Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F400514333A11F085C1B0AFDAE4EC9C.roa
File: 1F400514333A11F085C1B0AFDAE4EC9C.roa (raw, json)
Hash identifier: n6ts8KbexsC1cscbxLbxdI00FxCdRadr++dAeTcUev0=
Subject key identifier: DA:39:50:67:BF:7E:99:02:E1:A8:8C:B0:D7:3E:64:28:5F:C2:83:93
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0155A5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F400514333A11F085C1B0AFDAE4EC9C.roa
Signing time: Sat 17 May 2025 16:15:18 +0000
ROA not before: Sat 17 May 2025 16:15:13 +0000
ROA not after: Tue 16 Jun 2026 16:15:13 +0000
asID: 984
IP address blocks: 156.245.164.0/24 maxlen: 24
156.245.165.0/24 maxlen: 24
156.245.166.0/24 maxlen: 24
156.245.167.0/24 maxlen: 24
156.245.172.0/24 maxlen: 24
156.245.173.0/24 maxlen: 24
156.245.174.0/24 maxlen: 24
156.245.175.0/24 maxlen: 24
156.245.191.0/24 maxlen: 24
156.245.196.0/24 maxlen: 24
156.249.128.0/24 maxlen: 24
156.249.129.0/24 maxlen: 24
156.249.130.0/24 maxlen: 24
156.249.131.0/24 maxlen: 24
156.249.132.0/24 maxlen: 24
156.249.136.0/24 maxlen: 24
156.249.140.0/24 maxlen: 24
156.249.141.0/24 maxlen: 24
156.249.142.0/24 maxlen: 24
156.249.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87461 (0x155a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 17 16:15:13 2025 GMT
Not After : Jun 16 16:15:13 2026 GMT
Subject: CN=6828b616-eae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f5:58:41:5f:33:04:a8:f9:53:e8:2e:93:8d:
56:16:5d:df:d8:5c:80:73:76:6c:59:20:5d:6d:7e:
69:75:7a:ca:d9:af:57:db:5a:b8:af:3e:89:79:25:
43:99:85:1d:b1:58:58:d6:d6:6f:96:93:f5:b5:e2:
f9:f5:f9:e6:de:9c:74:21:c0:17:32:35:7f:7b:e0:
3f:74:f0:5b:f9:fe:a2:3e:23:bb:11:03:56:a6:b8:
7a:33:dd:7f:5c:e1:87:70:3e:89:54:73:19:fc:11:
a5:2a:40:ee:6a:c3:95:46:c5:58:c5:fa:39:59:6c:
ff:fc:f0:b1:b8:e7:30:b4:e8:cc:4a:82:a7:b2:6e:
de:ae:2e:0f:29:f0:fe:73:06:39:8c:35:6d:28:b2:
ba:91:04:35:81:ab:3c:40:91:09:d4:d2:11:5c:a6:
93:5a:3c:14:54:43:37:9f:8b:1a:8e:ed:54:f9:0a:
5a:24:0d:11:f3:38:f3:31:d4:90:bd:63:4e:a0:46:
0e:25:60:7a:0a:4c:25:4d:aa:8e:6c:80:64:c9:db:
c6:d2:b7:70:d6:93:43:b6:c3:50:03:b8:1d:85:5d:
b6:a2:d3:10:f4:84:09:eb:75:e2:84:03:62:2f:fd:
48:36:cb:af:a6:91:e5:d3:4c:a0:8c:20:1b:a8:b9:
3c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:39:50:67:BF:7E:99:02:E1:A8:8C:B0:D7:3E:64:28:5F:C2:83:93
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1F400514333A11F085C1B0AFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.164.0/22
156.245.172.0/22
156.245.191.0/24
156.245.196.0/24
156.249.128.0-156.249.132.255
156.249.136.0/24
156.249.140.0/22
Signature Algorithm: sha256WithRSAEncryption
53:2d:3b:ab:2d:ea:f3:ea:89:fa:ce:5b:5a:32:63:c6:37:c6:
af:42:ea:d1:02:e5:b1:1f:0d:57:53:72:6a:76:66:f4:40:29:
ca:fc:8f:5a:37:02:0f:cf:23:eb:28:0c:1c:db:e4:ce:3d:c7:
fb:fc:11:10:48:be:f4:75:8e:a8:41:db:68:f9:9e:0d:12:45:
ba:83:cf:7f:2e:12:39:3f:84:4c:c8:a6:d6:35:79:1e:eb:a1:
5e:65:42:ec:c2:93:5a:ed:fa:4b:23:10:08:ae:94:d1:92:16:
3f:75:f7:8f:40:64:0a:fc:a5:91:0f:b2:ba:65:f6:00:76:2e:
7f:9c:ae:bf:3a:01:05:a1:2a:53:b6:48:83:66:05:1b:44:33:
bc:b8:62:13:b5:f9:41:24:05:66:50:73:10:2a:d8:7f:ee:62:
ba:2e:7f:f2:04:a8:26:31:7b:8d:5a:68:8f:35:47:a8:52:a8:
a8:2a:ee:c0:59:24:96:5e:c8:bc:69:67:ae:cd:c9:e2:69:4b:
fe:79:3d:57:a4:e7:e3:77:bb:27:6d:2e:96:a5:62:1f:df:0b:
21:03:43:9a:ea:40:0d:56:d9:35:32:b2:f2:66:f1:43:e7:4d:
3d:b5:e6:d1:a5:dd:6f:6f:b8:6d:f0:2a:e0:d9:c5:99:4f:25:
85:8c:53:7a
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIDAVWlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE3MTYxNTEzWhcNMjYwNjE2MTYxNTEzWjAYMRYw
FAYDVQQDEw02ODI4YjYxNi1lYWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoPVYQV8zBKj5U+guk41WFl3f2FyAc3ZsWSBdbX5pdXrK2a9X21q4rz6J
eSVDmYUdsVhY1tZvlpP1teL59fnm3px0IcAXMjV/e+A/dPBb+f6iPiO7EQNWprh6
M91/XOGHcD6JVHMZ/BGlKkDuasOVRsVYxfo5WWz//PCxuOcwtOjMSoKnsm7eri4P
KfD+cwY5jDVtKLK6kQQ1gas8QJEJ1NIRXKaTWjwUVEM3n4saju1U+QpaJA0R8zjz
MdSQvWNOoEYOJWB6CkwlTaqObIBkydvG0rdw1pNDtsNQA7gdhV22otMQ9IQJ63Xi
hANiL/1INsuvppHl00ygjCAbqLk8zwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFNo5
UGe/fpkC4aiMsNc+ZChfwoOTMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRjQwMDUxNDMzM0ExMUYwODVDMUIwQUZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCnPWkAwQCnPWsAwQAnPW/AwQA
nPXEMAwDBAec+YADBACc+YQDBACc+YgDBAKc+YwwDQYJKoZIhvcNAQELBQADggEB
AFMtO6st6vPqifrOW1oyY8Y3xq9C6tEC5bEfDVdTcmp2ZvRAKcr8j1o3Ag/PI+so
DBzb5M49x/v8ERBIvvR1jqhB22j5ng0SRbqDz38uEjk/hEzIptY1eR7roV5lQuzC
k1rt+ksjEAiulNGSFj91949AZAr8pZEPsrpl9gB2Ln+crr86AQWhKlO2SINmBRtE
M7y4YhO1+UEkBWZQcxAq2H/uYrouf/IEqCYxe41aaI81R6hSqKgq7sBZJJZeyLxp
Z67NyeJpS/55PVek5+N3uydtLpalYh/fCyEDQ5rqQA1W2TUysvJm8UPnTT215tGl
3W9vuG3wKuDZxZlPJYWMU3o=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:30:57 2025 by rpki-client