Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11BE912645F511F0ACEB1EB4DAE4EC9C.roa
File: 11BE912645F511F0ACEB1EB4DAE4EC9C.roa (raw, json)
Hash identifier: 0MzFORZp2B3GFonmMxnvLZ+QM8i7FY5pOl0y5u30+OM=
Subject key identifier: 52:86:89:83:B6:B9:95:3F:32:6A:8D:D8:B7:97:DE:93:B3:1C:99:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015ACD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11BE912645F511F0ACEB1EB4DAE4EC9C.roa
Signing time: Tue 10 Jun 2025 12:18:52 +0000
ROA not before: Tue 10 Jun 2025 12:18:45 +0000
ROA not after: Mon 31 Aug 2026 12:18:45 +0000
asID: 138995
IP address blocks: 156.227.28.0/24 maxlen: 24
156.227.29.0/24 maxlen: 24
156.227.30.0/24 maxlen: 24
156.227.31.0/24 maxlen: 24
156.245.15.0/24 maxlen: 24
156.245.17.0/24 maxlen: 24
156.245.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 02 Jul 2025 00:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88781 (0x15acd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 10 12:18:45 2025 GMT
Not After : Aug 31 12:18:45 2026 GMT
Subject: CN=684822ac-e2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:98:a4:37:72:ef:0c:e4:5f:12:1a:74:0e:f7:
66:40:80:30:cf:1f:78:a0:04:c0:9d:23:0f:2c:51:
e2:93:3e:67:2a:74:c9:b4:df:a5:ab:71:0c:37:d1:
b7:1c:ae:a6:5a:a5:e0:b8:a6:3c:28:46:45:60:b0:
d9:df:fc:87:02:46:73:73:11:58:b9:b2:79:9c:e2:
3b:9f:be:17:ec:78:85:d4:b9:9a:9c:2c:6a:5b:9d:
94:78:f2:a8:a5:8a:a2:02:94:d7:d1:14:bf:1c:70:
b9:3e:4d:67:7b:aa:c6:e6:ae:8b:4c:0a:5a:3f:cd:
2d:cd:d2:e3:77:26:37:b0:a6:36:40:d9:34:77:09:
5e:d9:98:cc:61:fc:fa:68:46:69:77:51:2e:35:27:
c8:60:4d:7c:ac:b0:8b:64:d1:cc:77:89:85:3d:3f:
3b:f3:12:7b:59:fd:6a:ee:36:c0:26:88:8b:f2:b6:
19:0e:dd:fe:40:4d:f9:c4:83:ee:6d:1b:66:bf:77:
3a:02:84:06:1e:0f:5a:25:4a:5b:cb:e0:f9:e1:97:
4b:6a:e9:59:1b:9d:dc:4e:f4:e6:ba:42:1a:12:22:
8a:68:29:24:8e:7a:13:67:1e:e3:d7:19:cd:d0:bc:
73:15:df:d7:e3:91:d6:44:24:16:be:63:2e:8c:b0:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:86:89:83:B6:B9:95:3F:32:6A:8D:D8:B7:97:DE:93:B3:1C:99:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11BE912645F511F0ACEB1EB4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.28.0/22
156.245.15.0/24
156.245.17.0/24
156.245.30.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:ec:70:7e:8e:ff:30:d0:c9:a9:33:96:25:7c:0d:82:6b:02:
99:e6:09:82:0f:a8:a0:d7:ed:5d:29:b0:c4:f4:13:5f:c1:e5:
fc:48:bb:9a:99:14:51:f9:3d:bd:20:6d:e9:d3:54:05:cc:b5:
61:cf:59:da:97:f0:f6:1d:f0:1e:ef:61:54:86:3f:12:f2:9e:
aa:d2:9f:3b:cf:e9:d1:f8:cb:c4:0e:85:4d:b6:3e:1a:17:9a:
a7:5a:32:7d:a0:b8:3f:68:28:44:19:fd:51:3f:95:84:8d:26:
f7:73:e4:39:5d:f2:f3:f6:16:f6:5e:59:80:f7:26:6f:85:e6:
53:22:5a:c5:91:52:0b:84:23:8a:ac:43:fa:5a:53:00:75:c2:
25:d1:e4:9c:31:76:57:fa:51:bb:3c:56:eb:ba:b5:16:4c:79:
0a:7e:8e:ac:9b:8c:83:3c:6e:b2:cc:f8:8f:99:39:f0:c1:de:
6d:50:e5:25:17:dc:ed:7b:46:36:05:97:71:2c:b7:4f:01:0e:
2d:f3:ff:1c:38:d0:00:39:0a:e7:67:5e:04:f1:35:b0:3f:4f:
a0:8e:ec:28:14:12:50:fb:74:1f:7b:95:78:06:43:73:cb:11:
d0:c6:0f:93:8b:9e:9b:29:b1:35:a0:15:39:7a:71:57:09:8d:
a9:72:38:21
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAVrNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjEwMTIxODQ1WhcNMjYwODMxMTIxODQ1WjAYMRYw
FAYDVQQDEw02ODQ4MjJhYy1lMmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo5ikN3LvDORfEhp0DvdmQIAwzx94oATAnSMPLFHikz5nKnTJtN+lq3EM
N9G3HK6mWqXguKY8KEZFYLDZ3/yHAkZzcxFYubJ5nOI7n74X7HiF1LmanCxqW52U
ePKopYqiApTX0RS/HHC5Pk1ne6rG5q6LTApaP80tzdLjdyY3sKY2QNk0dwle2ZjM
Yfz6aEZpd1EuNSfIYE18rLCLZNHMd4mFPT878xJ7Wf1q7jbAJoiL8rYZDt3+QE35
xIPubRtmv3c6AoQGHg9aJUpby+D54ZdLaulZG53cTvTmukIaEiKKaCkkjnoTZx7j
1xnN0LxzFd/X45HWRCQWvmMujLAI0wIDAQABo4ICtDCCArAwHQYDVR0OBBYEFFKG
iYO2uZU/MmqN2LeX3pOzHJmmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMUJFOTEyNjQ1RjUxMUYwQUNFQjFFQjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCnOMcAwQAnPUPAwQAnPURAwQA
nPUeMA0GCSqGSIb3DQEBCwUAA4IBAQAf7HB+jv8w0MmpM5YlfA2CawKZ5gmCD6ig
1+1dKbDE9BNfweX8SLuamRRR+T29IG3p01QFzLVhz1nal/D2HfAe72FUhj8S8p6q
0p87z+nR+MvEDoVNtj4aF5qnWjJ9oLg/aChEGf1RP5WEjSb3c+Q5XfLz9hb2XlmA
9yZvheZTIlrFkVILhCOKrEP6WlMAdcIl0eScMXZX+lG7PFbrurUWTHkKfo6sm4yD
PG6yzPiPmTnwwd5tUOUlF9zte0Y2BZdxLLdPAQ4t8/8cONAAOQrnZ14E8TWwP0+g
juwoFBJQ+3Qfe5V4BkNzyxHQxg+Ti56bKbE1oBU5enFXCY2pcjgh
-----END CERTIFICATE-----
Generated at Mon Jun 30 11:35:55 2025 by rpki-client