Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85ADA09A2F4311F0BDAFFAA9DAE4EC9C.roa
File: 85ADA09A2F4311F0BDAFFAA9DAE4EC9C.roa (raw, json)
Hash identifier: y8PpRgSZAOGRvK75pb5Gv5RHTVjvI2TkTlEEdXONmO0=
Subject key identifier: D9:9C:6B:E2:C5:38:F6:CC:65:86:70:E4:6C:C5:B5:E0:EA:C9:17:6A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0153B1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85ADA09A2F4311F0BDAFFAA9DAE4EC9C.roa
Signing time: Mon 12 May 2025 15:12:31 +0000
ROA not before: Mon 12 May 2025 15:12:25 +0000
ROA not after: Sun 08 Jun 2025 15:12:25 +0000
asID: 200373
IP address blocks: 156.228.95.0/24 maxlen: 24
156.228.96.0/24 maxlen: 24
156.249.137.0/24 maxlen: 24
156.249.138.0/24 maxlen: 24
156.253.164.0/24 maxlen: 24
156.253.165.0/24 maxlen: 24
156.253.166.0/24 maxlen: 24
156.253.167.0/24 maxlen: 24
156.253.168.0/24 maxlen: 24
156.253.169.0/24 maxlen: 24
156.253.170.0/24 maxlen: 24
156.253.171.0/24 maxlen: 24
156.253.172.0/24 maxlen: 24
156.253.173.0/24 maxlen: 24
156.253.174.0/24 maxlen: 24
156.253.175.0/24 maxlen: 24
156.253.176.0/24 maxlen: 24
156.253.177.0/24 maxlen: 24
156.253.178.0/24 maxlen: 24
156.253.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86961 (0x153b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 12 15:12:25 2025 GMT
Not After : Jun 8 15:12:25 2025 GMT
Subject: CN=68220fde-f070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:be:7b:23:e1:83:bd:75:88:94:bf:31:e7:4b:
39:b4:2f:fa:2a:c8:2b:3d:4d:01:b6:95:be:9c:71:
cb:1f:7c:2c:a4:44:9d:de:e2:7e:28:a9:90:14:eb:
17:ca:66:fd:a6:10:d5:45:16:e6:f2:c4:9b:95:58:
ac:c0:d3:80:e3:78:40:71:8a:90:a8:0f:ed:d6:15:
aa:8c:a7:6d:e9:80:59:85:c8:e5:99:ce:21:4e:9f:
91:3a:ae:b8:f0:81:a2:2e:ee:c8:41:6d:e6:c7:d2:
80:af:34:30:cc:d2:c7:51:3e:b3:58:91:b5:37:d6:
06:ac:34:41:9c:4d:29:d2:6b:12:dc:5c:04:93:9b:
03:6c:50:74:e4:e8:09:f6:58:7f:55:e4:3c:1e:bd:
9f:1b:2c:76:07:94:ca:96:58:9f:98:19:97:3a:c3:
c5:ed:9b:49:28:0a:52:26:5b:27:fe:70:7f:fa:4c:
ae:a7:ab:d2:11:70:08:1c:93:e8:b2:1b:1b:a2:14:
0c:d3:16:6f:1f:88:e3:a5:bb:49:7c:ad:c8:26:d2:
16:e7:39:49:63:49:a6:d6:39:83:73:95:e4:93:5c:
f9:fa:e7:20:52:2a:a3:36:78:5c:d1:cf:e7:09:35:
f1:c8:ac:66:4b:24:63:45:bf:fe:fa:22:50:cc:cd:
a1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9C:6B:E2:C5:38:F6:CC:65:86:70:E4:6C:C5:B5:E0:EA:C9:17:6A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/85ADA09A2F4311F0BDAFFAA9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.95.0-156.228.96.255
156.249.137.0-156.249.138.255
156.253.164.0-156.253.179.255
Signature Algorithm: sha256WithRSAEncryption
19:41:af:3b:d9:ad:d8:3c:26:9a:40:93:5f:97:54:97:21:40:
91:4d:3a:24:76:94:43:9e:a1:6a:6b:2d:82:40:a3:7d:e9:3e:
5b:48:bb:44:ce:13:e0:d0:bd:43:f8:b0:ba:73:ab:97:5f:58:
80:70:85:3d:fc:52:ec:0c:6b:1e:d0:4d:42:f0:3f:12:74:6e:
99:df:37:c4:2d:80:dc:c1:cd:5b:48:31:b0:2d:be:3a:7b:d8:
fb:52:35:ca:04:e6:32:1d:d4:87:77:e5:dc:3e:db:25:b2:99:
c3:87:0b:d8:cf:76:18:72:60:f8:68:48:fd:ca:46:a9:19:5d:
63:87:fe:0b:97:57:d1:57:7d:75:2f:fd:cb:d4:e1:38:a7:9d:
9c:71:0d:92:d0:40:b8:5b:a7:21:94:69:06:6d:3c:f7:31:54:
1c:22:15:7d:0d:78:0c:f9:e6:64:54:ff:9d:4b:ea:c7:fd:85:
9e:50:54:70:f9:de:79:2f:66:e3:48:91:ef:d5:d4:f1:08:da:
b5:fc:c2:5b:ca:a4:d7:9c:5b:82:8f:4c:0b:1e:15:9d:e0:f1:
29:97:cd:a6:ef:a4:ff:ff:c8:d9:30:8a:09:83:15:73:7e:e7:
1f:f0:ac:e2:d3:7d:42:7b:c4:13:b0:a6:11:ba:49:ff:d0:8f:
e0:7a:c9:6c
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAVOxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTEyMTUxMjI1WhcNMjUwNjA4MTUxMjI1WjAYMRYw
FAYDVQQDEw02ODIyMGZkZS1mMDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl757I+GDvXWIlL8x50s5tC/6KsgrPU0BtpW+nHHLH3wspESd3uJ+KKmQ
FOsXymb9phDVRRbm8sSblViswNOA43hAcYqQqA/t1hWqjKdt6YBZhcjlmc4hTp+R
Oq648IGiLu7IQW3mx9KArzQwzNLHUT6zWJG1N9YGrDRBnE0p0msS3FwEk5sDbFB0
5OgJ9lh/VeQ8Hr2fGyx2B5TKllifmBmXOsPF7ZtJKApSJlsn/nB/+kyup6vSEXAI
HJPoshsbohQM0xZvH4jjpbtJfK3IJtIW5zlJY0mm1jmDc5Xkk1z5+ucgUiqjNnhc
0c/nCTXxyKxmSyRjRb/++iJQzM2hlQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFNmc
a+LFOPbMZYZw5GzFteDqyRdqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NUFEQTA5QTJGNDMxMUYwQkRBRkZBQTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBACc5F8DBACc5GAwDAMEAJz5
iQMEAJz5ijAMAwQCnP2kAwQCnP2wMA0GCSqGSIb3DQEBCwUAA4IBAQAZQa872a3Y
PCaaQJNfl1SXIUCRTTokdpRDnqFqay2CQKN96T5bSLtEzhPg0L1D+LC6c6uXX1iA
cIU9/FLsDGse0E1C8D8SdG6Z3zfELYDcwc1bSDGwLb46e9j7UjXKBOYyHdSHd+Xc
PtslspnDhwvYz3YYcmD4aEj9ykapGV1jh/4Ll1fRV311L/3L1OE4p52ccQ2S0EC4
W6chlGkGbTz3MVQcIhV9DXgM+eZkVP+dS+rH/YWeUFRw+d55L2bjSJHv1dTxCNq1
/MJbyqTXnFuCj0wLHhWd4PEpl82m76T//8jZMIoJgxVzfucf8Kzi031Ce8QTsKYR
ukn/0I/gesls
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:27:12 2025 by rpki-client