Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F01F3B7A3ADB11F0BA056691DAE4EC9C.roa
File: F01F3B7A3ADB11F0BA056691DAE4EC9C.roa (raw, json)
Hash identifier: ZMsT0BTfLu72YtGQuIG7MX1JmY/M5T0V1r5Hci5jPUc=
Subject key identifier: 13:7F:B6:F0:35:6E:5A:16:A5:4F:52:2C:75:AE:76:BF:48:2F:89:BB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0157D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F01F3B7A3ADB11F0BA056691DAE4EC9C.roa
Signing time: Tue 27 May 2025 09:21:15 +0000
ROA not before: Tue 27 May 2025 09:21:10 +0000
ROA not after: Sun 29 Jun 2025 09:21:10 +0000
asID: 61112
IP address blocks: 156.226.168.0/23 maxlen: 24
156.226.170.0/23 maxlen: 24
156.226.172.0/23 maxlen: 24
156.226.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 05 Jun 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88020 (0x157d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 27 09:21:10 2025 GMT
Not After : Jun 29 09:21:10 2025 GMT
Subject: CN=6835840b-20be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b4:9c:da:29:77:51:50:f7:38:29:e8:8b:3d:
df:55:27:d8:b2:6b:89:c9:01:c8:43:5e:9a:67:38:
e1:4f:1e:e8:d3:7c:ab:5d:df:f6:89:e0:1f:83:9b:
7e:b0:c1:07:95:7b:35:bc:d0:3c:6d:01:5c:84:bf:
bc:6a:f5:30:8d:13:59:01:90:fc:9b:55:07:5c:fa:
5d:2f:e8:c9:01:7e:b5:d9:68:bc:95:b8:29:69:18:
2b:94:a8:89:9f:2a:64:12:6f:5e:bb:67:f1:cb:19:
e3:b8:10:76:c4:63:35:4f:ce:c9:73:02:78:b1:e6:
ff:41:96:21:be:83:85:83:c9:cb:1c:59:95:82:59:
c2:4a:83:59:42:b6:16:85:99:c5:6b:b7:08:ea:dc:
66:f8:45:b1:73:01:e2:d1:15:34:09:5b:d5:33:46:
5b:9b:40:ee:0c:76:f6:31:c6:32:ee:bf:24:b4:69:
c8:11:f5:d6:78:41:20:16:7c:9d:58:42:30:3a:dc:
d9:ec:0e:dc:84:39:8d:5e:d7:bf:fe:39:6d:2d:90:
79:83:7d:32:79:fe:27:06:31:e1:9b:e4:42:22:36:
9b:ab:4d:92:c8:1d:67:4c:5b:00:ab:93:07:95:a5:
71:05:37:3d:ee:e3:18:7b:43:12:16:9a:9a:2e:32:
c3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:7F:B6:F0:35:6E:5A:16:A5:4F:52:2C:75:AE:76:BF:48:2F:89:BB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F01F3B7A3ADB11F0BA056691DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.168.0/21
Signature Algorithm: sha256WithRSAEncryption
7a:60:9d:c3:a9:ac:0a:4c:77:f4:aa:ed:9e:be:56:c9:1f:53:
19:3d:8a:b7:d9:b9:45:84:a1:6b:38:c9:9f:0f:b3:88:37:14:
8e:5b:a0:cd:07:33:48:53:a3:99:e4:b8:8d:73:3a:4e:72:0d:
e9:b9:f2:86:e8:19:1b:f7:1c:93:9d:4f:16:78:54:9b:d1:03:
01:5a:6b:6c:79:62:f5:5c:00:7f:60:6c:8f:be:41:4b:9d:57:
99:d4:bf:bf:46:f8:a1:d3:39:b1:ef:76:b1:ce:89:f0:4f:02:
50:c6:07:26:c5:17:a0:c7:20:56:f2:23:df:5c:de:ee:65:88:
9e:08:ee:8b:31:c3:bc:08:1b:28:05:ce:5e:fb:b3:d6:ba:4f:
aa:80:a7:bc:9a:73:67:b0:3a:8e:c9:6b:95:fa:48:05:7b:44:
b2:17:74:ad:d2:e0:81:01:7d:3d:02:0e:f4:d0:80:1b:5e:22:
80:1e:6e:35:42:11:8c:fe:44:41:a5:91:e6:79:70:d3:aa:dd:
5a:e6:b1:d6:d5:27:ec:35:d2:e9:8f:58:ad:c5:f2:f6:c4:7d:
b6:29:16:3b:f8:77:bd:8a:00:46:50:5c:ab:b4:a4:37:2d:00:
e1:56:ab:6f:af:f3:02:89:b2:bc:0d:25:43:ea:f5:96:54:36:
35:88:8f:14
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVfUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTI3MDkyMTEwWhcNMjUwNjI5MDkyMTEwWjAYMRYw
FAYDVQQDEw02ODM1ODQwYi0yMGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu7Sc2il3UVD3OCnoiz3fVSfYsmuJyQHIQ16aZzjhTx7o03yrXd/2ieAf
g5t+sMEHlXs1vNA8bQFchL+8avUwjRNZAZD8m1UHXPpdL+jJAX612Wi8lbgpaRgr
lKiJnypkEm9eu2fxyxnjuBB2xGM1T87JcwJ4seb/QZYhvoOFg8nLHFmVglnCSoNZ
QrYWhZnFa7cI6txm+EWxcwHi0RU0CVvVM0Zbm0DuDHb2McYy7r8ktGnIEfXWeEEg
FnydWEIwOtzZ7A7chDmNXte//jltLZB5g30yef4nBjHhm+RCIjabq02SyB1nTFsA
q5MHlaVxBTc97uMYe0MSFpqaLjLD2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBN/
tvA1bloWpU9SLHWudr9IL4m7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMDFGM0I3QTNBREIxMUYwQkEwNTY2OTFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOKoMA0GCSqGSIb3DQEBCwUA
A4IBAQB6YJ3DqawKTHf0qu2evlbJH1MZPYq32blFhKFrOMmfD7OINxSOW6DNBzNI
U6OZ5LiNczpOcg3pufKG6Bkb9xyTnU8WeFSb0QMBWmtseWL1XAB/YGyPvkFLnVeZ
1L+/Rvih0zmx73axzonwTwJQxgcmxRegxyBW8iPfXN7uZYieCO6LMcO8CBsoBc5e
+7PWuk+qgKe8mnNnsDqOyWuV+kgFe0SyF3St0uCBAX09Ag700IAbXiKAHm41QhGM
/kRBpZHmeXDTqt1a5rHW1SfsNdLpj1itxfL2xH22KRY7+He9igBGUFyrtKQ3LQDh
Vqtvr/MCibK8DSVD6vWWVDY1iI8U
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:37:25 2025 by rpki-client