Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11140AFA504D11F08C7E3799DAE4EC9C.roa
File: 11140AFA504D11F08C7E3799DAE4EC9C.roa (raw, json)
Hash identifier: vfmaKKeTl4NWXOThhTN05wQJl9ddWWHj4Z+exqGyobA=
Subject key identifier: 41:7E:5B:E5:7D:55:64:F8:D3:6B:B8:54:91:5A:CE:D6:94:BB:79:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015E0D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11140AFA504D11F08C7E3799DAE4EC9C.roa
Signing time: Mon 23 Jun 2025 16:13:58 +0000
ROA not before: Mon 23 Jun 2025 16:13:54 +0000
ROA not after: Tue 05 Aug 2025 16:13:54 +0000
asID: 5068
IP address blocks: 156.225.8.0/22 maxlen: 24
156.226.164.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 03 Jul 2025 00:27:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89613 (0x15e0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 23 16:13:54 2025 GMT
Not After : Aug 5 16:13:54 2025 GMT
Subject: CN=68597d46-a7a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f0:93:5f:e2:86:5d:c5:56:3f:76:8d:6b:6f:
18:c2:9f:d1:97:ca:3b:6a:58:2d:ea:90:60:4e:fd:
91:88:d9:d7:94:81:46:f4:6c:cd:27:aa:81:c3:95:
f3:94:be:36:6a:4c:b1:6a:ef:37:92:b6:07:15:5f:
14:02:c6:ee:6f:18:57:3b:4e:29:6e:af:0d:bd:6c:
ef:f8:0f:15:33:87:7a:27:65:f2:0a:d2:d2:ef:6d:
f1:14:26:cc:9b:3b:23:b7:e6:0b:65:79:b2:42:1f:
35:17:c4:c1:0b:f4:f4:f4:ad:ae:b2:10:d2:8f:0f:
df:d6:b3:c5:e8:80:dc:e2:d3:ca:e0:44:d7:8f:14:
ba:e9:24:2b:c3:dd:73:13:2a:a1:af:e0:26:b1:07:
c6:ea:a0:d7:ee:90:71:d4:0c:99:f7:43:08:56:17:
55:2f:c6:50:58:c6:42:54:6c:b7:c2:3a:90:bd:63:
ce:aa:3a:8a:e2:96:ba:92:21:63:e8:03:82:35:29:
c4:43:94:ae:5b:2c:6a:b1:0c:d6:0d:45:86:f5:ed:
63:00:62:69:24:a7:fe:1b:26:11:3a:0d:0c:db:e2:
2c:6e:fc:05:f6:8c:1c:a2:25:a5:55:a1:ee:a9:b1:
d4:55:d3:ce:f8:2b:eb:a6:99:b7:bd:45:9e:75:40:
77:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:7E:5B:E5:7D:55:64:F8:D3:6B:B8:54:91:5A:CE:D6:94:BB:79:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11140AFA504D11F08C7E3799DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.8.0/22
156.226.164.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:1e:c7:31:82:16:df:f5:3b:d3:8a:fa:02:b4:18:e3:8a:c7:
11:1b:ae:f2:34:13:b0:b1:d5:cc:90:dd:3c:ab:5d:e4:6a:e0:
7f:67:dc:0c:95:93:2e:dd:3d:fe:a6:53:14:f9:0c:04:b6:ed:
c4:30:4d:42:bf:69:8f:65:95:a4:da:0a:7a:37:36:f3:13:4f:
c0:02:ea:3f:55:12:ef:4a:59:32:c5:f6:08:64:a9:c7:fb:8a:
8d:5e:0d:9d:0a:5c:e8:cf:55:e6:52:5d:ce:da:97:33:c6:60:
56:b7:4a:86:29:f9:74:da:24:ae:6f:a5:52:12:1e:6f:d7:40:
95:d9:c6:40:eb:83:17:64:72:56:ce:73:bb:85:f6:e7:38:d1:
0b:3e:65:59:fe:9c:b1:5f:27:f5:7b:c0:d7:8f:7f:f2:1f:7a:
15:b4:11:ea:a0:65:57:48:86:b3:03:1d:1d:1c:a1:01:9c:75:
33:a0:9c:80:24:3f:20:0c:45:f5:82:1c:0b:28:11:a4:4b:2f:
cd:9c:ea:d9:ea:8b:a9:64:40:bd:8e:7e:f1:78:4b:a7:91:12:
9b:af:44:b1:e3:e0:0d:bc:4d:b4:ae:09:2d:50:52:15:c1:9a:
0e:3e:ba:17:54:93:6f:9f:84:85:30:8c:22:63:22:fc:81:5a:
6b:72:62:2b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAV4NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjIzMTYxMzU0WhcNMjUwODA1MTYxMzU0WjAYMRYw
FAYDVQQDEw02ODU5N2Q0Ni1hN2ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0/CTX+KGXcVWP3aNa28Ywp/Rl8o7algt6pBgTv2RiNnXlIFG9GzNJ6qB
w5XzlL42akyxau83krYHFV8UAsbubxhXO04pbq8NvWzv+A8VM4d6J2XyCtLS723x
FCbMmzsjt+YLZXmyQh81F8TBC/T09K2ushDSjw/f1rPF6IDc4tPK4ETXjxS66SQr
w91zEyqhr+AmsQfG6qDX7pBx1AyZ90MIVhdVL8ZQWMZCVGy3wjqQvWPOqjqK4pa6
kiFj6AOCNSnEQ5SuWyxqsQzWDUWG9e1jAGJpJKf+GyYROg0M2+IsbvwF9owcoiWl
VaHuqbHUVdPO+Cvrppm3vUWedUB3bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEF+
W+V9VWT402u4VJFaztaUu3lBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTE0MEFGQTUwNEQxMUYwOEM3RTM3OTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnOEIAwQBnOKkMA0GCSqGSIb3
DQEBCwUAA4IBAQC6Hscxghbf9TvTivoCtBjjiscRG67yNBOwsdXMkN08q13kauB/
Z9wMlZMu3T3+plMU+QwEtu3EME1Cv2mPZZWk2gp6NzbzE0/AAuo/VRLvSlkyxfYI
ZKnH+4qNXg2dClzoz1XmUl3O2pczxmBWt0qGKfl02iSub6VSEh5v10CV2cZA64MX
ZHJWznO7hfbnONELPmVZ/pyxXyf1e8DXj3/yH3oVtBHqoGVXSIazAx0dHKEBnHUz
oJyAJD8gDEX1ghwLKBGkSy/NnOrZ6oupZEC9jn7xeEunkRKbr0Sx4+ANvE20rgkt
UFIVwZoOProXVJNvn4SFMIwiYyL8gVprcmIr
-----END CERTIFICATE-----
Generated at Tue Jul 1 05:40:23 2025 by rpki-client