Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14E933CCF5AC11EF9D867798762E951A.roa
File: 14E933CCF5AC11EF9D867798762E951A.roa (raw, json)
Hash identifier: 7VrZB1FHBL4+7t4KYbdOW1DyBhD7rHdeuFTYSHGaL3I=
Subject key identifier: D3:C4:C2:49:E1:2F:BA:B1:14:37:A4:5C:FB:03:F0:E3:5F:6B:79:28
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013C8E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14E933CCF5AC11EF9D867798762E951A.roa
Signing time: Fri 28 Feb 2025 08:14:51 +0000
ROA not before: Fri 28 Feb 2025 08:14:47 +0000
ROA not after: Thu 19 Feb 2026 08:14:47 +0000
asID: 984
IP address blocks: 156.243.32.0/24 maxlen: 24
156.243.34.0/24 maxlen: 24
156.243.35.0/24 maxlen: 24
156.243.38.0/24 maxlen: 24
156.243.40.0/24 maxlen: 24
156.243.41.0/24 maxlen: 24
156.243.43.0/24 maxlen: 24
156.243.44.0/24 maxlen: 24
156.243.46.0/24 maxlen: 24
156.243.47.0/24 maxlen: 24
156.243.48.0/24 maxlen: 24
156.243.49.0/24 maxlen: 24
156.243.52.0/24 maxlen: 24
156.243.53.0/24 maxlen: 24
156.243.54.0/24 maxlen: 24
156.243.55.0/24 maxlen: 24
156.243.56.0/24 maxlen: 24
156.249.62.0/24 maxlen: 24
156.249.63.0/24 maxlen: 24
156.249.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81038 (0x13c8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 08:14:47 2025 GMT
Not After : Feb 19 08:14:47 2026 GMT
Subject: CN=67c1707a-b6f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:03:99:07:5c:17:44:1f:dd:8a:67:d9:3b:a9:
91:d8:e1:da:d3:2e:22:ee:bd:c2:e8:f8:89:e7:d2:
ed:cb:38:80:85:8b:c1:19:86:fe:c2:16:1e:56:16:
ab:48:49:e4:7f:9b:3e:ce:60:fd:e9:da:57:58:59:
5b:3f:55:64:dc:ff:0e:f9:24:f3:44:31:d8:f2:ba:
38:9f:77:58:d3:6c:7a:a0:9b:ae:2e:4a:b2:e8:52:
bf:9e:86:b8:2c:87:cb:c6:35:8d:4f:78:ed:7f:45:
97:34:3b:24:f1:01:8f:e8:e3:b5:26:a8:0c:5d:46:
e9:49:a4:5b:19:4a:2d:b6:45:58:e4:1d:23:3a:0a:
77:bd:fc:ee:b0:5c:47:82:07:44:16:d3:89:9c:72:
86:ee:2b:88:5b:1f:70:ba:c1:bd:f3:63:c5:ec:09:
10:12:eb:7c:95:db:d1:27:55:49:b5:e8:c0:4b:77:
69:16:91:5d:d4:51:ad:a7:7d:f3:62:91:ce:4b:a1:
ab:cd:76:5a:f7:05:a0:2d:89:41:12:5b:ef:ba:2b:
12:44:33:45:af:3c:19:b3:f6:38:aa:38:e5:83:67:
d8:d7:fb:b9:1d:fa:d8:a7:72:7d:e2:c9:83:f0:a5:
95:6b:50:59:34:86:8a:2f:7a:d3:b4:72:8d:74:a0:
11:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C4:C2:49:E1:2F:BA:B1:14:37:A4:5C:FB:03:F0:E3:5F:6B:79:28
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14E933CCF5AC11EF9D867798762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.32.0/24
156.243.34.0/23
156.243.38.0/24
156.243.40.0/23
156.243.43.0-156.243.44.255
156.243.46.0-156.243.49.255
156.243.52.0-156.243.56.255
156.249.62.0/23
156.249.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:c0:fb:48:24:0c:d3:e6:e2:08:1b:4c:0b:f6:a4:40:89:05:
df:7c:2e:51:37:61:62:db:a9:b0:cc:d3:c3:fa:50:5b:52:ce:
54:29:ca:74:6f:92:9b:e0:6b:52:ba:0d:6a:ca:51:6b:a6:3e:
87:d4:25:41:31:c5:da:f7:f1:ff:8d:2d:00:e1:f7:35:79:27:
34:c9:2c:53:c0:84:ac:fa:30:df:7d:92:08:d9:46:d1:45:49:
7d:24:86:17:46:ec:44:e7:78:b3:bb:e0:24:1a:db:71:fa:d4:
b4:86:65:a9:17:28:17:6b:01:da:36:e4:66:de:02:73:91:0f:
e5:f5:e8:06:49:70:52:81:42:2e:ce:68:08:e3:b6:f0:1a:4d:
cb:dc:23:22:b4:c3:8c:5c:b4:0e:13:21:83:16:d1:38:e0:f7:
24:00:5c:63:ef:cb:6e:4a:9d:65:92:9e:2d:33:2d:3e:85:23:
24:f6:8c:8e:1c:e6:86:41:a7:68:97:dd:51:d6:93:95:56:6f:
03:50:4e:06:b3:3d:f8:fb:d8:71:91:41:33:9f:49:c7:47:2b:
c5:08:fe:ff:99:f8:fb:8a:3e:48:2d:2a:71:ab:27:58:73:6a:
46:eb:07:3c:7c:7a:ef:dc:9f:91:cf:f8:8d:56:8e:0f:05:d5:
85:68:44:d3
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIDATyOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MDgxNDQ3WhcNMjYwMjE5MDgxNDQ3WjAYMRYw
FAYDVQQDEw02N2MxNzA3YS1iNmY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuwOZB1wXRB/dimfZO6mR2OHa0y4i7r3C6PiJ59LtyziAhYvBGYb+whYe
VharSEnkf5s+zmD96dpXWFlbP1Vk3P8O+STzRDHY8ro4n3dY02x6oJuuLkqy6FK/
noa4LIfLxjWNT3jtf0WXNDsk8QGP6OO1JqgMXUbpSaRbGUottkVY5B0jOgp3vfzu
sFxHggdEFtOJnHKG7iuIWx9wusG982PF7AkQEut8ldvRJ1VJtejAS3dpFpFd1FGt
p33zYpHOS6GrzXZa9wWgLYlBElvvuisSRDNFrzwZs/Y4qjjlg2fY1/u5HfrYp3J9
4smD8KWVa1BZNIaKL3rTtHKNdKAR6QIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFNPE
wknhL7qxFDekXPsD8ONfa3koMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNEU5MzNDQ0Y1QUMxMUVGOUQ4Njc3OTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAnPMgAwQBnPMiAwQAnPMmAwQB
nPMoMAwDBACc8ysDBACc8ywwDAMEAZzzLgMEAZzzMDAMAwQCnPM0AwQAnPM4AwQB
nPk+AwQAnPlVMA0GCSqGSIb3DQEBCwUAA4IBAQC5wPtIJAzT5uIIG0wL9qRAiQXf
fC5RN2Fi26mwzNPD+lBbUs5UKcp0b5Kb4GtSug1qylFrpj6H1CVBMcXa9/H/jS0A
4fc1eSc0ySxTwISs+jDffZII2UbRRUl9JIYXRuxE53izu+AkGttx+tS0hmWpFygX
awHaNuRm3gJzkQ/l9egGSXBSgUIuzmgI47bwGk3L3CMitMOMXLQOEyGDFtE44Pck
AFxj78tuSp1lkp4tMy0+hSMk9oyOHOaGQadol91R1pOVVm8DUE4Gsz34+9hxkUEz
n0nHRyvFCP7/mfj7ij5ILSpxqydYc2pG6wc8fHrv3J+Rz/iNVo4PBdWFaETT
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:28 2025 by rpki-client