Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/180AEC583CAB11F09F7562CDDAE4EC9C.roa
File: 180AEC583CAB11F09F7562CDDAE4EC9C.roa (raw, json)
Hash identifier: naDRz6S5cEECC0q2GDm+oXX3rh5yqFlJL2jZO/rRzqw=
Subject key identifier: A8:A9:85:4B:D4:0E:51:89:AB:F4:1F:B3:4C:A0:03:DB:2A:EC:41:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0158C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/180AEC583CAB11F09F7562CDDAE4EC9C.roa
Signing time: Thu 29 May 2025 16:36:39 +0000
ROA not before: Thu 29 May 2025 16:36:33 +0000
ROA not after: Tue 30 Dec 2025 16:36:33 +0000
asID: 984
IP address blocks: 156.228.11.0/24 maxlen: 24
156.228.23.0/24 maxlen: 24
156.228.24.0/24 maxlen: 24
156.228.28.0/22 maxlen: 24
156.228.32.0/20 maxlen: 24
156.228.56.0/22 maxlen: 24
156.228.60.0/23 maxlen: 24
156.228.63.0/24 maxlen: 24
156.228.64.0/21 maxlen: 24
156.228.72.0/22 maxlen: 24
156.228.120.0/24 maxlen: 24
156.228.131.0/24 maxlen: 24
156.228.132.0/22 maxlen: 24
156.228.136.0/23 maxlen: 24
156.228.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88258 (0x158c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 29 16:36:33 2025 GMT
Not After : Dec 30 16:36:33 2025 GMT
Subject: CN=68388d17-586a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b8:94:d8:36:74:cb:5b:e9:52:f6:e9:ca:1d:
12:8a:96:e8:8c:65:46:44:81:ec:b2:5e:db:0c:0a:
2c:eb:26:7b:c3:4c:7f:03:c0:4a:0a:63:ae:f4:dc:
9d:ae:f3:33:1f:e2:19:4f:22:8b:ec:77:4c:b8:dc:
97:38:c0:b0:3b:f9:f2:a1:22:56:5e:a7:6d:aa:f5:
4f:4a:93:73:a0:a0:0c:09:fb:c8:1f:55:3f:47:26:
07:45:f9:86:9a:0b:5b:45:1e:9c:4d:27:a5:a7:1d:
36:9a:a7:16:86:8b:26:76:6e:7e:a4:6d:9a:91:ab:
fb:26:89:1f:56:96:fd:a2:42:16:37:df:08:12:96:
08:b8:c3:cc:81:60:2b:e3:43:c8:6c:e6:ca:00:4d:
f7:9a:f6:b0:3c:ba:7d:00:73:ef:59:2e:af:9b:d1:
b9:3b:a6:ff:57:58:17:6f:13:b9:44:34:06:db:f7:
95:29:79:12:c5:7f:cf:5f:cd:a6:71:a9:c7:08:fb:
64:f0:bf:80:54:33:cd:4f:96:63:57:8b:ad:d4:68:
d2:ae:34:7c:e0:81:b6:a2:2f:f3:17:e6:1d:4c:4b:
73:79:79:c7:bc:03:a3:d0:47:bc:9b:cc:37:0f:1d:
8b:0c:5e:12:24:36:ef:f8:c2:ea:a6:a0:70:e9:ee:
8e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A9:85:4B:D4:0E:51:89:AB:F4:1F:B3:4C:A0:03:DB:2A:EC:41:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/180AEC583CAB11F09F7562CDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.11.0/24
156.228.23.0-156.228.24.255
156.228.28.0-156.228.47.255
156.228.56.0-156.228.61.255
156.228.63.0-156.228.75.255
156.228.120.0/24
156.228.131.0-156.228.137.255
156.228.188.0/24
Signature Algorithm: sha256WithRSAEncryption
06:22:0f:85:84:57:86:eb:51:82:cc:a3:cb:23:46:ff:e3:bd:
5a:ba:27:ef:fb:c3:4b:78:80:0d:fa:ef:b1:8a:7a:ba:79:a0:
29:f2:e5:67:a6:8d:a0:4f:60:a7:b7:88:4d:45:e3:e1:1f:af:
be:9e:4c:9c:a8:d9:63:ee:8b:8a:1e:df:a7:17:35:84:df:58:
6a:cd:b0:9c:91:d7:dd:88:1e:49:e9:f0:e5:d3:be:6a:94:6c:
45:b0:32:79:b9:5c:07:0e:28:ae:2b:0a:58:d4:6b:f2:21:67:
c8:e9:fa:5f:b9:6f:3a:89:08:ed:e5:4e:97:19:4d:02:56:c4:
29:8e:3e:a9:42:78:83:a4:9a:2f:25:7f:ac:0c:cc:53:f2:b5:
8b:b7:bb:b5:2e:06:ff:c5:90:0e:8e:72:3c:0d:a4:d1:00:07:
b7:ec:1d:cb:3f:c5:ec:db:2e:f2:d1:8c:5b:56:7e:b5:18:6f:
72:8c:83:66:44:5c:a0:96:96:17:95:b3:dc:5d:27:86:07:12:
4e:1e:e4:bb:6f:93:a5:46:00:e2:57:8a:8a:1e:a6:84:24:a5:
5e:2d:fc:14:31:ed:4f:ed:dc:6e:45:7f:b3:45:73:41:b3:d2:
d7:d3:77:9e:af:bd:7a:d4:63:fb:17:98:ba:0f:02:95:2b:e5:
3d:f0:f9:bb
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgIDAVjCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI5MTYzNjMzWhcNMjUxMjMwMTYzNjMzWjAYMRYw
FAYDVQQDEw02ODM4OGQxNy01ODZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3biU2DZ0y1vpUvbpyh0SipbojGVGRIHssl7bDAos6yZ7w0x/A8BKCmOu
9NydrvMzH+IZTyKL7HdMuNyXOMCwO/nyoSJWXqdtqvVPSpNzoKAMCfvIH1U/RyYH
RfmGmgtbRR6cTSelpx02mqcWhosmdm5+pG2akav7JokfVpb9okIWN98IEpYIuMPM
gWAr40PIbObKAE33mvawPLp9AHPvWS6vm9G5O6b/V1gXbxO5RDQG2/eVKXkSxX/P
X82mcanHCPtk8L+AVDPNT5ZjV4ut1GjSrjR84IG2oi/zF+YdTEtzeXnHvAOj0Ee8
m8w3Dx2LDF4SJDbv+MLqpqBw6e6O+wIDAQABo4IC9DCCAvAwHQYDVR0OBBYEFKip
hUvUDlGJq/Qfs0ygA9sq7EF4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xODBBRUM1ODNDQUIxMUYwOUY3NTYyQ0REQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAnOQLMAwDBACc5BcDBACc5Bgw
DAMEApzkHAMEBJzkIDAMAwQDnOQ4AwQBnOQ8MAwDBACc5D8DBAKc5EgDBACc5Hgw
DAMEAJzkgwMEAZzkiAMEAJzkvDANBgkqhkiG9w0BAQsFAAOCAQEABiIPhYRXhutR
gsyjyyNG/+O9Wron7/vDS3iADfrvsYp6unmgKfLlZ6aNoE9gp7eITUXj4R+vvp5M
nKjZY+6Lih7fpxc1hN9Yas2wnJHX3YgeSenw5dO+apRsRbAyeblcBw4orisKWNRr
8iFnyOn6X7lvOokI7eVOlxlNAlbEKY4+qUJ4g6SaLyV/rAzMU/K1i7e7tS4G/8WQ
Do5yPA2k0QAHt+wdyz/F7Nsu8tGMW1Z+tRhvcoyDZkRcoJaWF5Wz3F0nhgcSTh7k
u2+TpUYA4leKih6mhCSlXi38FDHtT+3cbkV/s0VzQbPS19N3nq+9etRj+xeYug8C
lSvlPfD5uw==
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:26:48 2025 by rpki-client