Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE9B861225F411F085E389E0DAE4EC9C.roa
File: CE9B861225F411F085E389E0DAE4EC9C.roa (raw, json)
Hash identifier: xI/JbZbCuFHG3K2J0PeI7kRqH8cCmRrTnwPF8zF1Ykw=
Subject key identifier: 28:E5:C7:01:2D:77:DF:9A:9A:1E:10:23:23:1B:A9:60:A5:68:DA:B8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0150C1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE9B861225F411F085E389E0DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 18:56:22 +0000
ROA not before: Wed 30 Apr 2025 18:56:17 +0000
ROA not after: Wed 26 Apr 2028 18:56:17 +0000
asID: 17561
IP address blocks: 156.229.7.0/24 maxlen: 24
156.229.52.0/24 maxlen: 24
156.229.53.0/24 maxlen: 24
156.229.55.0/24 maxlen: 24
156.229.56.0/24 maxlen: 24
156.229.58.0/24 maxlen: 24
156.229.61.0/24 maxlen: 24
156.229.63.0/24 maxlen: 24
156.232.0.0/24 maxlen: 24
156.232.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86209 (0x150c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 18:56:17 2025 GMT
Not After : Apr 26 18:56:17 2028 GMT
Subject: CN=68127256-371e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ba:26:de:dd:16:43:8a:12:5e:37:40:5e:3a:
03:d3:d5:73:a9:16:75:bc:2f:de:fe:b7:28:92:99:
22:0a:58:b7:84:df:c2:46:86:76:a2:71:44:9d:4a:
a4:8a:6e:f3:d2:35:8f:28:9c:24:ea:94:40:5e:a4:
0c:2f:c6:de:01:4e:d6:54:ae:c6:a3:78:d6:48:a9:
3b:3b:0f:43:00:21:31:32:1d:33:15:aa:34:0c:1c:
be:74:43:20:b3:24:3b:a7:09:6f:67:0b:66:80:8d:
e4:af:e7:04:5d:f4:c3:03:a3:33:3a:1f:28:02:be:
5e:30:43:20:1a:f1:af:96:b1:bd:c2:54:01:26:b6:
18:92:f4:22:e4:e7:6b:1f:76:f8:c3:9f:56:2e:05:
d9:80:34:7d:1c:e6:e6:3a:eb:1e:61:ee:59:a3:d8:
d7:43:29:ef:a0:8b:df:fe:ca:31:ae:1e:76:fe:15:
1c:61:4d:ba:8e:8e:f9:1a:11:27:5c:9e:0d:1e:19:
fb:2d:b7:5d:c9:d0:84:82:48:6d:e2:c8:18:eb:26:
22:96:fa:ee:ef:e0:7a:ed:12:53:f4:06:2e:c3:a3:
66:47:64:5f:21:92:67:22:4d:e5:54:f8:6a:a4:cd:
bd:1c:81:da:81:f5:82:09:34:df:a3:ec:6e:2e:0d:
f8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E5:C7:01:2D:77:DF:9A:9A:1E:10:23:23:1B:A9:60:A5:68:DA:B8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE9B861225F411F085E389E0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.7.0/24
156.229.52.0/23
156.229.55.0-156.229.56.255
156.229.58.0/24
156.229.61.0/24
156.229.63.0/24
156.232.0.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:34:1e:f6:82:47:e7:b0:88:c0:58:c3:11:f8:37:ea:3b:ea:
f4:64:aa:99:4a:26:b3:b2:1e:df:89:e4:d0:4f:f4:42:67:ea:
6c:b6:f4:de:12:02:cc:55:77:b4:84:25:2b:fe:0a:9f:73:2f:
cf:a5:cd:ee:0f:fe:45:8c:a5:d0:c4:a5:33:76:b0:8a:50:18:
9c:07:74:b9:b1:8f:88:55:d0:9c:d2:17:42:74:c3:9c:92:db:
ed:d0:a4:f4:06:ae:17:b4:9e:8c:92:82:ff:de:52:46:b7:f2:
5a:93:24:d6:40:58:9a:f3:77:88:01:6e:0e:7d:ac:f0:7d:4c:
dc:16:87:81:75:19:34:62:cf:8b:1c:9a:f8:0d:0a:8e:c5:dd:
89:59:ab:d3:d2:d3:fa:b1:74:56:c9:76:49:03:63:9f:61:8c:
e7:ce:24:d8:41:68:ca:45:08:0e:05:4f:da:71:f2:41:ab:0f:
d3:e9:73:7f:50:2f:10:bf:9e:83:8b:c2:05:11:a4:be:80:66:
3f:b3:b0:db:a8:20:56:d8:33:0e:4b:ff:90:ab:21:f2:a0:73:
df:77:02:26:9f:2f:f7:67:52:79:e0:3b:de:93:f7:27:e6:3f:
6d:8e:cc:62:2d:dc:b4:38:fa:44:5e:64:f2:ba:ec:87:27:43:
8d:bf:b5:cf
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIDAVDBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMTg1NjE3WhcNMjgwNDI2MTg1NjE3WjAYMRYw
FAYDVQQDEw02ODEyNzI1Ni0zNzFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwLom3t0WQ4oSXjdAXjoD09VzqRZ1vC/e/rcokpkiCli3hN/CRoZ2onFE
nUqkim7z0jWPKJwk6pRAXqQML8beAU7WVK7Go3jWSKk7Ow9DACExMh0zFao0DBy+
dEMgsyQ7pwlvZwtmgI3kr+cEXfTDA6MzOh8oAr5eMEMgGvGvlrG9wlQBJrYYkvQi
5OdrH3b4w59WLgXZgDR9HObmOuseYe5Zo9jXQynvoIvf/soxrh52/hUcYU26jo75
GhEnXJ4NHhn7LbddydCEgkht4sgY6yYilvru7+B67RJT9AYuw6NmR2RfIZJnIk3l
VPhqpM29HIHagfWCCTTfo+xuLg34JwIDAQABo4ICzjCCAsowHQYDVR0OBBYEFCjl
xwEtd9+amh4QIyMbqWClaNq4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTlCODYxMjI1RjQxMUYwODVFMzg5RTBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAnOUHAwQBnOU0MAwDBACc5TcD
BACc5TgDBACc5ToDBACc5T0DBACc5T8DBAGc6AAwDQYJKoZIhvcNAQELBQADggEB
AAo0HvaCR+ewiMBYwxH4N+o76vRkqplKJrOyHt+J5NBP9EJn6my29N4SAsxVd7SE
JSv+Cp9zL8+lze4P/kWMpdDEpTN2sIpQGJwHdLmxj4hV0JzSF0J0w5yS2+3QpPQG
rhe0noySgv/eUka38lqTJNZAWJrzd4gBbg59rPB9TNwWh4F1GTRiz4scmvgNCo7F
3YlZq9PS0/qxdFbJdkkDY59hjOfOJNhBaMpFCA4FT9px8kGrD9Ppc39QLxC/noOL
wgURpL6AZj+zsNuoIFbYMw5L/5CrIfKgc993AiafL/dnUnngO96T9yfmP22OzGIt
3LQ4+kReZPK67IcnQ42/tc8=
-----END CERTIFICATE-----
Generated at Sat May 10 10:42:36 2025 by rpki-client