Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/091CBC62F64C11EFBECD7467762E951A.roa
File: 091CBC62F64C11EFBECD7467762E951A.roa (raw, json)
Hash identifier: 5ziyz+9zdopHo84KCob1uDIZuVUwHb4WZgrBkubSfCQ=
Subject key identifier: 47:73:A5:56:49:80:F1:BC:C9:3F:C0:29:F2:FA:DD:C0:6D:61:46:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013F82
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/091CBC62F64C11EFBECD7467762E951A.roa
Signing time: Sat 01 Mar 2025 03:19:50 +0000
ROA not before: Sat 01 Mar 2025 03:19:47 +0000
ROA not after: Tue 22 Feb 2028 03:19:47 +0000
asID: 17561
IP address blocks: 156.238.87.0/24 maxlen: 24
156.238.88.0/24 maxlen: 24
156.238.89.0/24 maxlen: 24
156.238.90.0/24 maxlen: 24
156.238.91.0/24 maxlen: 24
156.238.92.0/24 maxlen: 24
156.238.93.0/24 maxlen: 24
156.238.94.0/24 maxlen: 24
156.238.95.0/24 maxlen: 24
156.238.96.0/24 maxlen: 24
156.238.101.0/24 maxlen: 24
156.238.102.0/24 maxlen: 24
156.238.103.0/24 maxlen: 24
156.246.30.0/24 maxlen: 24
156.253.37.0/24 maxlen: 24
156.253.38.0/24 maxlen: 24
156.253.40.0/24 maxlen: 24
156.253.43.0/24 maxlen: 24
156.253.44.0/24 maxlen: 24
156.253.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81794 (0x13f82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 1 03:19:47 2025 GMT
Not After : Feb 22 03:19:47 2028 GMT
Subject: CN=67c27cd6-5103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:00:6a:e3:51:84:61:ce:d8:2b:8f:70:c3:
6a:f6:86:7e:be:ca:fb:a5:41:26:5e:79:fd:ca:2a:
e7:ba:c1:18:84:2f:1f:c7:60:e9:ba:19:e1:e1:40:
8c:6b:34:81:cc:17:46:fe:3f:fb:92:51:a1:ff:73:
10:ec:e2:34:71:e7:18:2c:a7:28:04:5e:c2:ed:c2:
f9:9f:65:04:43:32:e7:10:04:10:ff:73:f8:f1:d0:
1e:e6:2b:d3:f6:b0:34:fc:4c:f9:79:bd:68:5d:0e:
d3:07:f8:f1:9f:8c:6e:c0:07:51:65:3c:9b:18:31:
5d:82:89:44:16:b5:aa:c3:6c:e0:63:d2:8f:db:6d:
e0:5d:6d:fb:6a:3f:31:fc:2a:46:eb:1f:72:97:58:
7a:66:40:15:e6:e7:63:68:c9:0c:70:12:11:63:a2:
2b:3c:fb:e2:27:8a:99:75:58:f2:6b:30:99:69:6f:
29:2a:60:7b:e8:de:5c:eb:96:49:ca:3a:42:34:02:
bb:5e:b3:9d:e1:c5:fe:34:6f:7e:97:a6:11:c9:76:
65:82:6f:66:5c:0d:ff:99:4f:29:12:84:bb:7e:a0:
a2:cd:9e:00:90:75:13:cf:b3:0c:22:5e:55:8f:60:
9f:6e:c3:b8:46:ee:c5:ad:09:e3:fa:96:6f:6e:9e:
bb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:73:A5:56:49:80:F1:BC:C9:3F:C0:29:F2:FA:DD:C0:6D:61:46:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/091CBC62F64C11EFBECD7467762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.87.0-156.238.96.255
156.238.101.0-156.238.103.255
156.246.30.0/24
156.253.37.0-156.253.38.255
156.253.40.0/24
156.253.43.0-156.253.44.255
156.253.49.0/24
Signature Algorithm: sha256WithRSAEncryption
66:1c:da:f2:98:92:05:f3:79:ab:2f:10:7d:63:8e:ae:cc:be:
90:8f:c1:52:1e:2e:ea:7e:5b:5c:0e:ee:53:95:af:cc:33:9c:
ef:10:a7:54:b5:8c:13:8b:9f:bd:a9:e1:7e:03:98:e0:8e:cb:
21:6b:7f:ca:ff:f0:6d:f8:aa:05:a1:b4:10:16:45:50:2b:31:
71:c2:14:77:95:1a:ef:8f:89:e8:08:f0:59:c6:01:e9:fd:17:
b0:b0:54:52:54:9e:99:3a:af:ed:e4:16:89:21:10:f3:7f:0b:
3c:1e:1d:95:95:96:11:db:1a:47:3e:4a:be:17:d0:8c:cb:16:
2c:d7:cf:9f:0c:f1:8d:e9:7c:77:37:70:6e:d8:e7:f9:57:b3:
fb:60:f9:c8:9d:fa:3c:ae:19:cc:15:f7:2d:81:d5:cf:4e:59:
f9:69:7d:fb:3a:e9:b1:89:3d:39:84:14:bb:df:53:2f:5a:8e:
b9:2f:e7:e7:26:1f:93:7c:3c:30:c0:c2:11:17:f9:d1:c6:fe:
1d:d0:0d:cc:b5:9b:4a:c3:9f:40:3d:ae:d1:39:09:13:84:8a:
91:dc:e5:83:c9:bc:77:0a:66:f6:2e:4d:86:e8:aa:7d:86:4b:
86:0f:28:bc:88:06:06:90:eb:1d:8a:7f:3f:38:5a:1a:f6:27:
7d:d9:b1:55
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIDAT+CMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAxMDMxOTQ3WhcNMjgwMjIyMDMxOTQ3WjAYMRYw
FAYDVQQDEw02N2MyN2NkNi01MTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu14AauNRhGHO2CuPcMNq9oZ+vsr7pUEmXnn9yirnusEYhC8fx2Dpuhnh
4UCMazSBzBdG/j/7klGh/3MQ7OI0cecYLKcoBF7C7cL5n2UEQzLnEAQQ/3P48dAe
5ivT9rA0/Ez5eb1oXQ7TB/jxn4xuwAdRZTybGDFdgolEFrWqw2zgY9KP223gXW37
aj8x/CpG6x9yl1h6ZkAV5udjaMkMcBIRY6IrPPviJ4qZdVjyazCZaW8pKmB76N5c
65ZJyjpCNAK7XrOd4cX+NG9+l6YRyXZlgm9mXA3/mU8pEoS7fqCizZ4AkHUTz7MM
Il5Vj2CfbsO4Ru7FrQnj+pZvbp67WQIDAQABo4IC5jCCAuIwHQYDVR0OBBYEFEdz
pVZJgPG8yT/AKfL63cBtYUYaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wOTFDQkM2MkY2NEMxMUVGQkVDRDc0Njc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBACc7lcDBACc7mAwDAMEAJzu
ZQMEA5zuYAMEAJz2HjAMAwQAnP0lAwQAnP0mAwQAnP0oMAwDBACc/SsDBACc/SwD
BACc/TEwDQYJKoZIhvcNAQELBQADggEBAGYc2vKYkgXzeasvEH1jjq7MvpCPwVIe
Lup+W1wO7lOVr8wznO8Qp1S1jBOLn72p4X4DmOCOyyFrf8r/8G34qgWhtBAWRVAr
MXHCFHeVGu+PiegI8FnGAen9F7CwVFJUnpk6r+3kFokhEPN/CzweHZWVlhHbGkc+
Sr4X0IzLFizXz58M8Y3pfHc3cG7Y5/lXs/tg+cid+jyuGcwV9y2B1c9OWflpffs6
6bGJPTmEFLvfUy9ajrkv5+cmH5N8PDDAwhEX+dHG/h3QDcy1m0rDn0A9rtE5CROE
ipHc5YPJvHcKZvYuTYboqn2GS4YPKLyIBgaQ6x2Kfz84Whr2J33ZsVU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:18:14 2025 by rpki-client