Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECB8E2B23BC411F0ABD4ED78DAE4EC9C.roa
File: ECB8E2B23BC411F0ABD4ED78DAE4EC9C.roa (raw, json)
Hash identifier: a2zzW4F38FenpqN6Mw87wbED6lrZE5B5s2AWhWsrfss=
Subject key identifier: F3:6B:DE:3C:CD:FB:C5:B2:1E:C5:D4:A5:D7:85:D3:EC:4B:88:89:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01586E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECB8E2B23BC411F0ABD4ED78DAE4EC9C.roa
Signing time: Wed 28 May 2025 13:09:02 +0000
ROA not before: Wed 28 May 2025 13:08:58 +0000
ROA not after: Fri 06 Jun 2025 13:08:58 +0000
asID: 132839
IP address blocks: 156.242.128.0/19 maxlen: 24
156.242.160.0/19 maxlen: 24
156.242.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88174 (0x1586e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 28 13:08:58 2025 GMT
Not After : Jun 6 13:08:58 2025 GMT
Subject: CN=68370aee-d5e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:6d:f4:cf:b8:ea:c8:a3:a2:e7:5a:27:c9:
9d:40:03:85:45:de:01:d1:c5:69:8e:30:92:e5:80:
70:c9:fd:77:67:a4:e6:3e:f3:1c:2d:03:c9:8c:24:
dd:e8:55:bc:72:56:18:23:47:89:8d:03:75:ad:a1:
15:9c:ae:6d:b1:45:74:03:80:c6:c2:46:f0:75:f3:
04:a5:e5:7f:08:a4:2a:d3:02:81:88:f6:df:9c:e1:
e9:92:76:0e:bd:9b:b0:5e:67:cf:67:84:e1:22:63:
3e:c7:c9:0e:82:98:89:20:30:49:46:d5:20:49:76:
c4:72:ba:83:06:09:34:b1:d3:4e:31:9b:b8:84:4e:
5b:05:9d:2a:0e:41:c9:47:ba:3d:68:51:4e:5c:ef:
c0:cc:a0:45:fb:c6:bc:37:03:e7:59:79:59:23:d4:
1f:2c:24:3b:5f:80:63:30:1d:b9:77:0a:2a:10:d6:
5e:06:7d:5e:a3:e1:78:83:d0:74:6b:67:6a:c7:7b:
e6:2f:3e:db:04:c2:d2:0f:e3:14:33:c5:30:a7:9f:
f7:18:d7:cf:bc:3c:d5:d9:75:f5:1e:2b:18:4e:e0:
99:ee:53:fe:33:e7:ee:54:7e:bd:69:bd:51:68:a4:
99:06:bf:71:90:c8:91:02:cf:6e:8c:49:32:23:5a:
ec:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6B:DE:3C:CD:FB:C5:B2:1E:C5:D4:A5:D7:85:D3:EC:4B:88:89:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/ECB8E2B23BC411F0ABD4ED78DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.242.128.0-156.242.223.255
Signature Algorithm: sha256WithRSAEncryption
84:71:b2:7d:5e:f0:45:07:7f:11:0a:90:1e:0a:5a:32:a2:93:
36:7b:25:d8:d8:a1:f5:a1:99:21:20:17:7a:64:60:a5:b3:cc:
28:9e:fc:36:69:ac:48:d3:14:8a:28:bf:6e:26:5a:f8:8a:be:
c7:5b:f3:5f:8e:47:b1:9b:8e:e1:7c:78:d8:63:f6:a9:4f:c1:
30:4e:e6:ba:e3:80:4c:25:f3:58:2c:40:f5:59:12:e7:26:f5:
24:e8:7e:ed:fc:d1:15:22:01:da:0c:d3:a0:f0:66:0c:44:86:
36:83:a1:1e:cc:db:64:c0:ff:72:40:29:d8:75:a1:a3:d6:01:
aa:97:ab:64:5c:2c:1d:8e:a8:2c:8c:cb:7f:dd:8f:b2:88:cf:
81:0e:4b:d9:35:d4:69:23:dc:a5:5b:6e:e5:16:35:bc:58:cf:
cd:b7:92:7c:07:6e:a8:33:11:c0:ed:3a:c2:c2:7a:9e:11:8c:
dd:67:4f:ec:b0:2f:73:10:d6:27:2f:6e:a5:d4:6c:aa:ce:1b:
77:40:a5:1e:30:39:6c:82:41:c8:9e:9d:c1:b0:73:53:9d:7d:
03:53:78:21:26:4f:35:54:98:f4:26:81:45:55:e2:4f:55:63:
31:23:3a:fb:15:b5:83:e1:0c:df:b8:58:6f:75:49:94:1f:08:
7a:41:dd:36
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVhuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI4MTMwODU4WhcNMjUwNjA2MTMwODU4WjAYMRYw
FAYDVQQDEw02ODM3MGFlZS1kNWUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApoVt9M+46sijoudaJ8mdQAOFRd4B0cVpjjCS5YBwyf13Z6TmPvMcLQPJ
jCTd6FW8clYYI0eJjQN1raEVnK5tsUV0A4DGwkbwdfMEpeV/CKQq0wKBiPbfnOHp
knYOvZuwXmfPZ4ThImM+x8kOgpiJIDBJRtUgSXbEcrqDBgk0sdNOMZu4hE5bBZ0q
DkHJR7o9aFFOXO/AzKBF+8a8NwPnWXlZI9QfLCQ7X4BjMB25dwoqENZeBn1eo+F4
g9B0a2dqx3vmLz7bBMLSD+MUM8Uwp5/3GNfPvDzV2XX1HisYTuCZ7lP+M+fuVH69
ab1RaKSZBr9xkMiRAs9ujEkyI1rsWQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPNr
3jzN+8WyHsXUpdeF0+xLiInhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FQ0I4RTJCMjNCQzQxMUYwQUJENEVENzhEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAec8oADBAWc8sAwDQYJKoZI
hvcNAQELBQADggEBAIRxsn1e8EUHfxEKkB4KWjKikzZ7JdjYofWhmSEgF3pkYKWz
zCie/DZprEjTFIoov24mWviKvsdb81+OR7GbjuF8eNhj9qlPwTBO5rrjgEwl81gs
QPVZEucm9STofu380RUiAdoM06DwZgxEhjaDoR7M22TA/3JAKdh1oaPWAaqXq2Rc
LB2OqCyMy3/dj7KIz4EOS9k11Gkj3KVbbuUWNbxYz823knwHbqgzEcDtOsLCep4R
jN1nT+ywL3MQ1icvbqXUbKrOG3dApR4wOWyCQciencGwc1OdfQNTeCEmTzVUmPQm
gUVV4k9VYzEjOvsVtYPhDN+4WG91SZQfCHpB3TY=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:25:10 2025 by rpki-client