Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3FEAE9FA55B811F0B0EA5DD9DAE4EC9C.roa
File: 3FEAE9FA55B811F0B0EA5DD9DAE4EC9C.roa (raw, json)
Hash identifier: x7sbAzHd7gB4DuU1+QS9gKv2gK4t4xD64Xr8GzYcje0=
Subject key identifier: BB:E3:60:E8:2E:9D:52:39:DA:DE:45:57:E0:7A:00:82:0C:2D:CE:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015F98
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3FEAE9FA55B811F0B0EA5DD9DAE4EC9C.roa
Signing time: Mon 30 Jun 2025 13:43:49 +0000
ROA not before: Mon 30 Jun 2025 13:43:44 +0000
ROA not after: Mon 04 Aug 2025 13:43:44 +0000
asID: 265721
IP address blocks: 156.248.128.0/20 maxlen: 24
156.248.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90008 (0x15f98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jun 30 13:43:44 2025 GMT
Not After : Aug 4 13:43:44 2025 GMT
Subject: CN=68629495-273a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:1a:bc:0e:db:cd:8e:ee:4b:3d:a9:0f:08:
dc:60:a9:34:52:d2:73:b1:3d:11:fc:4e:7b:37:56:
ba:16:61:b0:eb:bc:23:d1:15:a7:02:66:d5:74:89:
ea:00:23:34:05:cf:55:68:ae:55:33:9b:dc:04:bc:
c3:02:21:0d:81:e2:da:0e:ff:fb:34:3e:42:80:08:
df:99:09:dc:ce:20:19:bf:da:94:81:97:b0:5b:01:
41:a8:2a:fa:cd:b5:19:c5:26:c4:f6:0f:42:35:d5:
b5:95:64:6a:25:cc:c2:36:a3:22:44:43:ab:7f:fb:
71:b6:74:df:34:7a:b7:fe:80:35:5f:92:1f:b7:47:
6a:98:72:cc:a6:59:d5:41:bd:72:c7:df:97:46:02:
d4:2d:a5:a7:89:a7:bc:d0:5d:cc:ec:42:dc:21:7b:
7f:51:57:21:7c:48:a3:cc:a6:64:40:bf:bc:96:ef:
a8:b0:51:ab:aa:7b:8f:0f:18:b7:5e:87:e2:9a:08:
b4:53:43:17:ed:90:b4:1b:cd:00:bc:a0:ae:d3:7b:
aa:bc:10:74:ac:bc:f1:c6:74:56:88:5f:25:74:36:
79:6c:38:24:4f:7f:a6:60:50:35:70:5f:e8:4a:21:
99:ad:ec:f3:e1:42:f5:c9:5b:9e:ef:b8:f8:2f:29:
66:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E3:60:E8:2E:9D:52:39:DA:DE:45:57:E0:7A:00:82:0C:2D:CE:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3FEAE9FA55B811F0B0EA5DD9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a6:c3:0a:fd:f9:92:10:bc:43:ed:4c:3e:e5:ed:8e:43:b0:0a:
2f:03:e2:14:f3:fe:d3:75:48:4a:ce:e3:78:c1:c4:dd:71:3e:
8b:86:8b:4d:54:4d:15:12:44:b7:53:a8:4c:8c:0a:ee:4a:ef:
4e:98:ad:f6:5e:49:8c:ff:c5:4f:04:d2:ee:51:8a:57:68:bb:
90:01:32:6d:27:ac:f7:70:69:93:41:a6:de:c1:d5:06:ee:b8:
37:61:a5:a5:2d:b2:68:cf:db:d1:06:4d:c0:8b:4f:99:37:be:
d4:c2:9c:f0:f0:ad:5c:f3:ad:f9:ef:08:59:92:f6:f5:eb:19:
16:ba:74:1c:0f:4e:e6:73:4e:07:a7:66:d5:c1:b1:71:d5:01:
34:a3:db:9a:3f:f8:62:d6:ac:15:25:05:1b:c0:ca:ba:b8:65:
86:89:fa:ff:e6:d6:b4:91:53:a7:ab:69:4c:f8:fb:ae:fc:6d:
0a:7a:cb:e9:98:e4:c8:cf:08:c0:6c:f2:56:a2:99:be:3b:4e:
53:6c:62:f2:de:22:30:43:3c:4e:91:bc:23:ca:ba:1b:f4:0f:
a7:f0:43:36:47:d7:8e:a1:f4:c9:83:55:c4:14:41:b7:a5:b3:
35:f5:84:01:e6:9f:ad:d6:bd:8e:ee:0c:b3:01:69:78:1c:f6:
89:2b:fe:67
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAV+YMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNjMwMTM0MzQ0WhcNMjUwODA0MTM0MzQ0WjAYMRYw
FAYDVQQDEw02ODYyOTQ5NS0yNzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAta0avA7bzY7uSz2pDwjcYKk0UtJzsT0R/E57N1a6FmGw67wj0RWnAmbV
dInqACM0Bc9VaK5VM5vcBLzDAiENgeLaDv/7ND5CgAjfmQncziAZv9qUgZewWwFB
qCr6zbUZxSbE9g9CNdW1lWRqJczCNqMiREOrf/txtnTfNHq3/oA1X5Ift0dqmHLM
plnVQb1yx9+XRgLULaWniae80F3M7ELcIXt/UVchfEijzKZkQL+8lu+osFGrqnuP
Dxi3Xofimgi0U0MX7ZC0G80AvKCu03uqvBB0rLzxxnRWiF8ldDZ5bDgkT3+mYFA1
cF/oSiGZrezz4UL1yVue77j4LylmOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLvj
YOgunVI52t5FV+B6AIIMLc6RMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRkVBRTlGQTU1QjgxMUYwQjBFQTVERDlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFnPiAMA0GCSqGSIb3DQEBCwUA
A4IBAQCmwwr9+ZIQvEPtTD7l7Y5DsAovA+IU8/7TdUhKzuN4wcTdcT6LhotNVE0V
EkS3U6hMjAruSu9OmK32XkmM/8VPBNLuUYpXaLuQATJtJ6z3cGmTQabewdUG7rg3
YaWlLbJoz9vRBk3Ai0+ZN77Uwpzw8K1c86357whZkvb16xkWunQcD07mc04Hp2bV
wbFx1QE0o9uaP/hi1qwVJQUbwMq6uGWGifr/5ta0kVOnq2lM+Puu/G0KesvpmOTI
zwjAbPJWopm+O05TbGLy3iIwQzxOkbwjyrob9A+n8EM2R9eOofTJg1XEFEG3pbM1
9YQB5p+t1r2O7gyzAWl4HPaJK/5n
-----END CERTIFICATE-----
Generated at Fri Jul 4 17:41:00 2025 by rpki-client