Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65FC2668F80211EF84FDF784762E951A.roa
File: 65FC2668F80211EF84FDF784762E951A.roa (raw, json)
Hash identifier: PUnsYJtRTqERcLC/XA7IixpyI0JgSRp61OVrQdIi3nQ=
Subject key identifier: CD:A4:CC:BF:96:10:7C:56:2F:C3:2F:4C:BE:28:62:45:6B:3B:E3:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0140B9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65FC2668F80211EF84FDF784762E951A.roa
Signing time: Mon 03 Mar 2025 07:37:46 +0000
ROA not before: Mon 03 Mar 2025 07:37:42 +0000
ROA not after: Sat 31 May 2025 07:37:42 +0000
asID: 984
IP address blocks: 156.227.128.0/18 maxlen: 24
156.228.0.0/16 maxlen: 24
156.231.0.0/16 maxlen: 24
156.233.64.0/18 maxlen: 24
156.236.128.0/17 maxlen: 24
156.242.64.0/18 maxlen: 24
156.243.64.0/18 maxlen: 24
156.243.128.0/17 maxlen: 24
156.245.128.0/17 maxlen: 24
156.247.64.0/18 maxlen: 24
156.249.64.0/18 maxlen: 24
156.249.128.0/17 maxlen: 24
156.253.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82105 (0x140b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 3 07:37:42 2025 GMT
Not After : May 31 07:37:42 2025 GMT
Subject: CN=67c55c4a-11e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:08:f1:f0:76:1e:ef:d6:d1:bb:56:6a:03:2c:
96:6d:1a:bb:fc:9b:26:e6:57:d6:dc:05:97:f4:e9:
e7:ba:ac:a3:28:16:9c:af:b1:f5:d1:39:c4:a4:b0:
b7:df:50:63:a2:53:0d:6e:ca:da:47:8d:8a:9d:aa:
4e:f2:8a:86:48:ff:6d:c7:d1:7a:db:08:e5:f1:cc:
ff:0c:a2:01:6f:c2:a6:65:d1:b8:10:a1:f4:3e:10:
f3:34:d0:90:3f:70:08:30:26:94:f6:4b:e9:fb:9a:
f6:09:69:51:61:be:07:ca:49:96:56:20:e4:ea:46:
2e:e3:f5:b0:e6:31:29:4f:bc:c9:9d:d9:89:c8:19:
f1:62:ac:71:9e:eb:df:10:9a:00:4a:af:d2:59:e0:
6a:03:76:9a:5f:42:ec:11:58:f3:44:3c:8a:ef:10:
d9:bf:34:ab:d1:e5:d1:4a:32:11:74:a2:6b:50:76:
b8:e1:b2:2b:53:98:47:52:aa:44:c5:5c:f4:9e:8c:
32:72:a9:cd:5f:a2:1c:9b:d4:95:d2:88:78:e5:e8:
4f:2d:7a:64:78:2c:96:e9:86:8a:5a:f6:e0:39:ff:
85:d7:dd:70:88:8e:e3:84:87:cd:67:07:af:4e:4f:
47:eb:69:ac:fa:93:aa:8f:1f:f5:07:e1:60:1c:4e:
0b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A4:CC:BF:96:10:7C:56:2F:C3:2F:4C:BE:28:62:45:6B:3B:E3:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/65FC2668F80211EF84FDF784762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.128.0/18
156.228.0.0/16
156.231.0.0/16
156.233.64.0/18
156.236.128.0/17
156.242.64.0/18
156.243.64.0-156.243.255.255
156.245.128.0/17
156.247.64.0/18
156.249.64.0-156.249.255.255
156.253.128.0/17
Signature Algorithm: sha256WithRSAEncryption
63:d6:db:a0:0d:59:3b:85:9b:09:55:aa:a7:c0:de:5d:0b:64:
73:68:e0:16:9f:df:ca:75:c7:c7:88:f9:d3:02:7a:09:08:2d:
f1:b9:dc:b1:0e:ce:40:9a:f7:c1:32:4a:db:ea:ef:9b:3f:29:
40:0c:67:6d:4a:11:db:ab:29:a9:21:f0:32:4f:60:ba:2d:ec:
dd:96:8e:4b:20:36:bb:42:10:28:44:4c:a5:ab:6f:03:f7:36:
49:ac:a7:fa:d6:db:b6:37:50:46:19:92:aa:0a:5b:b0:20:f0:
de:f0:f2:18:9b:77:32:13:aa:6d:3a:ac:27:46:89:48:03:24:
67:e5:27:46:a0:2f:a5:3e:4d:6d:37:e9:8d:e1:7f:47:ba:7e:
dc:89:ea:c0:05:58:a4:54:fe:7d:7e:6b:76:c9:06:38:38:4b:
b2:21:09:db:27:0b:fe:e1:48:62:7b:f9:d3:e9:bd:2d:a2:9c:
7c:cc:f2:99:9c:46:bd:ff:c9:b3:a0:9b:3e:8f:e0:fd:5c:79:
b9:81:df:dd:a7:fa:56:0b:8f:c9:50:a2:d7:83:25:0f:78:14:
32:19:92:ee:95:51:5d:62:bb:c3:45:94:bd:0b:9a:23:7e:1e:
fa:06:97:ec:f8:77:f6:0e:83:59:56:65:03:b8:a3:8d:0a:1c:
1d:2c:75:e3
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIDAUC5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzAzMDczNzQyWhcNMjUwNTMxMDczNzQyWjAYMRYw
FAYDVQQDEw02N2M1NWM0YS0xMWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnQjx8HYe79bRu1ZqAyyWbRq7/Jsm5lfW3AWX9OnnuqyjKBacr7H10TnE
pLC331BjolMNbsraR42KnapO8oqGSP9tx9F62wjl8cz/DKIBb8KmZdG4EKH0PhDz
NNCQP3AIMCaU9kvp+5r2CWlRYb4HykmWViDk6kYu4/Ww5jEpT7zJndmJyBnxYqxx
nuvfEJoASq/SWeBqA3aaX0LsEVjzRDyK7xDZvzSr0eXRSjIRdKJrUHa44bIrU5hH
UqpExVz0nowycqnNX6Icm9SV0oh45ehPLXpkeCyW6YaKWvbgOf+F191wiI7jhIfN
ZwevTk9H62ms+pOqjx/1B+FgHE4LsQIDAQABo4IC6jCCAuYwHQYDVR0OBBYEFM2k
zL+WEHxWL8MvTL4oYkVrO+PpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82NUZDMjY2OEY4MDIxMUVGODRGREY3ODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQGnOOAAwMAnOQDAwCc5wMEBpzp
QAMEB5zsgAMEBpzyQDALAwQGnPNAAwMCnPADBAec9YADBAac90AwCwMEBpz5QAMD
AZz4AwQHnP2AMA0GCSqGSIb3DQEBCwUAA4IBAQBj1tugDVk7hZsJVaqnwN5dC2Rz
aOAWn9/KdcfHiPnTAnoJCC3xudyxDs5AmvfBMkrb6u+bPylADGdtShHbqympIfAy
T2C6Lezdlo5LIDa7QhAoREylq28D9zZJrKf61tu2N1BGGZKqCluwIPDe8PIYm3cy
E6ptOqwnRolIAyRn5SdGoC+lPk1tN+mN4X9Hun7cierABVikVP59fmt2yQY4OEuy
IQnbJwv+4Uhie/nT6b0topx8zPKZnEa9/8mzoJs+j+D9XHm5gd/dp/pWC4/JUKLX
gyUPeBQyGZLulVFdYrvDRZS9C5ojfh76Bpfs+Hf2DoNZVmUDuKONChwdLHXj
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:06 2025 by rpki-client