Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3463A92329311F0A266C0CEDAE4EC9C.roa
File: A3463A92329311F0A266C0CEDAE4EC9C.roa (raw, json)
Hash identifier: Z7xx89Pjr3bNYe5M6V1oOMZtjZzMzOvjYFZ6R9PcmGg=
Subject key identifier: F9:4E:ED:78:BE:58:F6:75:79:B6:F8:5E:88:74:D3:C8:6F:16:4F:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015534
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3463A92329311F0A266C0CEDAE4EC9C.roa
Signing time: Fri 16 May 2025 20:23:33 +0000
ROA not before: Fri 16 May 2025 20:23:28 +0000
ROA not after: Sat 05 Jul 2025 20:23:28 +0000
asID: 398478
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87348 (0x15534)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 16 20:23:28 2025 GMT
Not After : Jul 5 20:23:28 2025 GMT
Subject: CN=68279ec5-24b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:fa:6b:15:ef:b2:49:f7:ce:ba:a9:d0:5a:d9:
fd:63:d4:98:b5:78:df:9b:d3:5a:b7:12:1d:22:f5:
14:5c:85:f4:a8:84:b0:33:09:8b:5d:18:be:84:c8:
61:be:ed:fe:6b:07:55:68:fb:f1:19:28:97:cf:7b:
d9:62:d5:74:57:f2:15:f3:d1:70:9b:55:f5:9d:ab:
a0:d4:33:77:35:e1:94:7d:c8:08:f0:7b:fc:e6:2b:
dd:5c:c6:b6:3f:36:dd:ee:b4:d6:68:16:84:55:09:
81:79:1b:4f:be:37:bf:b8:54:0a:5d:27:2b:61:10:
6a:11:40:49:f5:2d:73:de:e7:9e:01:19:cc:89:bc:
5b:dc:b3:00:8e:5a:c5:48:30:fe:4d:25:26:de:88:
ee:c8:6f:04:5b:3a:cb:40:65:f3:35:92:ee:a9:7c:
79:99:c3:cc:79:6d:64:6a:30:50:2f:8c:72:6b:ca:
34:2a:16:06:d7:61:17:41:05:8c:cb:f3:56:0c:f1:
0c:cd:e5:c9:01:06:c2:5d:6d:cc:38:36:53:bd:45:
5b:bd:2e:dc:4d:60:8a:c9:05:34:39:04:26:3b:3c:
a8:53:e7:da:7b:36:b7:ba:1a:c7:92:71:1f:3b:c5:
1a:66:4e:20:76:ca:8f:03:d1:56:0b:80:c5:2d:49:
8f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:4E:ED:78:BE:58:F6:75:79:B6:F8:5E:88:74:D3:C8:6F:16:4F:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A3463A92329311F0A266C0CEDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
34:1e:1e:98:39:38:70:54:f9:37:3c:e4:e8:98:d3:2f:85:78:
b8:ca:85:48:67:d2:88:f3:fe:95:73:e0:83:23:d2:a0:cd:4c:
d0:30:69:94:7f:1d:c7:7d:dd:a5:62:f3:40:10:87:6b:c9:8e:
f9:a7:26:5f:e3:19:90:b0:ed:92:87:65:8c:97:9b:16:91:ce:
62:10:3d:1d:b1:91:4d:8d:fa:48:6e:76:ae:79:b4:72:45:23:
bf:df:df:5d:76:e1:62:c4:96:7a:e0:78:a2:d6:54:b0:e0:be:
06:a3:5e:af:80:c2:21:8a:1c:78:da:19:75:69:0a:a4:5f:b0:
ac:25:e8:a4:67:86:89:b4:18:92:93:6e:bd:ec:15:9d:9f:4f:
a5:ed:e3:d2:9d:96:c4:b2:bf:84:94:78:21:48:dc:c5:2a:47:
ff:0c:68:7c:e2:fc:c7:e0:8f:1e:50:7c:ff:23:b3:a7:7b:82:
82:f2:5c:18:b6:57:8a:b4:a7:91:67:68:ae:e6:d6:a1:cf:15:
43:07:58:18:f6:91:57:a2:47:b4:3a:65:26:0b:d3:30:62:31:
49:7b:a4:ce:d7:ab:72:2c:79:2f:c9:a9:10:55:e8:cc:fa:54:
a0:53:17:a8:2a:a8:20:2e:39:5f:12:ee:66:0b:3f:c5:2b:f2:
14:75:90:f3
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAVU0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTE2MjAyMzI4WhcNMjUwNzA1MjAyMzI4WjAYMRYw
FAYDVQQDEw02ODI3OWVjNS0yNGI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6fprFe+ySffOuqnQWtn9Y9SYtXjfm9NatxIdIvUUXIX0qISwMwmLXRi+
hMhhvu3+awdVaPvxGSiXz3vZYtV0V/IV89Fwm1X1naug1DN3NeGUfcgI8Hv85ivd
XMa2Pzbd7rTWaBaEVQmBeRtPvje/uFQKXScrYRBqEUBJ9S1z3ueeARnMibxb3LMA
jlrFSDD+TSUm3ojuyG8EWzrLQGXzNZLuqXx5mcPMeW1kajBQL4xya8o0KhYG12EX
QQWMy/NWDPEMzeXJAQbCXW3MODZTvUVbvS7cTWCKyQU0OQQmOzyoU+faeza3uhrH
knEfO8UaZk4gdsqPA9FWC4DFLUmPjwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFPlO
7Xi+WPZ1ebb4Xoh008hvFk9IMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMzQ2M0E5MjMyOTMxMUYwQTI2NkMwQ0VEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASc5bADBAWc5cAwDAMEBJz8
kAMEBJz8oDANBgkqhkiG9w0BAQsFAAOCAQEANB4emDk4cFT5Nzzk6JjTL4V4uMqF
SGfSiPP+lXPggyPSoM1M0DBplH8dx33dpWLzQBCHa8mO+acmX+MZkLDtkodljJeb
FpHOYhA9HbGRTY36SG52rnm0ckUjv9/fXXbhYsSWeuB4otZUsOC+BqNer4DCIYoc
eNoZdWkKpF+wrCXopGeGibQYkpNuvewVnZ9Ppe3j0p2WxLK/hJR4IUjcxSpH/wxo
fOL8x+CPHlB8/yOzp3uCgvJcGLZXirSnkWdorubWoc8VQwdYGPaRV6JHtDplJgvT
MGIxSXukztercix5L8mpEFXozPpUoFMXqCqoIC45XxLuZgs/xSvyFHWQ8w==
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:38:40 2025 by rpki-client