Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53BFE04400BC11F08198FEAB762E951A.roa
File: 53BFE04400BC11F08198FEAB762E951A.roa (raw, json)
Hash identifier: ndLWBNXACE0f2pR/fMNi+Ghbz0gU+L5mWV+VzJkfPAU=
Subject key identifier: 34:C2:EA:4B:F5:7F:12:2B:58:3E:48:6A:AA:2B:09:C1:5B:81:FE:DB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0145D8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53BFE04400BC11F08198FEAB762E951A.roa
Signing time: Fri 14 Mar 2025 10:08:51 +0000
ROA not before: Fri 14 Mar 2025 10:08:47 +0000
ROA not after: Tue 08 Apr 2025 10:08:47 +0000
asID: 131471
IP address blocks: 156.238.64.0/24 maxlen: 24
156.238.65.0/24 maxlen: 24
156.238.66.0/24 maxlen: 24
156.238.67.0/24 maxlen: 24
156.238.68.0/24 maxlen: 24
156.238.69.0/24 maxlen: 24
156.238.70.0/24 maxlen: 24
156.238.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83416 (0x145d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 14 10:08:47 2025 GMT
Not After : Apr 8 10:08:47 2025 GMT
Subject: CN=67d40033-0aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:52:f3:2d:b6:79:f6:02:03:5f:79:79:db:d0:
3c:b6:c3:d9:29:e6:5f:fc:23:a3:00:91:8a:49:00:
3e:e5:9e:c2:dd:f6:9c:84:73:0e:78:58:fd:66:4f:
18:d6:7c:11:90:50:29:87:b0:18:5e:e1:63:04:fd:
82:74:f2:c5:3c:97:53:6f:df:af:83:73:4a:43:16:
88:e9:13:63:c9:13:33:d4:f5:10:e3:51:77:35:d2:
b2:8c:17:da:5a:21:e5:57:a7:e6:c3:cc:2f:33:ff:
fd:23:34:31:6b:57:82:7e:72:38:82:f9:29:5d:49:
18:24:22:4c:35:51:8a:1d:db:e1:76:ce:e1:6a:9b:
21:56:b8:c0:ae:95:9c:90:13:70:c8:4a:11:b2:79:
ce:0e:ab:1c:0d:82:cd:5b:cb:3a:17:e7:48:96:33:
d0:2b:93:39:a5:d2:55:61:88:6d:a2:cf:8c:c8:dc:
45:b2:15:03:e4:91:b2:60:ac:9c:19:0f:ec:36:8a:
b6:a0:8f:0e:57:93:aa:dd:b2:c0:6b:91:be:d1:d3:
77:9b:18:e5:49:c4:ac:68:cf:43:dc:2d:cb:de:1a:
98:f4:f8:f0:51:eb:d5:64:29:96:ad:ce:23:5b:95:
f2:76:ea:12:2d:b1:83:13:55:e6:a6:04:e4:0e:12:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C2:EA:4B:F5:7F:12:2B:58:3E:48:6A:AA:2B:09:C1:5B:81:FE:DB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/53BFE04400BC11F08198FEAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.64.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:05:a5:2b:23:ac:b5:f0:99:3e:79:a1:ca:51:75:31:42:d6:
29:97:f1:25:28:30:51:66:95:a3:37:7a:a2:5b:e6:0d:5d:44:
eb:4a:c7:52:63:30:bc:27:e7:e0:09:ec:ec:96:62:68:64:2b:
b8:ab:07:3c:3e:d0:88:95:a6:4c:b9:79:44:af:43:98:8b:34:
8a:8d:55:d3:2e:84:cb:8b:38:ce:b4:af:3a:a8:a3:54:a7:66:
9a:ae:b6:a1:0f:a4:69:d7:6f:4f:5f:16:f7:ae:f7:02:38:22:
44:88:cb:15:28:70:4f:20:9c:16:1e:1b:44:e6:e4:c5:27:1e:
62:eb:49:7a:f4:21:c4:b0:ef:26:2b:eb:7f:38:16:d4:04:ee:
33:0c:6c:e2:6a:91:6c:fa:6b:d0:00:77:d4:74:02:2c:c3:01:
01:7c:f5:25:c8:96:be:fc:a1:2a:02:10:d9:f0:f9:eb:18:fb:
2c:14:96:89:15:18:81:c5:28:01:f4:35:74:cf:64:ea:58:63:
6f:57:39:60:14:37:2e:0f:5f:10:b6:b3:8f:8e:be:82:34:00:
4a:cf:b0:0c:99:cc:c7:b1:bd:3f:c6:19:0b:17:d6:80:d8:ea:
8c:0d:91:ab:0e:ab:cc:f5:d8:77:09:66:1a:05:12:95:8d:4d:
3e:18:b2:45
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUXYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE0MTAwODQ3WhcNMjUwNDA4MTAwODQ3WjAYMRYw
FAYDVQQDEw02N2Q0MDAzMy0wYWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyVLzLbZ59gIDX3l529A8tsPZKeZf/COjAJGKSQA+5Z7C3fachHMOeFj9
Zk8Y1nwRkFAph7AYXuFjBP2CdPLFPJdTb9+vg3NKQxaI6RNjyRMz1PUQ41F3NdKy
jBfaWiHlV6fmw8wvM//9IzQxa1eCfnI4gvkpXUkYJCJMNVGKHdvhds7hapshVrjA
rpWckBNwyEoRsnnODqscDYLNW8s6F+dIljPQK5M5pdJVYYhtos+MyNxFshUD5JGy
YKycGQ/sNoq2oI8OV5Oq3bLAa5G+0dN3mxjlScSsaM9D3C3L3hqY9PjwUevVZCmW
rc4jW5XyduoSLbGDE1XmpgTkDhLn7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDTC
6kv1fxIrWD5IaqorCcFbgf7bMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81M0JGRTA0NDAwQkMxMUYwODE5OEZFQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO5AMA0GCSqGSIb3DQEBCwUA
A4IBAQCgBaUrI6y18Jk+eaHKUXUxQtYpl/ElKDBRZpWjN3qiW+YNXUTrSsdSYzC8
J+fgCezslmJoZCu4qwc8PtCIlaZMuXlEr0OYizSKjVXTLoTLizjOtK86qKNUp2aa
rrahD6Rp129PXxb3rvcCOCJEiMsVKHBPIJwWHhtE5uTFJx5i60l69CHEsO8mK+t/
OBbUBO4zDGziapFs+mvQAHfUdAIswwEBfPUlyJa+/KEqAhDZ8PnrGPssFJaJFRiB
xSgB9DV0z2TqWGNvVzlgFDcuD18QtrOPjr6CNABKz7AMmczHsb0/xhkLF9aA2OqM
DZGrDqvM9dh3CWYaBRKVjU0+GLJF
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:13 2025 by rpki-client