Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3098D46803FA11F093E7CC71762E951A.roa
File: 3098D46803FA11F093E7CC71762E951A.roa (raw, json)
Hash identifier: pFWpzMkspu6lrpBi0LLfIcmWC1l9DzAbRBkgesCr+08=
Subject key identifier: C6:73:2F:E7:04:55:3D:F8:B2:6A:CB:14:C8:0A:BD:40:75:CA:86:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0146C5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3098D46803FA11F093E7CC71762E951A.roa
Signing time: Tue 18 Mar 2025 13:09:14 +0000
ROA not before: Tue 18 Mar 2025 13:09:10 +0000
ROA not after: Sun 27 Apr 2025 13:09:10 +0000
asID: 202656
IP address blocks: 156.246.161.0/24 maxlen: 24
156.246.162.0/24 maxlen: 24
156.246.163.0/24 maxlen: 24
156.246.164.0/24 maxlen: 24
156.246.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83653 (0x146c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 18 13:09:10 2025 GMT
Not After : Apr 27 13:09:10 2025 GMT
Subject: CN=67d9707a-9226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:47:df:a8:f9:bd:d6:7b:a2:ac:55:4e:f9:8e:
cd:e3:6a:4b:a2:23:a2:64:44:67:5c:ec:d6:c5:b7:
39:4e:a4:2c:79:49:14:61:0d:d5:ab:1c:fc:61:79:
06:51:98:f2:d9:03:86:d5:12:11:1e:7a:56:e4:d9:
f3:9a:8a:c1:3e:98:8a:df:90:40:9b:d8:b1:b3:80:
7c:b4:64:c8:5b:9b:df:ac:04:ef:5a:80:cf:21:4f:
ed:80:2c:cf:35:6a:fd:1a:2e:a8:a4:eb:5e:1e:b4:
1b:48:fe:a1:65:05:f5:35:c6:19:96:6a:0d:d4:77:
95:b0:e1:09:a3:57:3d:54:3e:cb:7f:91:6e:5e:09:
bb:c9:7e:25:1b:90:51:e2:9f:e5:74:3b:b5:08:59:
29:ce:bc:58:c4:1b:24:e5:ba:b8:d6:18:68:95:4f:
6b:31:01:4e:9d:07:63:d5:92:4f:d1:b7:6c:be:b1:
46:0e:d2:a1:ef:94:07:30:26:18:5c:f7:dd:bb:92:
af:5e:97:8e:16:4b:59:4a:73:8c:56:96:dd:fe:8c:
4e:44:9c:92:32:b7:4a:89:3e:24:7d:de:41:ea:8f:
d0:fa:64:0c:b0:8c:b9:8b:7a:ce:14:c9:18:68:5d:
24:39:b1:41:a8:a6:44:50:29:54:f6:97:c0:f7:2c:
91:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:73:2F:E7:04:55:3D:F8:B2:6A:CB:14:C8:0A:BD:40:75:CA:86:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3098D46803FA11F093E7CC71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.161.0-156.246.165.255
Signature Algorithm: sha256WithRSAEncryption
76:17:25:c5:fc:48:c2:34:f0:79:75:65:f9:c0:33:c2:cf:1b:
98:7a:81:69:42:8c:1e:94:fc:46:e6:40:2a:24:ef:7e:a1:c4:
a5:bb:fa:b5:02:0f:b0:d0:3c:64:ef:7e:08:a1:63:1d:a7:56:
be:ff:c7:21:af:c7:3b:e4:eb:53:f3:ec:c4:9a:72:41:ea:5a:
bf:0f:1b:c6:21:b5:20:cd:f7:89:da:1a:02:ed:44:6f:38:0a:
e0:99:13:9d:31:92:cd:2a:a5:44:f0:2a:66:ae:38:a2:85:89:
03:ce:b2:b4:fe:8d:d9:f1:81:d5:c5:b1:99:d2:0b:95:65:74:
52:ca:77:6e:84:20:27:ac:96:e5:fc:8c:fc:1b:93:8c:1b:ff:
bb:9a:be:fb:59:3b:71:3f:cb:ae:d2:b7:f3:86:a7:e2:8a:a4:
81:4a:95:5e:f3:3d:56:ee:58:d7:c3:77:d5:d9:83:9b:85:ce:
12:ef:10:c0:13:09:44:79:0a:fb:bd:e4:4a:94:06:db:8d:d8:
d7:3d:0a:74:f2:0f:58:2d:72:70:ea:d5:10:08:84:88:34:d9:
58:42:cf:f8:dd:31:8c:b0:73:9d:57:d5:a8:a6:0c:a0:25:77:
f6:9a:67:8a:d6:3a:d5:c0:88:b5:7a:64:15:ea:7e:0a:75:de:
3f:bb:15:5c
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUbFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE4MTMwOTEwWhcNMjUwNDI3MTMwOTEwWjAYMRYw
FAYDVQQDEw02N2Q5NzA3YS05MjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAukffqPm91nuirFVO+Y7N42pLoiOiZERnXOzWxbc5TqQseUkUYQ3Vqxz8
YXkGUZjy2QOG1RIRHnpW5NnzmorBPpiK35BAm9ixs4B8tGTIW5vfrATvWoDPIU/t
gCzPNWr9Gi6opOteHrQbSP6hZQX1NcYZlmoN1HeVsOEJo1c9VD7Lf5FuXgm7yX4l
G5BR4p/ldDu1CFkpzrxYxBsk5bq41hholU9rMQFOnQdj1ZJP0bdsvrFGDtKh75QH
MCYYXPfdu5KvXpeOFktZSnOMVpbd/oxORJySMrdKiT4kfd5B6o/Q+mQMsIy5i3rO
FMkYaF0kObFBqKZEUClU9pfA9yyRtwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFMZz
L+cEVT34smrLFMgKvUB1yoarMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMDk4RDQ2ODAzRkExMUYwOTNFN0NDNzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc9qEDBAGc9qQwDQYJKoZI
hvcNAQELBQADggEBAHYXJcX8SMI08Hl1ZfnAM8LPG5h6gWlCjB6U/EbmQCok736h
xKW7+rUCD7DQPGTvfgihYx2nVr7/xyGvxzvk61Pz7MSackHqWr8PG8YhtSDN94na
GgLtRG84CuCZE50xks0qpUTwKmauOKKFiQPOsrT+jdnxgdXFsZnSC5VldFLKd26E
ICesluX8jPwbk4wb/7uavvtZO3E/y67St/OGp+KKpIFKlV7zPVbuWNfDd9XZg5uF
zhLvEMATCUR5Cvu95EqUBtuN2Nc9CnTyD1gtcnDq1RAIhIg02VhCz/jdMYywc51X
1aimDKAld/aaZ4rWOtXAiLV6ZBXqfgp13j+7FVw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:06 2025 by rpki-client