Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCB5811E273311F0B5A97EC2DAE4EC9C.roa
File: CCB5811E273311F0B5A97EC2DAE4EC9C.roa (raw, json)
Hash identifier: arNLvklTfdyXiaKllLo/ysx7RaMv3fIQlq4pYvcUiZ4=
Subject key identifier: 2B:38:8E:F4:65:C3:0A:68:EC:F4:B6:B3:4E:A6:5D:44:FB:22:93:C0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015164
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCB5811E273311F0B5A97EC2DAE4EC9C.roa
Signing time: Fri 02 May 2025 08:59:48 +0000
ROA not before: Fri 02 May 2025 08:59:43 +0000
ROA not after: Tue 03 Jun 2025 08:59:43 +0000
asID: 203020
IP address blocks: 156.228.12.0/24 maxlen: 24
156.228.19.0/24 maxlen: 24
156.228.25.0/24 maxlen: 24
156.228.251.0/24 maxlen: 24
156.243.235.0/24 maxlen: 24
156.243.247.0/24 maxlen: 24
156.253.136.0/24 maxlen: 24
156.253.163.0/24 maxlen: 24
156.253.180.0/23 maxlen: 24
156.253.182.0/23 maxlen: 24
156.253.192.0/23 maxlen: 24
156.253.194.0/23 maxlen: 24
156.253.196.0/23 maxlen: 24
156.253.198.0/23 maxlen: 24
156.253.202.0/23 maxlen: 24
156.253.204.0/23 maxlen: 24
156.253.206.0/23 maxlen: 24
156.253.210.0/23 maxlen: 24
156.253.212.0/23 maxlen: 24
156.253.216.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86372 (0x15164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 2 08:59:43 2025 GMT
Not After : Jun 3 08:59:43 2025 GMT
Subject: CN=68148984-b4d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:35:cd:18:48:03:a9:46:0b:72:bc:da:8e:
12:b6:ce:13:4e:00:1e:ad:ea:4d:2d:36:00:c1:55:
6d:9b:06:c8:e7:e4:0e:d3:cb:ff:4c:35:ca:ea:b8:
41:9c:44:f7:84:53:92:7d:26:cf:00:81:c0:1a:07:
e8:ce:f4:cd:54:9e:30:e0:f3:c1:a2:35:7c:89:3f:
c7:4b:03:2a:d4:bb:54:ef:26:7a:30:ee:a4:a2:eb:
8d:3f:9b:ef:86:11:8e:8c:63:fb:76:5e:3e:e1:72:
0e:20:a2:62:d9:91:0e:e4:7d:2f:ae:59:26:b7:3f:
54:81:54:96:ee:ae:78:56:6c:ec:11:98:4e:3b:01:
e7:89:28:df:89:7f:a1:a8:35:da:e2:e3:50:dd:2b:
7c:70:07:51:f1:12:39:af:6c:3c:bd:f3:86:99:9b:
d4:71:71:ea:92:9f:bf:9c:f2:43:8a:2a:51:d5:c9:
0a:18:bc:01:d7:c2:b0:8d:bc:08:e8:45:bd:8e:19:
df:15:93:48:d5:e7:de:e2:25:1a:55:12:59:0d:3f:
4d:37:81:df:9d:cc:24:0a:c7:be:37:9e:9d:f2:88:
84:fa:60:41:6a:b2:6c:42:fb:93:71:0d:c1:77:30:
56:eb:3f:1a:c4:b0:9f:cf:61:be:ab:91:d4:b1:d8:
90:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:38:8E:F4:65:C3:0A:68:EC:F4:B6:B3:4E:A6:5D:44:FB:22:93:C0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCB5811E273311F0B5A97EC2DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.12.0/24
156.228.19.0/24
156.228.25.0/24
156.228.251.0/24
156.243.235.0/24
156.243.247.0/24
156.253.136.0/24
156.253.163.0/24
156.253.180.0/22
156.253.192.0/21
156.253.202.0-156.253.207.255
156.253.210.0-156.253.213.255
156.253.216.0/23
Signature Algorithm: sha256WithRSAEncryption
76:6a:99:5b:4f:b9:f4:f6:07:34:45:ba:77:1e:ad:35:53:a0:
2b:f5:4d:b1:b8:43:3a:1e:04:26:fe:31:a3:fe:bd:4c:2d:41:
3a:be:2a:db:2b:e4:3e:c1:6a:f7:e3:b4:9f:ce:48:73:34:3e:
20:29:2e:8e:1a:06:2f:ea:d6:b6:90:52:b0:9e:5d:4f:42:90:
5f:48:63:cc:46:bb:55:72:8c:63:d8:34:25:c9:aa:1c:bb:8e:
b4:5c:c5:9d:70:01:30:e0:c9:b1:55:74:7c:11:f2:7f:76:78:
01:04:00:fc:2c:ae:6f:86:97:80:00:49:04:d9:76:df:dd:4d:
06:6d:50:ca:3a:a1:99:ff:96:27:42:24:e9:d5:eb:26:d9:eb:
2f:1d:a8:a3:3f:65:2e:4d:05:27:7b:78:d1:0a:b7:2c:87:fd:
14:3c:38:8b:17:b3:6d:b8:4b:fd:66:e6:a4:be:a4:c0:a0:0c:
d2:2a:36:b2:d7:db:ee:6b:ec:68:2d:94:5c:61:b5:51:8e:c2:
8b:67:e4:4b:a1:96:7d:cc:8f:ca:1c:8c:53:35:34:46:b9:6c:
2c:f4:cc:3b:e7:09:c8:eb:38:09:83:48:46:24:30:ab:e8:d8:
05:72:57:57:02:05:c2:cd:13:18:7f:fe:55:bb:33:cf:33:93:
e4:14:9d:a0
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIDAVFkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAyMDg1OTQzWhcNMjUwNjAzMDg1OTQzWjAYMRYw
FAYDVQQDEw02ODE0ODk4NC1iNGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzV01zRhIA6lGC3K82o4Sts4TTgAerepNLTYAwVVtmwbI5+QO08v/TDXK
6rhBnET3hFOSfSbPAIHAGgfozvTNVJ4w4PPBojV8iT/HSwMq1LtU7yZ6MO6kouuN
P5vvhhGOjGP7dl4+4XIOIKJi2ZEO5H0vrlkmtz9UgVSW7q54VmzsEZhOOwHniSjf
iX+hqDXa4uNQ3St8cAdR8RI5r2w8vfOGmZvUcXHqkp+/nPJDiipR1ckKGLwB18Kw
jbwI6EW9jhnfFZNI1efe4iUaVRJZDT9NN4HfncwkCse+N56d8oiE+mBBarJsQvuT
cQ3BdzBW6z8axLCfz2G+q5HUsdiQdQIDAQABo4IC+jCCAvYwHQYDVR0OBBYEFCs4
jvRlwwpo7PS2s06mXUT7IpPAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQ0I1ODExRTI3MzMxMUYwQjVBOTdFQzJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAnOQMAwQAnOQTAwQAnOQZAwQA
nOT7AwQAnPPrAwQAnPP3AwQAnP2IAwQAnP2jAwQCnP20AwQDnP3AMAwDBAGc/coD
BASc/cAwDAMEAZz90gMEAZz91AMEAZz92DANBgkqhkiG9w0BAQsFAAOCAQEAdmqZ
W0+59PYHNEW6dx6tNVOgK/VNsbhDOh4EJv4xo/69TC1BOr4q2yvkPsFq9+O0n85I
czQ+ICkujhoGL+rWtpBSsJ5dT0KQX0hjzEa7VXKMY9g0JcmqHLuOtFzFnXABMODJ
sVV0fBHyf3Z4AQQA/Cyub4aXgABJBNl2391NBm1Qyjqhmf+WJ0Ik6dXrJtnrLx2o
oz9lLk0FJ3t40Qq3LIf9FDw4ixezbbhL/WbmpL6kwKAM0io2stfb7mvsaC2UXGG1
UY7Ci2fkS6GWfcyPyhyMUzU0RrlsLPTMO+cJyOs4CYNIRiQwq+jYBXJXVwIFws0T
GH/+VbszzzOT5BSdoA==
-----END CERTIFICATE-----
Generated at Sat May 10 18:48:36 2025 by rpki-client