Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0747773AF64A11EFA1B30758762E951A.roa
File: 0747773AF64A11EFA1B30758762E951A.roa (raw, json)
Hash identifier: t5OQLi75lEv1dPPJiavcGyOM6Esbt09HzJG+W/bIV/M=
Subject key identifier: DE:C4:11:BB:1C:8B:93:3A:B7:76:4F:94:7B:4C:4C:1A:2E:64:C0:02
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013F7C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0747773AF64A11EFA1B30758762E951A.roa
Signing time: Sat 01 Mar 2025 03:05:28 +0000
ROA not before: Sat 01 Mar 2025 03:05:24 +0000
ROA not after: Sat 19 Feb 2028 03:05:24 +0000
asID: 17561
IP address blocks: 156.229.123.0/24 maxlen: 24
156.233.18.0/24 maxlen: 24
156.233.35.0/24 maxlen: 24
156.233.41.0/24 maxlen: 24
156.233.45.0/24 maxlen: 24
156.233.50.0/24 maxlen: 24
156.233.61.0/24 maxlen: 24
156.233.63.0/24 maxlen: 24
156.233.78.0/24 maxlen: 24
156.233.104.0/24 maxlen: 24
156.233.215.0/24 maxlen: 24
156.233.229.0/24 maxlen: 24
156.233.237.0/24 maxlen: 24
156.233.243.0/24 maxlen: 24
156.233.251.0/24 maxlen: 24
156.248.5.0/24 maxlen: 24
156.248.31.0/24 maxlen: 24
156.254.86.0/24 maxlen: 24
156.254.88.0/24 maxlen: 24
156.254.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81788 (0x13f7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 03:05:24 2025 GMT
Not After : Feb 19 03:05:24 2028 GMT
Subject: CN=67c27978-5880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:33:c3:65:b8:80:60:7a:d8:4e:65:5a:7e:81:
b3:10:b5:ea:d0:5b:a3:69:0c:77:5b:9a:03:d4:e7:
7d:00:54:ec:7b:53:21:76:57:b3:c5:37:4e:4a:c4:
4a:5e:b8:a2:33:ff:30:43:c8:61:06:b9:51:c5:5f:
9d:61:28:47:49:99:08:c7:1b:46:26:ee:f5:0f:1f:
4f:1e:8f:1e:68:45:74:a4:c8:94:c1:d7:c9:b4:8b:
a1:12:e0:c3:96:fe:1a:40:83:cf:4b:bf:0f:1f:bf:
dd:58:96:e6:8a:9a:24:fb:13:f4:37:8d:80:9f:5d:
a5:0f:a5:a4:bb:8a:2e:1b:90:8b:18:30:58:76:52:
5d:32:8a:85:6a:0d:10:fa:68:23:e9:f6:ac:b6:6e:
03:16:1e:16:34:bc:a1:cf:ce:be:3c:5b:a4:12:dc:
38:ed:65:8e:b4:5f:3e:1c:e8:ca:77:33:27:d6:0e:
57:ad:3f:5d:6b:27:bd:b7:60:e4:7f:e4:a7:09:2d:
3e:c7:23:eb:17:b4:12:8f:c5:70:6c:bc:05:17:eb:
2c:8b:14:25:2f:6d:6a:4a:47:dd:07:e7:d4:e4:d5:
2d:ea:e4:8e:0e:a3:86:be:5b:7c:57:5c:cf:94:30:
5f:c5:63:eb:2d:fa:5c:f5:84:29:3f:2e:cd:ec:d7:
71:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C4:11:BB:1C:8B:93:3A:B7:76:4F:94:7B:4C:4C:1A:2E:64:C0:02
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0747773AF64A11EFA1B30758762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.123.0/24
156.233.18.0/24
156.233.35.0/24
156.233.41.0/24
156.233.45.0/24
156.233.50.0/24
156.233.61.0/24
156.233.63.0/24
156.233.78.0/24
156.233.104.0/24
156.233.215.0/24
156.233.229.0/24
156.233.237.0/24
156.233.243.0/24
156.233.251.0/24
156.248.5.0/24
156.248.31.0/24
156.254.86.0/24
156.254.88.0/24
156.254.95.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:2b:00:cd:a6:0c:f2:25:33:fa:ea:83:f7:99:54:2d:42:2f:
77:93:8c:d4:3e:57:b4:cf:82:d0:b8:3a:ab:2c:2e:8a:9e:c1:
35:cd:f1:e0:24:d4:93:1d:7e:26:56:19:ad:80:fc:05:87:3f:
e9:db:a7:22:e7:58:f3:84:03:f0:dc:23:4b:04:47:84:57:aa:
b8:1d:8e:47:fa:ac:f0:e2:cd:0d:f3:dc:22:ee:c5:eb:13:e0:
c7:e3:7d:56:6d:81:e3:61:05:a8:57:0d:35:51:7b:82:7a:43:
f1:37:a3:2a:69:a1:9d:64:59:eb:24:61:31:9f:82:7f:50:b0:
45:52:c5:75:73:7f:43:15:11:a8:fd:54:06:5b:ab:b9:bc:88:
b7:64:6d:c1:1a:73:d7:9c:87:c1:a9:a5:6f:7b:7d:b5:a2:53:
74:d4:6c:6d:ea:f1:86:2a:b1:43:20:6a:20:d9:94:51:be:0d:
b3:1a:f5:ae:b8:82:30:bf:f1:e5:89:91:b4:4a:60:60:5f:95:
6a:28:73:64:db:44:d2:7d:9c:bd:a6:d0:fd:b4:ae:97:ff:20:
9c:ea:ba:e0:7f:9f:0a:bd:0c:d4:d2:cc:0a:9e:a1:84:24:06:
79:e8:e5:25:3f:7f:de:83:62:47:3c:aa:a0:33:f9:8d:c4:8e:
c2:32:b8:85
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgIDAT98MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDMwNTI0WhcNMjgwMjE5MDMwNTI0WjAYMRYw
FAYDVQQDEw02N2MyNzk3OC01ODgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6zPDZbiAYHrYTmVafoGzELXq0FujaQx3W5oD1Od9AFTse1MhdlezxTdO
SsRKXriiM/8wQ8hhBrlRxV+dYShHSZkIxxtGJu71Dx9PHo8eaEV0pMiUwdfJtIuh
EuDDlv4aQIPPS78PH7/dWJbmipok+xP0N42An12lD6Wku4ouG5CLGDBYdlJdMoqF
ag0Q+mgj6fastm4DFh4WNLyhz86+PFukEtw47WWOtF8+HOjKdzMn1g5XrT9daye9
t2Dkf+SnCS0+xyPrF7QSj8VwbLwFF+ssixQlL21qSkfdB+fU5NUt6uSODqOGvlt8
V1zPlDBfxWPrLfpc9YQpPy7N7NdxCwIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFN7E
Ebsci5M6t3ZPlHtMTBouZMACMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNzQ3NzczQUY2NEExMUVGQTFCMzA3NTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAnOV7AwQAnOkSAwQAnOkj
AwQAnOkpAwQAnOktAwQAnOkyAwQAnOk9AwQAnOk/AwQAnOlOAwQAnOloAwQAnOnX
AwQAnOnlAwQAnOntAwQAnOnzAwQAnOn7AwQAnPgFAwQAnPgfAwQAnP5WAwQAnP5Y
AwQAnP5fMA0GCSqGSIb3DQEBCwUAA4IBAQCcKwDNpgzyJTP66oP3mVQtQi93k4zU
Ple0z4LQuDqrLC6KnsE1zfHgJNSTHX4mVhmtgPwFhz/p26ci51jzhAPw3CNLBEeE
V6q4HY5H+qzw4s0N89wi7sXrE+DH431WbYHjYQWoVw01UXuCekPxN6MqaaGdZFnr
JGExn4J/ULBFUsV1c39DFRGo/VQGW6u5vIi3ZG3BGnPXnIfBqaVve321olN01Gxt
6vGGKrFDIGog2ZRRvg2zGvWuuIIwv/HliZG0SmBgX5VqKHNk20TSfZy9ptD9tK6X
/yCc6rrgf58KvQzU0swKnqGEJAZ56OUlP3/eg2JHPKqgM/mNxI7CMriF
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:01 2025 by rpki-client