Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B1853C00CCC11F0A3FC5779762E951A.roa
File: 8B1853C00CCC11F0A3FC5779762E951A.roa (raw, json)
Hash identifier: kLJRjlsxA0z7HU6RSMx9f3lVh/8+dbptVk3H0i1IuaM=
Subject key identifier: 91:C2:4B:76:9E:67:25:99:95:91:CB:93:E1:56:5F:9D:DD:79:53:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148EA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B1853C00CCC11F0A3FC5779762E951A.roa
Signing time: Sat 29 Mar 2025 18:35:10 +0000
ROA not before: Sat 29 Mar 2025 18:35:05 +0000
ROA not after: Thu 08 May 2025 18:35:05 +0000
asID: 60223
IP address blocks: 156.229.232.0/22 maxlen: 24
156.229.248.0/22 maxlen: 24
156.229.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 00:26:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84202 (0x148ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 18:35:05 2025 GMT
Not After : May 8 18:35:05 2025 GMT
Subject: CN=67e83d5d-e172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b7:27:1f:6a:d8:10:7a:19:a7:3b:cf:f3:a9:
bf:58:fe:de:20:0d:54:16:b8:26:42:7c:c6:ac:f0:
a8:dd:c2:2e:3b:e3:13:16:68:1d:68:0b:37:d9:7f:
fc:b5:5e:57:71:33:36:f7:9d:2d:92:03:9f:29:15:
51:d7:05:5b:90:64:22:d5:f0:9c:b1:42:ef:af:ae:
0e:b3:3a:c3:34:74:a4:b2:1a:de:e3:d2:31:85:5e:
71:d8:15:9f:3c:17:8e:29:8d:2f:56:e1:4b:a4:a3:
89:49:cf:95:73:df:0c:be:db:1e:82:cd:41:e5:0c:
47:9c:65:12:ab:8e:31:45:be:0c:7e:7d:e9:79:04:
9b:16:ef:83:e3:87:d6:6f:d4:1c:f3:04:8f:f9:52:
fe:e0:66:78:39:94:1e:96:5b:aa:90:97:fc:95:9a:
d8:99:d5:48:35:1c:3d:6c:a7:12:7c:b5:f8:b6:6e:
e4:c4:16:6f:b6:89:6f:1e:ef:cc:e7:3a:84:89:82:
a5:5b:f2:9c:9b:26:58:70:30:ed:fa:14:d7:db:a6:
a2:bf:69:d8:f0:0b:5e:0b:8c:76:36:d0:e8:7a:71:
38:50:21:5c:c7:37:19:7a:15:08:51:d4:60:62:9d:
a8:29:72:55:43:88:f8:6d:49:50:d8:4f:3d:76:3c:
95:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C2:4B:76:9E:67:25:99:95:91:CB:93:E1:56:5F:9D:DD:79:53:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8B1853C00CCC11F0A3FC5779762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.232.0/22
156.229.248.0-156.229.253.255
Signature Algorithm: sha256WithRSAEncryption
31:e2:bc:10:dd:44:c1:3b:b5:a8:77:32:b7:ef:10:e4:9d:0c:
6c:5c:b3:ff:23:bb:15:97:9f:8e:2d:d3:04:3d:e4:53:96:5c:
7a:b0:63:50:48:4c:ce:54:a8:35:76:de:98:ad:7e:23:f4:1d:
e0:c0:81:4c:2b:a5:74:d2:21:e0:9c:6e:84:3a:74:88:43:5f:
a1:cf:a6:45:4d:c8:df:22:fc:80:fc:b8:27:54:07:bf:e5:b8:
70:03:60:05:ab:6a:41:69:77:72:35:0a:17:3c:32:1a:86:15:
13:2d:76:87:d8:02:bf:66:22:9e:2e:14:63:76:f0:a7:07:48:
5d:37:d1:a6:d0:d5:3c:eb:56:ea:d0:1c:43:4c:ea:bc:70:7d:
f6:14:98:2d:36:fb:01:4b:fe:ad:be:f7:10:5a:31:cf:72:35:
cd:23:d2:f4:4c:2a:47:ae:4f:66:9a:9d:b6:66:bb:f0:da:23:
33:e3:92:43:b7:1a:5d:d6:22:bd:48:ff:21:03:e4:ab:86:8f:
ff:af:f8:04:0b:7f:bd:a4:c6:ec:1c:d1:af:b6:4d:67:36:30:
ec:a3:c1:71:4f:71:64:51:84:78:57:2a:33:52:44:0f:18:09:
21:4c:fa:8c:c2:0f:ae:ee:c9:d8:38:90:08:b3:e4:eb:3a:9e:
bf:a6:20:4a
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUjqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTgzNTA1WhcNMjUwNTA4MTgzNTA1WjAYMRYw
FAYDVQQDEw02N2U4M2Q1ZC1lMTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsbcnH2rYEHoZpzvP86m/WP7eIA1UFrgmQnzGrPCo3cIuO+MTFmgdaAs3
2X/8tV5XcTM2950tkgOfKRVR1wVbkGQi1fCcsULvr64OszrDNHSkshre49IxhV5x
2BWfPBeOKY0vVuFLpKOJSc+Vc98Mvtsegs1B5QxHnGUSq44xRb4Mfn3peQSbFu+D
44fWb9Qc8wSP+VL+4GZ4OZQelluqkJf8lZrYmdVINRw9bKcSfLX4tm7kxBZvtolv
Hu/M5zqEiYKlW/KcmyZYcDDt+hTX26aiv2nY8AteC4x2NtDoenE4UCFcxzcZehUI
UdRgYp2oKXJVQ4j4bUlQ2E89djyVlQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFJHC
S3aeZyWZlZHLk+FWX53deVP1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QjE4NTNDMDBDQ0MxMUYwQTNGQzU3Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCnOXoMAwDBAOc5fgDBAGc5fww
DQYJKoZIhvcNAQELBQADggEBADHivBDdRME7tah3MrfvEOSdDGxcs/8juxWXn44t
0wQ95FOWXHqwY1BITM5UqDV23pitfiP0HeDAgUwrpXTSIeCcboQ6dIhDX6HPpkVN
yN8i/ID8uCdUB7/luHADYAWrakFpd3I1Chc8MhqGFRMtdofYAr9mIp4uFGN28KcH
SF030abQ1TzrVurQHENM6rxwffYUmC02+wFL/q2+9xBaMc9yNc0j0vRMKkeuT2aa
nbZmu/DaIzPjkkO3Gl3WIr1I/yED5KuGj/+v+AQLf72kxuwc0a+2TWc2MOyjwXFP
cWRRhHhXKjNSRA8YCSFM+ozCD67uydg4kAiz5Os6nr+mIEo=
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:30:35 2025 by rpki-client