Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3706B820A1611F0ABA84E62762E951A.roa
File: F3706B820A1611F0ABA84E62762E951A.roa (raw, json)
Hash identifier: 791ruC9IGYuslWzSSzrvESJKJHdSqJS9xdpOIEvZS0w=
Subject key identifier: 7F:8A:97:B3:07:9E:01:AF:33:93:2B:24:CD:C6:6C:BE:18:50:63:D5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01483C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3706B820A1611F0ABA84E62762E951A.roa
Signing time: Wed 26 Mar 2025 07:50:14 +0000
ROA not before: Wed 26 Mar 2025 07:50:10 +0000
ROA not after: Mon 20 Apr 2026 07:50:10 +0000
asID: 984
IP address blocks: 156.231.128.0/24 maxlen: 24
156.231.129.0/24 maxlen: 24
156.231.130.0/24 maxlen: 24
156.232.12.0/24 maxlen: 24
156.232.32.0/24 maxlen: 24
156.232.33.0/24 maxlen: 24
156.232.34.0/24 maxlen: 24
156.252.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84028 (0x1483c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 26 07:50:10 2025 GMT
Not After : Apr 20 07:50:10 2026 GMT
Subject: CN=67e3b1b6-e362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:30:01:d0:19:c6:01:d8:81:c1:d0:1e:09:
2f:69:f8:90:01:ee:56:78:f0:63:ab:c9:e9:e4:02:
10:b9:bb:45:4d:e4:c3:6d:32:9a:e6:19:21:a5:d5:
92:35:f7:72:33:a4:e3:28:7e:2e:04:43:cf:7f:99:
cc:ae:32:d9:2a:3f:e5:ac:b0:78:87:36:45:de:0e:
e9:67:0f:43:90:c4:f2:80:76:c3:d2:fe:dc:4f:e5:
0b:b8:61:3b:ce:60:df:40:e0:f8:a0:d8:2f:fe:45:
72:69:0a:41:0e:55:38:3a:74:e2:df:98:bb:32:bc:
ea:b2:26:c5:2b:9a:b2:cf:a4:92:21:be:67:6b:70:
90:b2:2e:fe:ff:ed:37:1f:09:af:1e:37:27:65:f9:
d5:f5:8f:54:4f:78:ec:9d:2a:2c:a4:a0:74:bb:e5:
fa:7d:0a:fe:d9:2a:75:bc:04:59:8e:99:69:d9:fd:
6c:40:36:8f:e3:17:1b:23:de:49:3b:04:ed:fe:10:
0b:86:5a:ad:df:0f:33:7c:25:11:a6:ed:25:68:0b:
48:c3:c9:3f:20:ce:e5:f6:9e:b2:dc:4a:b4:25:c2:
22:21:42:eb:ad:94:13:88:02:6b:0a:b4:67:37:2e:
fe:d9:14:b9:13:67:24:40:d4:96:a2:e5:51:49:08:
60:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:8A:97:B3:07:9E:01:AF:33:93:2B:24:CD:C6:6C:BE:18:50:63:D5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F3706B820A1611F0ABA84E62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.128.0-156.231.130.255
156.232.12.0/24
156.232.32.0-156.232.34.255
156.252.1.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:e5:02:0f:b4:f9:2a:01:cf:38:27:cf:d9:08:4e:22:c9:ac:
53:43:51:c0:51:58:6e:79:47:f3:0d:48:f3:1b:39:a4:a6:ba:
b1:cf:61:b8:df:43:11:12:c7:33:59:d6:32:be:3d:45:f9:a1:
d6:dc:bc:a0:69:15:47:ed:66:4d:c2:7b:df:ff:12:7f:91:dd:
eb:ad:be:3f:94:b0:7a:ed:91:42:62:0e:80:17:a3:80:5d:73:
d7:86:38:a1:67:e5:bf:08:f0:f4:d4:45:9f:c5:ae:76:09:c7:
40:fb:79:a3:f5:61:20:ed:11:00:0b:66:2e:43:52:ae:b8:44:
d8:a1:5f:9b:a1:dc:06:09:20:32:9f:2a:e4:37:d4:e1:d6:09:
39:7f:91:cb:39:ef:e6:d4:c2:75:cf:d8:7d:48:8a:8e:dc:cc:
59:ce:7f:f6:5c:d6:d7:28:13:06:75:8b:6e:01:c9:72:ba:95:
ff:49:cd:76:93:7a:29:6c:62:a1:7e:a1:3d:48:cd:3b:a0:1d:
9f:91:83:fb:ac:b6:b4:18:b5:ea:2c:8d:ce:6f:39:58:f7:0c:
68:e6:04:41:50:67:88:b7:94:5d:9d:8e:e0:34:04:e9:2c:3d:
87:43:46:25:d2:a2:3a:a5:4f:b1:b9:d7:6d:2f:70:56:73:5c:
98:c1:15:67
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgIDAUg8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI2MDc1MDEwWhcNMjYwNDIwMDc1MDEwWjAYMRYw
FAYDVQQDEw02N2UzYjFiNi1lMzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv5cwAdAZxgHYgcHQHgkvafiQAe5WePBjq8np5AIQubtFTeTDbTKa5hkh
pdWSNfdyM6TjKH4uBEPPf5nMrjLZKj/lrLB4hzZF3g7pZw9DkMTygHbD0v7cT+UL
uGE7zmDfQOD4oNgv/kVyaQpBDlU4OnTi35i7MrzqsibFK5qyz6SSIb5na3CQsi7+
/+03HwmvHjcnZfnV9Y9UT3jsnSospKB0u+X6fQr+2Sp1vARZjplp2f1sQDaP4xcb
I95JOwTt/hALhlqt3w8zfCURpu0laAtIw8k/IM7l9p6y3Eq0JcIiIULrrZQTiAJr
CrRnNy7+2RS5E2ckQNSWouVRSQhgTQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFH+K
l7MHngGvM5MrJM3GbL4YUGPVMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMzcwNkI4MjBBMTYxMUYwQUJBODRFNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAec54ADBACc54IDBACc6Aww
DAMEBZzoIAMEAJzoIgMEAJz8ATANBgkqhkiG9w0BAQsFAAOCAQEAt+UCD7T5KgHP
OCfP2QhOIsmsU0NRwFFYbnlH8w1I8xs5pKa6sc9huN9DERLHM1nWMr49Rfmh1ty8
oGkVR+1mTcJ73/8Sf5Hd662+P5Sweu2RQmIOgBejgF1z14Y4oWflvwjw9NRFn8Wu
dgnHQPt5o/VhIO0RAAtmLkNSrrhE2KFfm6HcBgkgMp8q5DfU4dYJOX+Ryznv5tTC
dc/YfUiKjtzMWc5/9lzW1ygTBnWLbgHJcrqV/0nNdpN6KWxioX6hPUjNO6Adn5GD
+6y2tBi16iyNzm85WPcMaOYEQVBniLeUXZ2O4DQE6Sw9h0NGJdKiOqVPsbnXbS9w
VnNcmMEVZw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:25 2025 by rpki-client