Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D9FB8D8107411F09F970FAA762E951A.roa
File: 5D9FB8D8107411F09F970FAA762E951A.roa (raw, json)
Hash identifier: a/kfKeZubnOUOczgBcuPQlty5CA2WRSuogAckDLardY=
Subject key identifier: A5:CA:59:75:B6:18:10:AD:5C:90:5B:E7:70:98:F0:BC:97:54:A5:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149B8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D9FB8D8107411F09F970FAA762E951A.roa
Signing time: Thu 03 Apr 2025 10:14:02 +0000
ROA not before: Thu 03 Apr 2025 10:13:58 +0000
ROA not after: Tue 03 Jun 2025 10:13:58 +0000
asID: 138152
IP address blocks: 156.232.6.0/23 maxlen: 24
156.232.9.0/24 maxlen: 24
156.232.10.0/24 maxlen: 24
156.232.11.0/24 maxlen: 24
156.232.13.0/24 maxlen: 24
156.236.72.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84408 (0x149b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 3 10:13:58 2025 GMT
Not After : Jun 3 10:13:58 2025 GMT
Subject: CN=67ee5f6a-bcbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a5:46:75:7c:7d:4d:3b:6e:e3:6e:ef:3a:3b:
b5:1e:8e:74:d5:56:a9:57:ae:fe:31:68:58:4c:59:
7c:a5:b8:be:de:26:9a:e2:de:f0:d6:11:0c:3e:75:
21:45:70:48:49:5f:5d:57:90:e8:8d:49:25:2a:b6:
b6:4c:c6:08:b2:fa:3d:ee:da:6f:a0:c2:93:0d:0e:
5d:b3:76:41:c6:26:50:13:d2:ca:9d:ad:f3:16:27:
b8:fb:3e:3a:ca:69:d0:92:09:6d:73:a6:1f:1c:48:
10:f4:6c:6f:1e:d7:c0:ba:4b:75:61:2b:1c:5d:ef:
92:69:06:b4:29:11:be:70:70:66:17:3b:69:6d:02:
0f:21:e6:eb:45:24:22:a1:36:4c:d6:cf:cd:a8:d0:
f1:54:3f:a5:95:2d:d4:d6:fb:43:b2:4b:45:c8:60:
f0:56:75:d5:aa:f1:76:39:ec:eb:e2:16:00:e3:ea:
0d:90:c4:94:4d:6e:b7:61:28:f2:4c:d1:4e:15:d1:
ff:3c:50:96:62:58:5a:a7:3b:b9:38:86:2a:a3:9d:
70:02:bb:62:d3:df:ca:95:b1:fe:8d:14:0b:54:11:
5a:51:83:48:03:21:18:30:35:ec:1b:78:f2:aa:4d:
d5:de:e9:c1:2f:04:85:e1:35:8c:38:94:31:9d:99:
8c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CA:59:75:B6:18:10:AD:5C:90:5B:E7:70:98:F0:BC:97:54:A5:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5D9FB8D8107411F09F970FAA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.6.0/23
156.232.9.0-156.232.11.255
156.232.13.0/24
156.236.72.0/22
Signature Algorithm: sha256WithRSAEncryption
16:9d:2b:5d:19:65:aa:ce:a2:07:31:61:bc:03:75:e2:f4:e3:
b9:e3:3c:23:f6:e8:1b:bf:0b:41:c2:17:39:72:38:4e:ca:02:
13:ec:d8:64:6b:23:53:52:2d:25:3e:d6:41:b4:6e:44:92:f7:
b1:f2:e0:6b:e7:b1:36:39:ef:74:84:04:cc:f5:cb:9f:53:1c:
03:3f:a3:9d:5b:98:5a:bd:0d:3d:c6:bc:9e:8b:d4:82:aa:91:
cf:76:e3:42:17:08:0e:e8:b9:d3:dc:d6:fc:57:65:0e:fb:07:
21:92:38:fb:1b:c7:90:62:d5:ef:58:cd:ee:31:c8:47:80:c7:
b0:5a:ad:d9:2a:d1:10:3c:da:06:28:3c:5c:fe:5a:30:9e:f7:
9e:00:69:0a:67:2d:88:d8:9d:9d:4a:2a:51:6e:60:2a:e2:9e:
eb:3f:62:2d:48:79:8d:a6:a2:67:a1:b4:85:aa:d3:da:c3:1b:
d9:16:74:e1:4d:d5:3b:38:14:67:48:4c:0f:de:f6:fb:c2:b5:
4c:45:b2:69:43:74:b5:5e:4d:5d:70:98:13:cc:7a:54:e9:36:
87:f1:a0:4a:92:b0:6a:de:0d:fe:4b:f0:19:53:09:1c:db:42:
0d:d3:7a:07:f3:bd:08:e3:86:7f:f6:06:b9:c8:e6:ed:82:de:
31:12:d1:c0
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAUm4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTAxMzU4WhcNMjUwNjAzMTAxMzU4WjAYMRYw
FAYDVQQDEw02N2VlNWY2YS1iY2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxqVGdXx9TTtu427vOju1Ho501VapV67+MWhYTFl8pbi+3iaa4t7w1hEM
PnUhRXBISV9dV5DojUklKra2TMYIsvo97tpvoMKTDQ5ds3ZBxiZQE9LKna3zFie4
+z46ymnQkgltc6YfHEgQ9GxvHtfAukt1YSscXe+SaQa0KRG+cHBmFztpbQIPIebr
RSQioTZM1s/NqNDxVD+llS3U1vtDsktFyGDwVnXVqvF2Oezr4hYA4+oNkMSUTW63
YSjyTNFOFdH/PFCWYlhapzu5OIYqo51wArti09/KlbH+jRQLVBFaUYNIAyEYMDXs
G3jyqk3V3unBLwSF4TWMOJQxnZmM4wIDAQABo4ICvDCCArgwHQYDVR0OBBYEFKXK
WXW2GBCtXJBb53CY8LyXVKVKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RDlGQjhEODEwNzQxMUYwOUY5NzBGQUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBnOgGMAwDBACc6AkDBAKc6AgD
BACc6A0DBAKc7EgwDQYJKoZIhvcNAQELBQADggEBABadK10ZZarOogcxYbwDdeL0
47njPCP26Bu/C0HCFzlyOE7KAhPs2GRrI1NSLSU+1kG0bkSS97Hy4GvnsTY573SE
BMz1y59THAM/o51bmFq9DT3GvJ6L1IKqkc9240IXCA7oudPc1vxXZQ77ByGSOPsb
x5Bi1e9Yze4xyEeAx7Bardkq0RA82gYoPFz+WjCe954AaQpnLYjYnZ1KKlFuYCri
nus/Yi1IeY2momehtIWq09rDG9kWdOFN1Ts4FGdITA/e9vvCtUxFsmlDdLVeTV1w
mBPMelTpNofxoEqSsGreDf5L8BlTCRzbQg3TegfzvQjjhn/2BrnI5u2C3jES0cA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:16 2025 by rpki-client