Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E83CA36265D11F0A0E3CFAADAE4EC9C.roa
File: 7E83CA36265D11F0A0E3CFAADAE4EC9C.roa (raw, json)
Hash identifier: 91k0favqUK53UCgAdDo5foFAQyePcy+BGz7Km+grazE=
Subject key identifier: 4D:63:D9:5F:25:E5:56:14:20:8A:77:62:4C:8B:4A:B0:18:6D:83:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01511A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E83CA36265D11F0A0E3CFAADAE4EC9C.roa
Signing time: Thu 01 May 2025 07:25:45 +0000
ROA not before: Thu 01 May 2025 07:25:40 +0000
ROA not after: Thu 30 Apr 2026 07:25:40 +0000
asID: 984
IP address blocks: 156.231.56.0/24 maxlen: 24
156.231.160.0/24 maxlen: 24
156.231.161.0/24 maxlen: 24
156.231.170.0/24 maxlen: 24
156.231.171.0/24 maxlen: 24
156.238.18.0/24 maxlen: 24
156.238.183.0/24 maxlen: 24
156.239.16.0/24 maxlen: 24
156.239.20.0/24 maxlen: 24
156.239.21.0/24 maxlen: 24
156.239.22.0/24 maxlen: 24
156.239.23.0/24 maxlen: 24
156.239.128.0/24 maxlen: 24
156.239.129.0/24 maxlen: 24
156.242.120.0/24 maxlen: 24
156.242.121.0/24 maxlen: 24
156.242.122.0/24 maxlen: 24
156.253.0.0/24 maxlen: 24
156.253.1.0/24 maxlen: 24
156.253.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86298 (0x1511a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 1 07:25:40 2025 GMT
Not After : Apr 30 07:25:40 2026 GMT
Subject: CN=681321f9-b07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:50:27:c4:03:b8:6e:1b:a7:b6:6b:31:18:b9:
29:a6:0e:ab:c3:14:dc:9f:2c:13:a1:8f:9e:74:eb:
d3:51:5d:4b:b4:ca:0e:0f:7b:97:63:24:b4:ad:42:
e4:a5:96:d6:79:d7:b2:26:03:95:50:c9:00:c9:34:
f1:77:88:15:6e:17:e0:60:fa:e2:28:39:95:79:e6:
57:f1:9e:fd:12:bb:d5:11:5e:5d:d8:21:aa:21:20:
a7:67:c5:b7:c6:c7:c8:15:d2:33:27:89:d0:9a:dc:
51:15:66:89:b0:82:5f:50:61:7d:6d:ea:03:12:28:
4f:6c:30:d4:65:00:95:aa:ea:bd:74:e6:3a:75:25:
d3:ba:0e:44:ce:24:3d:10:09:ad:b5:aa:d7:0a:e3:
f9:00:7e:03:df:3b:f0:c0:0f:51:3d:4a:d8:d6:a2:
6a:0b:85:29:15:6b:65:fd:1f:3f:ef:e6:0f:d0:f9:
3f:c0:85:3f:8a:da:b5:48:8f:e9:ab:23:70:f6:7e:
2b:09:72:3f:58:40:43:f4:eb:23:47:d2:5a:04:94:
41:a1:68:2e:ab:da:85:46:87:f9:2b:93:32:35:b9:
1b:0b:d7:49:06:df:9b:8f:6e:6d:e1:96:34:c2:a3:
62:8c:66:5e:6e:42:95:ba:ae:24:d5:ac:02:19:b1:
58:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:63:D9:5F:25:E5:56:14:20:8A:77:62:4C:8B:4A:B0:18:6D:83:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7E83CA36265D11F0A0E3CFAADAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.56.0/24
156.231.160.0/23
156.231.170.0/23
156.238.18.0/24
156.238.183.0/24
156.239.16.0/24
156.239.20.0/22
156.239.128.0/23
156.242.120.0-156.242.122.255
156.253.0.0/23
156.253.154.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:b6:01:aa:b5:df:7e:25:0c:4d:80:9d:6e:1a:5a:78:06:31:
a8:bc:ff:4b:7c:37:aa:ce:cd:85:39:a7:dc:9d:7e:14:3b:3b:
ea:f2:34:4f:86:13:5e:f7:ff:9e:d9:a8:53:09:ce:43:88:42:
78:ef:5b:b4:ea:84:67:de:59:62:6a:44:91:9e:ae:55:6f:d3:
bf:a5:ca:df:f0:2a:80:cc:2f:b4:94:c8:0f:bd:41:76:bb:2a:
fc:6b:1f:fa:6d:68:4c:4e:ad:ba:f6:29:bb:91:63:9b:c5:7c:
4c:0c:49:87:9a:8b:fd:77:2e:ca:e1:b0:a3:98:01:21:8e:d8:
b0:34:3d:cf:eb:5a:a2:75:5a:2f:d2:c0:9c:1a:1d:c4:c0:36:
c8:b0:12:de:ba:9f:fa:7b:c9:fd:27:cb:fa:a7:e4:50:ab:c3:
76:b8:5b:d6:45:5d:06:d9:97:c1:00:84:28:30:b1:fd:68:b1:
7d:d4:bb:23:27:f0:31:58:b1:05:2b:b2:22:01:1b:d4:84:28:
af:06:17:67:d7:23:e0:47:23:84:aa:5e:23:41:37:5f:31:50:
c8:e6:50:a9:2a:da:9e:ae:15:3e:bb:08:f2:a7:3b:a4:38:c2:
7e:5e:62:3f:bb:7e:11:3c:af:e8:22:d5:22:d2:49:00:fa:a9:
96:ed:56:40
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIDAVEaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAxMDcyNTQwWhcNMjYwNDMwMDcyNTQwWjAYMRYw
FAYDVQQDEw02ODEzMjFmOS1iMDdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArVAnxAO4bhuntmsxGLkppg6rwxTcnywToY+edOvTUV1LtMoOD3uXYyS0
rULkpZbWedeyJgOVUMkAyTTxd4gVbhfgYPriKDmVeeZX8Z79ErvVEV5d2CGqISCn
Z8W3xsfIFdIzJ4nQmtxRFWaJsIJfUGF9beoDEihPbDDUZQCVquq9dOY6dSXTug5E
ziQ9EAmttarXCuP5AH4D3zvwwA9RPUrY1qJqC4UpFWtl/R8/7+YP0Pk/wIU/itq1
SI/pqyNw9n4rCXI/WEBD9OsjR9JaBJRBoWguq9qFRof5K5MyNbkbC9dJBt+bj25t
4ZY0wqNijGZebkKVuq4k1awCGbFYiwIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFE1j
2V8l5VYUIIp3YkyLSrAYbYMYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RTgzQ0EzNjI2NUQxMUYwQTBFM0NGQUFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAnOc4AwQBnOegAwQBnOeqAwQA
nO4SAwQAnO63AwQAnO8QAwQCnO8UAwQBnO+AMAwDBAOc8ngDBACc8noDBAGc/QAD
BACc/ZowDQYJKoZIhvcNAQELBQADggEBAC+2Aaq1334lDE2AnW4aWngGMai8/0t8
N6rOzYU5p9ydfhQ7O+ryNE+GE173/57ZqFMJzkOIQnjvW7TqhGfeWWJqRJGerlVv
07+lyt/wKoDML7SUyA+9QXa7KvxrH/ptaExOrbr2KbuRY5vFfEwMSYeai/13Lsrh
sKOYASGO2LA0Pc/rWqJ1Wi/SwJwaHcTANsiwEt66n/p7yf0ny/qn5FCrw3a4W9ZF
XQbZl8EAhCgwsf1osX3UuyMn8DFYsQUrsiIBG9SEKK8GF2fXI+BHI4SqXiNBN18x
UMjmUKkq2p6uFT67CPKnO6Q4wn5eYj+7fhE8r+gi1SLSSQD6qZbtVkA=
-----END CERTIFICATE-----
Generated at Sun May 11 09:11:15 2025 by rpki-client