Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E55BB92F4F211EF94E17A9D762E951A.roa
File: 2E55BB92F4F211EF94E17A9D762E951A.roa (raw, json)
Hash identifier: nTCFdtHHaj6aZslLBQPOeKcxE8HtwRDJ6GHXee5pTZs=
Subject key identifier: 01:E2:ED:4F:AF:CA:F6:47:4C:15:2D:93:E3:EB:E8:E1:7E:CF:3D:9C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0139E0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E55BB92F4F211EF94E17A9D762E951A.roa
Signing time: Thu 27 Feb 2025 10:04:07 +0000
ROA not before: Thu 27 Feb 2025 10:03:58 +0000
ROA not after: Thu 19 Feb 2026 10:03:58 +0000
asID: 984
IP address blocks: 156.236.86.0/24 maxlen: 24
156.236.87.0/24 maxlen: 24
156.236.101.0/24 maxlen: 24
156.236.102.0/24 maxlen: 24
156.236.103.0/24 maxlen: 24
156.236.104.0/24 maxlen: 24
156.236.122.0/24 maxlen: 24
156.239.55.0/24 maxlen: 24
156.239.56.0/24 maxlen: 24
156.239.57.0/24 maxlen: 24
156.239.58.0/24 maxlen: 24
156.239.59.0/24 maxlen: 24
156.239.61.0/24 maxlen: 24
156.239.62.0/24 maxlen: 24
156.239.63.0/24 maxlen: 24
156.239.64.0/24 maxlen: 24
156.239.65.0/24 maxlen: 24
156.239.66.0/24 maxlen: 24
156.239.67.0/24 maxlen: 24
156.239.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80352 (0x139e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 10:03:58 2025 GMT
Not After : Feb 19 10:03:58 2026 GMT
Subject: CN=67c03897-16d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c0:34:6b:fc:79:70:f2:60:76:59:b4:92:3e:
f7:99:83:4a:dc:3e:bd:07:69:c0:ba:84:7b:b7:f7:
fe:94:66:f7:89:50:b4:62:f7:08:fa:a4:92:9b:78:
2b:bc:5a:70:3b:cb:9e:85:83:5b:e9:f7:6a:a7:7f:
39:6d:35:c8:a8:60:2c:fa:7d:01:c2:32:59:98:95:
5e:57:cd:67:93:5f:f6:6b:cd:68:81:9d:ca:31:74:
9d:df:f9:94:28:9a:e4:3a:0f:19:e2:44:98:e1:3a:
e3:81:9d:26:c6:64:47:f1:d3:91:2b:da:e5:b5:1f:
64:1a:38:b1:f5:bf:eb:e1:c6:6b:54:d9:d5:1e:76:
5b:e2:01:0c:63:84:06:1c:99:b2:ac:ef:7f:01:30:
57:ae:eb:16:15:69:20:42:9b:44:e2:4b:b9:a7:91:
86:6c:0e:fb:4c:38:92:49:c4:52:69:f6:5c:ea:d0:
8c:d4:a2:e4:c7:22:70:34:ab:30:60:52:3e:79:86:
e6:a6:7c:05:3c:cc:44:2e:0b:2c:43:b8:00:b7:68:
d5:30:74:1a:01:fe:be:06:df:ba:f7:9b:23:70:78:
56:d0:47:e5:49:f5:16:e0:57:07:8f:4d:a1:dc:70:
ee:d6:14:68:db:4f:d0:d9:39:d9:a0:74:25:29:6a:
4e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E2:ED:4F:AF:CA:F6:47:4C:15:2D:93:E3:EB:E8:E1:7E:CF:3D:9C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E55BB92F4F211EF94E17A9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.86.0/23
156.236.101.0-156.236.104.255
156.236.122.0/24
156.239.55.0-156.239.59.255
156.239.61.0-156.239.68.255
Signature Algorithm: sha256WithRSAEncryption
ab:e0:d8:e4:10:83:3a:36:06:7d:58:c4:46:93:f4:21:11:95:
2a:bf:b9:3c:2e:81:b0:e2:21:e3:da:a3:47:67:05:a6:94:b1:
ce:76:d0:5a:78:4c:28:99:d9:8f:78:0c:dd:39:ec:ab:63:97:
0f:67:7f:7d:f5:0f:48:7e:23:62:72:15:30:38:64:60:2d:88:
7f:f3:38:dd:cb:9f:9b:58:32:a1:77:8b:4e:e1:85:16:84:0a:
14:90:59:0b:4e:c8:8c:ae:8d:6f:20:ad:d0:c1:cc:78:e9:68:
4d:ff:7e:67:c2:61:5d:9d:24:bd:07:ef:63:7a:3f:83:74:99:
ea:f5:09:09:c3:75:09:8a:7e:cb:20:44:7a:da:3b:dd:06:25:
fe:b2:d5:6e:db:c5:ea:34:8b:aa:63:6d:6a:a4:9a:77:2a:a3:
ce:98:ea:61:9c:1f:14:1b:69:a5:b5:f2:a1:89:1a:27:45:05:
db:cd:bd:66:d2:83:d1:c5:3f:b7:c1:05:ca:be:45:ba:c2:65:
11:e8:3e:7a:ac:d8:89:f2:96:e5:d6:7d:d2:1e:3f:27:5a:8a:
65:08:62:12:8e:3c:2e:d5:a6:d8:c3:5a:23:e1:96:cc:c9:cb:
fa:91:36:99:e9:27:ab:ca:94:4a:06:a4:07:8b:a0:66:47:68:
5e:f2:0e:34
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgIDATngMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MTAwMzU4WhcNMjYwMjE5MTAwMzU4WjAYMRYw
FAYDVQQDEw02N2MwMzg5Ny0xNmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvcA0a/x5cPJgdlm0kj73mYNK3D69B2nAuoR7t/f+lGb3iVC0YvcI+qSS
m3grvFpwO8uehYNb6fdqp385bTXIqGAs+n0BwjJZmJVeV81nk1/2a81ogZ3KMXSd
3/mUKJrkOg8Z4kSY4TrjgZ0mxmRH8dORK9rltR9kGjix9b/r4cZrVNnVHnZb4gEM
Y4QGHJmyrO9/ATBXrusWFWkgQptE4ku5p5GGbA77TDiSScRSafZc6tCM1KLkxyJw
NKswYFI+eYbmpnwFPMxELgssQ7gAt2jVMHQaAf6+Bt+695sjcHhW0EflSfUW4FcH
j02h3HDu1hRo20/Q2TnZoHQlKWpOuwIDAQABo4IC0jCCAs4wHQYDVR0OBBYEFAHi
7U+vyvZHTBUtk+Pr6OF+zz2cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTU1QkI5MkY0RjIxMUVGOTRFMTdBOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
ME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBnOxWMAwDBACc7GUDBACc7GgD
BACc7HowDAMEAJzvNwMEApzvODAMAwQAnO89AwQAnO9EMA0GCSqGSIb3DQEBCwUA
A4IBAQCr4NjkEIM6NgZ9WMRGk/QhEZUqv7k8LoGw4iHj2qNHZwWmlLHOdtBaeEwo
mdmPeAzdOeyrY5cPZ3999Q9IfiNichUwOGRgLYh/8zjdy5+bWDKhd4tO4YUWhAoU
kFkLTsiMro1vIK3Qwcx46WhN/35nwmFdnSS9B+9jej+DdJnq9QkJw3UJin7LIER6
2jvdBiX+stVu28XqNIuqY21qpJp3KqPOmOphnB8UG2mltfKhiRonRQXbzb1m0oPR
xT+3wQXKvkW6wmUR6D56rNiJ8pbl1n3SHj8nWoplCGISjjwu1abYw1oj4ZbMycv6
kTaZ6SerypRKBqQHi6BmR2he8g40
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:34 2025 by rpki-client