
b7:a5:bb:6a:a7:ef:e4:04:36:88:ae:c5:2c:5f:a7:
fe:40:10:a5:9a:52:5c:8c:b0:ac:25:b7:7c:23:94:
a6:a4:37:76:cc:58:78:d9:ab:c2:3c:2b:82:9b:47:
0a:7c:67:bd:28:35:74:9d:0d:37:b8:be:c2:12:30:
49:e2:29:6b:77:cf:68:fe:95:39:98:ff:b9:aa:35:
65:c8:52:17:c8:35:ec:a7:f1:f9:11:a3:d7:9b:e4:
f8:c0:a4:28:34:a1:77:e5:fd:2e:ed:16:c3:90:4a:
a1:40:1d:bd:ea:fe:9c:96:83:54:68:5e:9c:0a:44:
a2:c4:ab:8f:73:b7:79:6f:da:a6:ca:bf:28:f0:c9:
d4:00:25:20:0b:fd:c2:e0:8f:dc:78:c9:52:05:a3:
03:c2:e8:30:98:d5:dd:aa:91:94:5f:22:ee:8d:55:
41:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:92:B7:9C:87:39:CD:5D:2C:5A:7A:CC:A8:C4:46:EF:A1:5E:96:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B19088C858B811F0A9B07EE4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.12.0/22
156.233.36.0/22
156.233.76.0/22
156.233.112.0/22
156.233.180.0-156.233.192.255
156.241.16.0-156.241.39.255
156.241.60.0/22
156.243.140.0/22
156.244.132.0-156.244.143.255
156.248.32.0/19
156.251.96.0-156.251.119.255
Signature Algorithm: sha256WithRSAEncryption
57:c5:94:d3:8c:92:3b:48:7e:56:05:ef:b3:8f:3e:eb:73:07:
c1:a8:04:5b:71:d8:02:77:98:4c:43:3a:b7:91:a1:f9:6b:81:
75:ed:4f:ff:83:c8:4a:8c:ef:f6:1b:95:76:01:1b:87:7c:30:
9e:5e:e0:37:4b:25:1a:0c:2c:f4:b5:f7:e3:d0:a9:15:20:0f:
66:bb:61:82:20:56:ca:dc:0f:6a:aa:63:34:c5:87:48:87:54:
a2:16:1e:a8:a1:c1:72:ce:dc:d2:08:9b:b2:0b:68:26:88:85:
7f:8d:49:6a:b0:eb:d6:b9:0d:d3:51:7c:d8:5e:47:e9:b5:23:
dd:31:af:a4:57:d4:77:72:0e:73:9e:bf:37:28:db:dc:00:67:
82:9c:d8:af:7c:5a:1d:e2:d4:5d:40:9b:2c:f4:19:7e:f0:40:
0e:50:b0:1e:d5:ee:59:0d:6f:2a:06:41:39:52:35:22:3c:24:
a3:14:a0:bb:32:97:6f:e6:0f:4d:1c:14:76:6a:ec:55:a7:79:
2a:f3:26:d7:17:c8:1b:b5:d8:a7:23:1d:f3:29:98:99:cb:6e:
1d:12:44:c0:68:41:73:6a:0c:c4:bc:b9:a3:3e:3b:f1:46:65:
ee:1c:f5:e6:d3:da:3b:59:71:b5:1f:4b:d1:f7:ee:bf:e0:5b:
d1:bb:bc:a0
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgIDAWC5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzA0MDkyNDI4WhcNMjUwODIxMDkyNDI4WjAYMRYw
FAYDVQQDEw02ODY3OWRkMS01NzYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4N1bR1x2uNYcoJTec/LLOC5ElToEvx95Hv6nq8aef4nrI3MFmHCGnVGn
jkV8/2n3UEdy7gAgHZWVD8K6jkC6Hm9RGJvDdSddUpxDGsLIywX5O2io8510PlO3
pbtqp+/kBDaIrsUsX6f+QBClmlJcjLCsJbd8I5SmpDd2zFh42avCPCuCm0cKfGe9
KDV0nQ03uL7CEjBJ4ilrd89o/pU5mP+5qjVlyFIXyDXsp/H5EaPXm+T4wKQoNKF3
5f0u7RbDkEqhQB296v6cloNUaF6cCkSixKuPc7d5b9qmyr8o8MnUACUgC/3C4I/c
eMlSBaMDwugwmNXdqpGUXyLujVVBvwIDAQABo4IC/jCCAvowHQYDVR0OBBYEFMGS
t5yHOc1dLFp6zKjERu+hXpZbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMTkwODhDODU4QjgxMUYwQTlCMDdFRTREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCnOkMAwQCnOkkAwQCnOlMAwQC
nOlwMAwDBAKc6bQDBACc6cAwDAMEBJzxEAMEA5zxIAMEApzxPAMEApzzjDAMAwQC
nPSEAwQEnPSAAwQFnPggMAwDBAWc+2ADBAOc+3AwDQYJKoZIhvcNAQELBQADggEB
AFfFlNOMkjtIflYF77OPPutzB8GoBFtx2AJ3mExDOreRoflrgXXtT/+DyEqM7/Yb
lXYBG4d8MJ5e4DdLJRoMLPS19+PQqRUgD2a7YYIgVsrcD2qqYzTFh0iHVKIWHqih
wXLO3NIIm7ILaCaIhX+NSWqw69a5DdNRfNheR+m1I90xr6RX1HdyDnOevzco29wA
Z4Kc2K98Wh3i1F1Amyz0GX7wQA5QsB7V7lkNbyoGQTlSNSI8JKMUoLsyl2/mD00c
FHZq7FWneSrzJtcXyBu12KcjHfMpmJnLbh0SRMBoQXNqDMS8uaM+O/FGZe4c9ebT
2jtZcbUfS9H37r/gW9G7vKA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:40:18 2025 by rpki-client