Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB81CE00631D11F0A52A82F4DAE4EC9C.roa
File: FB81CE00631D11F0A52A82F4DAE4EC9C.roa (raw, json)
Hash identifier: IQ0qQG7nBv+OYycITsGvXDIEGfkBgU5F67sy2JkOZfE=
Subject key identifier: 04:18:6B:3F:D9:23:8B:1E:DC:96:61:D2:DA:AA:42:27:DC:55:4F:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0165EC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB81CE00631D11F0A52A82F4DAE4EC9C.roa
Signing time: Thu 17 Jul 2025 14:54:48 +0000
ROA not before: Thu 17 Jul 2025 14:54:43 +0000
ROA not after: Sun 31 Aug 2025 14:54:43 +0000
asID: 44559
IP address blocks: 156.239.140.0/24 maxlen: 24
156.239.142.0/24 maxlen: 24
156.239.143.0/24 maxlen: 24
156.239.154.0/24 maxlen: 24
156.239.155.0/24 maxlen: 24
156.243.32.0/24 maxlen: 24
156.243.33.0/24 maxlen: 24
156.243.80.0/24 maxlen: 24
156.243.132.0/24 maxlen: 24
156.243.133.0/24 maxlen: 24
156.243.139.0/24 maxlen: 24
156.243.144.0/24 maxlen: 24
156.243.150.0/24 maxlen: 24
156.243.151.0/24 maxlen: 24
156.243.156.0/24 maxlen: 24
156.243.158.0/24 maxlen: 24
156.243.191.0/24 maxlen: 24
156.243.216.0/24 maxlen: 24
156.243.217.0/24 maxlen: 24
156.243.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91628 (0x165ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jul 17 14:54:43 2025 GMT
Not After : Aug 31 14:54:43 2025 GMT
Subject: CN=68790eb8-1e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:96:d7:ef:db:0e:f3:fd:f1:d4:ab:89:28:f7:
bf:2d:51:a1:5d:df:bb:9f:02:7f:76:36:77:1d:1d:
a0:e1:87:a1:4d:d7:2c:6e:22:9f:86:43:1b:bb:51:
5a:ed:0f:d8:6a:ca:d3:55:b6:3f:7c:35:b0:ef:dd:
fc:a9:0c:55:cf:b8:37:58:48:52:52:2b:56:3a:49:
d2:35:b5:b6:55:a8:fe:67:69:c3:e9:5b:ab:ea:3b:
12:f7:97:ac:78:03:00:bc:12:e0:ef:cb:5f:d4:fc:
d7:a8:42:a4:91:c3:42:7e:6b:4f:f2:be:fa:18:e8:
40:c3:c4:c4:a2:49:ff:8e:c7:d7:68:8d:94:ca:94:
29:d2:f4:d6:72:cd:cd:48:a0:72:da:8f:bc:36:c9:
e1:22:a5:7e:36:0d:ad:9b:b9:91:53:c5:33:12:7b:
65:c1:c3:8a:02:2f:af:bb:cf:fb:12:63:0b:44:b7:
64:04:63:c0:f7:13:24:cf:2d:5a:15:fb:ae:ef:c2:
af:fc:72:f0:52:25:67:6a:be:f5:91:fa:87:42:ed:
c3:aa:f1:46:5e:4e:db:4a:6c:94:71:80:7a:04:82:
ba:9c:24:74:7a:ea:18:c8:90:d8:43:46:ea:12:b4:
c5:77:5f:08:5e:06:69:01:82:f0:92:c9:13:af:b7:
39:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:18:6B:3F:D9:23:8B:1E:DC:96:61:D2:DA:AA:42:27:DC:55:4F:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB81CE00631D11F0A52A82F4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.140.0/24
156.239.142.0/23
156.239.154.0/23
156.243.32.0/23
156.243.80.0/24
156.243.132.0/23
156.243.139.0/24
156.243.144.0/24
156.243.150.0/23
156.243.156.0/24
156.243.158.0/24
156.243.191.0/24
156.243.216.0/23
156.243.219.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:3b:c4:21:0e:58:4b:c7:8d:8c:9d:8f:6d:ca:fd:53:c8:5b:
69:f0:81:5b:98:aa:30:11:77:3d:8c:bf:b8:fb:9b:11:ca:62:
c6:a5:6a:07:e2:51:2c:a4:9b:be:cb:a1:1f:52:9e:84:2a:e0:
73:7c:0d:4f:00:a6:a9:8d:b7:a9:ea:aa:5b:7b:6b:c2:0a:9e:
d3:2b:3f:63:da:bc:cf:e7:00:92:9a:77:b9:34:85:15:3a:d1:
70:1d:42:6f:4d:ee:ce:66:de:cb:b0:d7:70:db:2c:f9:80:7a:
4e:74:cd:c3:06:c1:2d:c1:a2:3e:14:32:02:c9:42:99:6f:c6:
aa:1d:80:56:62:44:6c:c1:04:25:3c:d6:e2:8e:41:1e:c9:c1:
f0:ed:26:56:6d:72:c1:c3:23:b2:89:29:bf:0c:36:7e:d3:6e:
c4:23:e2:b1:31:53:3d:59:fc:ac:e5:4b:19:d1:7f:20:72:12:
62:30:08:f2:d2:77:ee:e3:ba:7d:9d:f7:29:b5:93:8c:d7:ce:
b0:4c:9b:34:09:ed:8f:cc:e5:fa:47:9b:b3:f3:b9:24:cc:fe:
e2:cf:e2:f4:ee:86:30:bd:03:51:f1:09:c8:2c:8f:7e:f8:10:
99:72:4c:85:84:17:5e:5d:bf:5d:e9:72:f5:8e:3b:42:77:ed:
ff:ea:af:25
-----BEGIN CERTIFICATE-----
MIIFzzCCBLegAwIBAgIDAWXsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNzE3MTQ1NDQzWhcNMjUwODMxMTQ1NDQzWjAYMRYw
FAYDVQQDEw02ODc5MGViOC0xZTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx5bX79sO8/3x1KuJKPe/LVGhXd+7nwJ/djZ3HR2g4YehTdcsbiKfhkMb
u1Fa7Q/YasrTVbY/fDWw7938qQxVz7g3WEhSUitWOknSNbW2Vaj+Z2nD6Vur6jsS
95eseAMAvBLg78tf1PzXqEKkkcNCfmtP8r76GOhAw8TEokn/jsfXaI2UypQp0vTW
cs3NSKBy2o+8NsnhIqV+Ng2tm7mRU8UzEntlwcOKAi+vu8/7EmMLRLdkBGPA9xMk
zy1aFfuu78Kv/HLwUiVnar71kfqHQu3DqvFGXk7bSmyUcYB6BIK6nCR0euoYyJDY
Q0bqErTFd18IXgZpAYLwkskTr7c5XQIDAQABo4IC8DCCAuwwHQYDVR0OBBYEFAQY
az/ZI4se3JZh0tqqQifcVU+8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjgxQ0UwMDYzMUQxMUYwQTUyQTgyRjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAnO+MAwQBnO+OAwQBnO+aAwQB
nPMgAwQAnPNQAwQBnPOEAwQAnPOLAwQAnPOQAwQBnPOWAwQAnPOcAwQAnPOeAwQA
nPO/AwQBnPPYAwQAnPPbMA0GCSqGSIb3DQEBCwUAA4IBAQBbO8QhDlhLx42MnY9t
yv1TyFtp8IFbmKowEXc9jL+4+5sRymLGpWoH4lEspJu+y6EfUp6EKuBzfA1PAKap
jbep6qpbe2vCCp7TKz9j2rzP5wCSmne5NIUVOtFwHUJvTe7OZt7LsNdw2yz5gHpO
dM3DBsEtwaI+FDICyUKZb8aqHYBWYkRswQQlPNbijkEeycHw7SZWbXLBwyOyiSm/
DDZ+027EI+KxMVM9Wfys5UsZ0X8gchJiMAjy0nfu47p9nfcptZOM186wTJs0Ce2P
zOX6R5uz87kkzP7iz+L07oYwvQNR8QnILI9++BCZckyFhBdeXb9d6XL1jjtCd+3/
6q8l
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:41:46 2025 by rpki-client