Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8103ACFCF5AE11EFA7578EAB762E951A.roa
File: 8103ACFCF5AE11EFA7578EAB762E951A.roa (raw, json)
Hash identifier: WEoeB9g94U6K95Gg6stuni+gzLUV8SOs6HlLb/CSAu8=
Subject key identifier: 09:EA:DC:B3:C7:E3:E2:70:3A:86:98:E2:67:E7:D5:06:98:7E:6E:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013C9E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8103ACFCF5AE11EFA7578EAB762E951A.roa
Signing time: Fri 28 Feb 2025 08:32:11 +0000
ROA not before: Fri 28 Feb 2025 08:32:07 +0000
ROA not after: Sun 22 Feb 2026 08:32:07 +0000
asID: 984
IP address blocks: 156.244.237.0/24 maxlen: 24
156.244.238.0/24 maxlen: 24
156.244.239.0/24 maxlen: 24
156.244.240.0/24 maxlen: 24
156.244.241.0/24 maxlen: 24
156.244.242.0/24 maxlen: 24
156.244.243.0/24 maxlen: 24
156.244.245.0/24 maxlen: 24
156.244.246.0/24 maxlen: 24
156.244.247.0/24 maxlen: 24
156.244.249.0/24 maxlen: 24
156.244.250.0/24 maxlen: 24
156.244.251.0/24 maxlen: 24
156.244.253.0/24 maxlen: 24
156.244.254.0/24 maxlen: 24
156.244.255.0/24 maxlen: 24
156.246.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81054 (0x13c9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 08:32:07 2025 GMT
Not After : Feb 22 08:32:07 2026 GMT
Subject: CN=67c1748b-eab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:89:66:cc:44:ee:35:b5:fa:86:2b:02:71:e3:
33:e6:75:fa:ff:b1:56:ac:7b:b4:3a:f7:c2:de:1b:
71:96:83:3b:ae:64:fd:b0:08:d7:0c:22:eb:5a:39:
e8:8c:b8:8c:8b:7e:12:02:de:6a:c5:d3:8a:ab:b2:
1d:9e:42:42:7c:36:27:7f:8d:95:72:56:aa:12:1f:
37:43:71:f2:98:66:01:50:5f:92:6a:d8:46:38:08:
1e:31:6b:07:fa:f9:19:da:de:8b:0c:2a:db:b8:0d:
3a:2e:73:52:03:d3:10:fd:df:ec:96:54:93:ed:4a:
6f:31:36:b2:26:40:a0:06:01:79:83:e0:ed:ea:45:
05:12:f0:c4:2f:49:31:7f:13:cc:f1:6e:ad:81:db:
a5:fb:c0:6e:be:4c:97:ae:e9:e2:83:15:63:76:ec:
a1:38:2e:a4:de:a6:ef:40:d3:1e:bf:78:a3:f0:7b:
1a:92:58:0e:1f:45:57:ef:ec:15:de:bb:f6:bb:a5:
66:a3:c8:59:e1:12:5b:76:13:6f:0e:a9:f8:c5:1c:
ff:ac:b4:52:0a:78:d4:3f:a0:ce:69:b4:2b:63:f1:
2e:91:7c:98:f4:4a:d8:98:03:8a:04:02:79:f0:a3:
64:e1:d5:a5:96:72:4e:70:ea:1f:96:f0:f3:1d:8d:
e7:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EA:DC:B3:C7:E3:E2:70:3A:86:98:E2:67:E7:D5:06:98:7E:6E:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8103ACFCF5AE11EFA7578EAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.237.0-156.244.243.255
156.244.245.0-156.244.247.255
156.244.249.0-156.244.251.255
156.244.253.0-156.244.255.255
156.246.22.0/24
Signature Algorithm: sha256WithRSAEncryption
54:7f:74:23:a0:42:74:45:55:08:71:de:73:f6:ac:92:f7:39:
c4:cd:7b:59:93:79:43:fe:9f:67:0f:b7:5d:63:0e:df:8e:be:
b2:8a:f1:f3:97:06:30:c0:ca:9b:9c:ec:00:16:31:4b:36:19:
90:f7:b1:0c:31:4a:28:a3:89:8a:02:f8:61:3f:55:03:41:24:
b9:9e:87:13:a4:1a:00:b8:ee:cd:ab:ce:57:a1:7f:46:bc:7a:
32:99:55:dc:d9:ab:1d:75:61:72:ee:67:6e:cb:64:0d:d6:de:
4f:73:6a:d6:f8:ee:94:bb:4e:62:d0:87:f8:20:8c:d7:8e:80:
91:b5:51:b4:76:a2:7b:44:11:77:1f:61:66:c7:86:80:fd:f9:
90:2f:9c:da:01:46:80:c4:7b:19:c8:24:83:be:8e:ea:f3:2d:
80:c2:74:bb:38:6d:f5:40:b4:36:3d:fc:fe:e1:37:aa:6b:cd:
f6:36:89:a7:b6:98:62:d6:c0:fd:46:45:cd:cd:00:b4:29:f1:
f2:df:7a:04:88:8c:41:45:d1:b4:fd:b9:fa:81:91:7b:28:4d:
dd:86:82:13:47:a0:2f:16:37:d3:c3:fc:43:ab:2e:0b:4f:ba:
37:6b:0d:95:ce:77:84:01:66:e5:6a:6b:42:91:9d:be:07:d7:
e8:a1:07:4b
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDATyeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDgzMjA3WhcNMjYwMjIyMDgzMjA3WjAYMRYw
FAYDVQQDEw02N2MxNzQ4Yi1lYWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1IlmzETuNbX6hisCceMz5nX6/7FWrHu0OvfC3htxloM7rmT9sAjXDCLr
WjnojLiMi34SAt5qxdOKq7IdnkJCfDYnf42VclaqEh83Q3HymGYBUF+SathGOAge
MWsH+vkZ2t6LDCrbuA06LnNSA9MQ/d/sllST7UpvMTayJkCgBgF5g+Dt6kUFEvDE
L0kxfxPM8W6tgdul+8BuvkyXrunigxVjduyhOC6k3qbvQNMev3ij8HsaklgOH0VX
7+wV3rv2u6Vmo8hZ4RJbdhNvDqn4xRz/rLRSCnjUP6DOabQrY/EukXyY9ErYmAOK
BAJ58KNk4dWllnJOcOoflvDzHY3npwIDAQABo4IC2TCCAtUwHQYDVR0OBBYEFAnq
3LPH4+JwOoaY4mfn1QaYfm7oMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MTAzQUNGQ0Y1QUUxMUVGQTc1NzhFQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFYGCCsGAQUFBwEHAQH/BEcwRTBDBAIAATA9MAwDBACc9O0DBAKc9PAwDAMEAJz0
9QMEA5z08DAMAwQAnPT5AwQCnPT4MAsDBACc9P0DAwCc9AMEAJz2FjANBgkqhkiG
9w0BAQsFAAOCAQEAVH90I6BCdEVVCHHec/askvc5xM17WZN5Q/6fZw+3XWMO346+
sorx85cGMMDKm5zsABYxSzYZkPexDDFKKKOJigL4YT9VA0EkuZ6HE6QaALjuzavO
V6F/Rrx6MplV3NmrHXVhcu5nbstkDdbeT3Nq1vjulLtOYtCH+CCM146AkbVRtHai
e0QRdx9hZseGgP35kC+c2gFGgMR7Gcgkg76O6vMtgMJ0uzht9UC0Nj38/uE3qmvN
9jaJp7aYYtbA/UZFzc0AtCnx8t96BIiMQUXRtP25+oGReyhN3YaCE0egLxY308P8
Q6suC0+6N2sNlc53hAFm5WprQpGdvgfX6KEHSw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:32 2025 by rpki-client