Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D39A43069D5911F0A416CD7BDAE4EC9C.roa
File: D39A43069D5911F0A416CD7BDAE4EC9C.roa (raw, json)
Hash identifier: dFlgRQlKK8ILSYs+vikTOd72gJnS9H1vMCRhZDjpTgw=
Subject key identifier: 3A:DB:23:7A:F0:25:8D:E7:6C:84:B4:17:8E:19:D2:61:28:60:D2:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 017DCF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D39A43069D5911F0A416CD7BDAE4EC9C.roa
Signing time: Mon 29 Sep 2025 17:29:18 +0000
ROA not before: Mon 29 Sep 2025 17:29:12 +0000
ROA not after: Fri 31 Oct 2025 17:29:12 +0000
asID: 62240
IP address blocks: 156.229.1.0/24 maxlen: 24
156.229.124.0/24 maxlen: 24
156.229.175.0/24 maxlen: 24
156.229.237.0/24 maxlen: 24
156.229.238.0/24 maxlen: 24
156.229.244.0/24 maxlen: 24
156.229.245.0/24 maxlen: 24
156.229.246.0/24 maxlen: 24
156.229.254.0/24 maxlen: 24
156.229.255.0/24 maxlen: 24
156.233.0.0/24 maxlen: 24
156.233.1.0/24 maxlen: 24
156.233.100.0/24 maxlen: 24
156.233.103.0/24 maxlen: 24
156.233.104.0/24 maxlen: 24
156.233.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 21 Oct 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97743 (0x17dcf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Sep 29 17:29:12 2025 GMT
Not After : Oct 31 17:29:12 2025 GMT
Subject: CN=68dac1ee-32d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:56:04:20:01:f6:66:22:c8:da:71:f0:b9:b1:
7b:eb:39:d4:fe:70:40:64:55:79:bf:f4:25:87:7b:
ce:e1:dd:25:f7:dc:b7:bd:02:3b:38:02:05:43:5e:
36:54:87:fc:bf:9e:f0:7f:4d:78:f6:b3:9f:1b:d4:
31:a0:89:a0:9b:9f:2b:58:bd:7e:d8:e2:97:98:7f:
83:6b:14:f3:ef:9e:f3:be:d6:f5:e8:15:f5:59:4a:
73:5c:3d:d5:98:16:db:82:29:26:88:73:aa:18:2d:
26:c5:da:85:7c:9e:b0:f5:49:a2:2a:6c:0e:69:53:
64:1a:7b:22:4b:37:06:24:4f:82:43:70:70:b1:a3:
73:2e:e1:d9:80:bf:97:c3:bb:97:f4:70:e0:d4:d6:
b1:24:85:5e:7f:43:80:4b:e0:66:ee:1b:45:8b:b8:
be:10:81:1e:88:7b:7b:80:98:f3:0e:57:8a:5a:fc:
86:db:28:11:be:eb:9a:d7:4f:e3:2d:fe:2a:a3:89:
2e:83:cc:8b:71:4b:42:36:82:77:29:53:61:57:b2:
98:fd:c0:d5:ab:90:11:7b:52:ea:37:ca:86:6e:0f:
96:8d:eb:f9:be:c3:ae:dc:be:bb:63:58:67:fa:30:
de:40:b5:73:d8:eb:9c:31:80:f4:cd:a5:97:fd:f5:
13:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DB:23:7A:F0:25:8D:E7:6C:84:B4:17:8E:19:D2:61:28:60:D2:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D39A43069D5911F0A416CD7BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.1.0/24
156.229.124.0/24
156.229.175.0/24
156.229.237.0-156.229.238.255
156.229.244.0-156.229.246.255
156.229.254.0/23
156.233.0.0/23
156.233.100.0/24
156.233.103.0-156.233.105.255
Signature Algorithm: sha256WithRSAEncryption
38:f8:1c:d1:00:2b:fc:0e:a9:ef:43:fb:3a:3f:c1:27:e9:2a:
90:0d:68:16:cb:46:13:bd:84:a7:c1:64:f6:e8:c6:e3:b1:84:
9a:f5:be:43:1f:09:bd:6b:7d:83:f2:b1:85:10:3a:45:c3:19:
f1:ba:55:b6:8c:e6:59:8c:81:15:c2:f9:0d:75:a5:af:26:c0:
e1:ab:63:48:9d:31:60:43:e8:64:97:42:42:27:cf:2b:15:14:
4f:79:e5:17:dd:ed:df:ba:35:77:22:8f:1d:80:99:12:1f:5e:
04:ac:59:ec:55:b8:7c:b6:7a:2f:44:c1:0a:df:10:cd:3a:11:
0b:69:37:a2:a0:e4:96:db:d1:ca:20:5b:d5:ac:d8:dc:97:b1:
62:10:76:b8:0e:15:2f:0c:73:22:cf:2b:0b:19:aa:9d:64:b2:
cc:e6:46:4e:26:84:04:79:8a:d0:60:3e:ed:6e:52:96:80:e3:
3e:67:e0:88:8c:a7:e1:9b:9d:78:85:e9:07:ec:35:e5:8d:b2:
94:f8:a8:87:07:65:28:00:d7:26:d0:5e:3d:1a:39:f2:af:6a:
ba:16:ab:c7:ab:66:67:2d:d0:3d:b5:26:c0:aa:e3:56:53:0e:
f8:8f:68:4b:1b:a8:b3:76:09:2a:33:6b:50:b5:ca:d0:22:f7:
5a:01:cc:45
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIDAX3PMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwOTI5MTcyOTEyWhcNMjUxMDMxMTcyOTEyWjAYMRYw
FAYDVQQDEw02OGRhYzFlZS0zMmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqFYEIAH2ZiLI2nHwubF76znU/nBAZFV5v/Qlh3vO4d0l99y3vQI7OAIF
Q142VIf8v57wf0149rOfG9QxoImgm58rWL1+2OKXmH+DaxTz757zvtb16BX1WUpz
XD3VmBbbgikmiHOqGC0mxdqFfJ6w9UmiKmwOaVNkGnsiSzcGJE+CQ3BwsaNzLuHZ
gL+Xw7uX9HDg1NaxJIVef0OAS+Bm7htFi7i+EIEeiHt7gJjzDleKWvyG2ygRvuua
10/jLf4qo4kug8yLcUtCNoJ3KVNhV7KY/cDVq5ARe1LqN8qGbg+Wjev5vsOu3L67
Y1hn+jDeQLVz2OucMYD0zaWX/fUTvQIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFDrb
I3rwJY3nbIS0F44Z0mEoYNKBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMzlBNDMwNjlENTkxMUYwQTQxNkNEN0JEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAnOUBAwQAnOV8AwQAnOWvMAwD
BACc5e0DBACc5e4wDAMEApzl9AMEAJzl9gMEAZzl/gMEAZzpAAMEAJzpZDAMAwQA
nOlnAwQBnOloMA0GCSqGSIb3DQEBCwUAA4IBAQA4+BzRACv8DqnvQ/s6P8En6SqQ
DWgWy0YTvYSnwWT26MbjsYSa9b5DHwm9a32D8rGFEDpFwxnxulW2jOZZjIEVwvkN
daWvJsDhq2NInTFgQ+hkl0JCJ88rFRRPeeUX3e3fujV3Io8dgJkSH14ErFnsVbh8
tnovRMEK3xDNOhELaTeioOSW29HKIFvVrNjcl7FiEHa4DhUvDHMizysLGaqdZLLM
5kZOJoQEeYrQYD7tblKWgOM+Z+CIjKfhm514hekH7DXljbKU+KiHB2UoANcm0F49
Gjnyr2q6FqvHq2ZnLdA9tSbAquNWUw74j2hLG6izdgkqM2tQtcrQIvdaAcxF
-----END CERTIFICATE-----
Generated at Sun Oct 19 11:33:58 2025 by rpki-client