Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B49C0C8E108511F08E757E92762E951A.roa
File: B49C0C8E108511F08E757E92762E951A.roa (raw, json)
Hash identifier: as7nHgA/qBS5iO5yNMt3SjBH9amla/AAxw8E83yaO4g=
Subject key identifier: E8:02:DC:A3:28:F9:B2:5C:07:CF:4F:FC:75:1C:18:FE:BB:D9:60:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B49C0C8E108511F08E757E92762E951A.roa
Signing time: Thu 03 Apr 2025 12:18:09 +0000
ROA not before: Thu 03 Apr 2025 12:18:05 +0000
ROA not after: Thu 08 May 2025 12:18:05 +0000
asID: 200373
IP address blocks: 156.228.80.0/24 maxlen: 24
156.228.81.0/24 maxlen: 24
156.228.82.0/24 maxlen: 24
156.228.83.0/24 maxlen: 24
156.228.84.0/24 maxlen: 24
156.228.105.0/24 maxlen: 24
156.228.106.0/24 maxlen: 24
156.228.107.0/24 maxlen: 24
156.228.108.0/24 maxlen: 24
156.228.109.0/24 maxlen: 24
156.228.110.0/24 maxlen: 24
156.228.111.0/24 maxlen: 24
156.228.119.0/24 maxlen: 24
156.233.88.0/24 maxlen: 24
156.240.99.0/24 maxlen: 24
156.249.137.0/24 maxlen: 24
156.249.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84454 (0x149e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 3 12:18:05 2025 GMT
Not After : May 8 12:18:05 2025 GMT
Subject: CN=67ee7c81-2913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:01:57:76:4a:b8:87:0c:58:fc:35:25:cf:50:
20:c1:64:2a:2e:ff:c8:b5:24:89:32:17:55:d0:69:
1f:0f:7f:e0:e1:e1:e7:20:5d:e9:a5:57:e2:5e:b4:
75:ca:af:32:2b:98:b5:38:1d:b8:6b:82:c3:06:26:
76:95:03:17:b1:a4:61:b4:f9:d4:da:fe:d0:60:8a:
ff:ec:a2:b3:61:7b:c2:7b:ac:1b:17:c1:7b:ba:e2:
1a:89:d6:24:f1:d5:7b:a2:e6:95:16:16:76:9b:1f:
7c:ad:7f:6f:10:75:f1:95:92:47:17:e6:3d:5c:e3:
31:a3:2d:6a:74:04:62:2f:b7:94:24:54:b3:f8:9e:
fb:71:a3:8a:c0:4b:f8:3d:9c:90:3f:7c:24:80:f9:
de:57:ed:23:20:7a:8d:25:96:40:73:bf:47:9e:b8:
32:f5:76:ff:d2:45:ff:ad:fa:d5:b4:b6:6d:9b:40:
3e:d1:31:66:ca:4b:08:cd:5d:b9:33:9e:74:09:43:
37:64:22:76:c7:df:13:ab:ea:f5:a9:e5:c6:72:b5:
48:bd:f0:84:a9:f0:29:01:1c:71:6a:3e:28:ed:42:
f0:cd:db:29:ad:21:15:05:22:06:61:24:f9:dc:1f:
0f:92:ec:77:a4:d2:c2:d7:c1:54:ad:49:03:d7:fd:
b2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:02:DC:A3:28:F9:B2:5C:07:CF:4F:FC:75:1C:18:FE:BB:D9:60:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B49C0C8E108511F08E757E92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.80.0-156.228.84.255
156.228.105.0-156.228.111.255
156.228.119.0/24
156.233.88.0/24
156.240.99.0/24
156.249.137.0-156.249.138.255
Signature Algorithm: sha256WithRSAEncryption
64:fe:49:b9:60:81:11:13:f6:fb:79:a7:0b:b4:91:45:26:c7:
ff:98:be:c1:4e:af:68:1d:77:e6:57:c2:67:b6:db:b0:f1:e1:
e6:30:b7:6c:1b:67:ad:0a:18:7e:aa:89:b8:13:3f:f0:51:04:
ad:ef:69:f9:40:16:11:79:65:bf:b1:42:25:79:0a:58:fc:ee:
09:73:d6:c7:a4:e3:ae:a6:ab:a0:5f:2d:bb:c7:d7:d7:b2:eb:
d7:72:7a:5e:12:87:0e:ec:e3:ff:b5:c7:28:b8:94:d1:a2:8a:
58:ee:9c:0b:0d:b1:59:3a:10:13:e0:e1:58:4b:1a:4c:39:47:
52:54:1f:c6:0d:d5:1d:0b:a0:f8:f0:84:e6:f2:6b:0b:e7:9c:
1a:2d:88:20:6a:a1:f9:8e:67:a5:4c:f6:71:fd:50:c1:5c:a6:
2d:eb:c6:54:3d:5a:a3:14:42:c7:43:0c:69:43:0c:85:69:56:
57:54:32:8c:8d:25:ae:d7:50:c6:ba:ca:a2:d2:9f:a3:9e:90:
60:19:61:ff:bc:f0:de:d4:03:88:e9:a9:a2:c1:53:7d:35:23:
5b:f9:c4:74:a7:d5:76:c2:b9:37:b3:f3:ee:f5:d3:d5:7a:25:
6a:cf:60:78:2a:86:e2:f1:d1:c5:2c:a8:15:f4:e3:45:a2:9e:
cd:86:f8:b2
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgIDAUnmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTIxODA1WhcNMjUwNTA4MTIxODA1WjAYMRYw
FAYDVQQDEw02N2VlN2M4MS0yOTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvQFXdkq4hwxY/DUlz1AgwWQqLv/ItSSJMhdV0GkfD3/g4eHnIF3ppVfi
XrR1yq8yK5i1OB24a4LDBiZ2lQMXsaRhtPnU2v7QYIr/7KKzYXvCe6wbF8F7uuIa
idYk8dV7ouaVFhZ2mx98rX9vEHXxlZJHF+Y9XOMxoy1qdARiL7eUJFSz+J77caOK
wEv4PZyQP3wkgPneV+0jIHqNJZZAc79Hnrgy9Xb/0kX/rfrVtLZtm0A+0TFmyksI
zV25M550CUM3ZCJ2x98Tq+r1qeXGcrVIvfCEqfApARxxaj4o7ULwzdsprSEVBSIG
YST53B8Pkux3pNLC18FUrUkD1/2yIQIDAQABo4IC2DCCAtQwHQYDVR0OBBYEFOgC
3KMo+bJcB89P/HUcGP672WBtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDlDMEM4RTEwODUxMUYwOEU3NTdFOTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBASc5FADBACc5FQwDAMEAJzk
aQMEBJzkYAMEAJzkdwMEAJzpWAMEAJzwYzAMAwQAnPmJAwQAnPmKMA0GCSqGSIb3
DQEBCwUAA4IBAQBk/km5YIERE/b7eacLtJFFJsf/mL7BTq9oHXfmV8Jnttuw8eHm
MLdsG2etChh+qom4Ez/wUQSt72n5QBYReWW/sUIleQpY/O4Jc9bHpOOupqugXy27
x9fXsuvXcnpeEocO7OP/tccouJTRoopY7pwLDbFZOhAT4OFYSxpMOUdSVB/GDdUd
C6D48ITm8msL55waLYggaqH5jmelTPZx/VDBXKYt68ZUPVqjFELHQwxpQwyFaVZX
VDKMjSWu11DGusqi0p+jnpBgGWH/vPDe1AOI6amiwVN9NSNb+cR0p9V2wrk3s/Pu
9dPVeiVqz2B4Kobi8dHFLKgV9ONFop7Nhviy
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:41 2025 by rpki-client