Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/697172F0108311F080CE2E86762E951A.roa
File: 697172F0108311F080CE2E86762E951A.roa (raw, json)
Hash identifier: th0LM8fxvfI2p0BZ/6e1+/S8S85jvIOBoi+uFt9V8l0=
Subject key identifier: D9:61:9D:E7:40:AF:48:DC:56:19:4F:E5:BB:EA:DD:E7:38:31:69:84
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0149DE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/697172F0108311F080CE2E86762E951A.roa
Signing time: Thu 03 Apr 2025 12:01:45 +0000
ROA not before: Thu 03 Apr 2025 12:01:40 +0000
ROA not after: Thu 08 May 2025 12:01:40 +0000
asID: 200373
IP address blocks: 156.228.85.0/24 maxlen: 24
156.228.177.0/24 maxlen: 24
156.228.178.0/24 maxlen: 24
156.228.179.0/24 maxlen: 24
156.228.190.0/24 maxlen: 24
156.233.72.0/24 maxlen: 24
156.233.73.0/24 maxlen: 24
156.233.74.0/24 maxlen: 24
156.233.75.0/24 maxlen: 24
156.233.84.0/24 maxlen: 24
156.233.85.0/24 maxlen: 24
156.233.86.0/24 maxlen: 24
156.233.87.0/24 maxlen: 24
156.233.89.0/24 maxlen: 24
156.233.90.0/24 maxlen: 24
156.233.91.0/24 maxlen: 24
156.233.92.0/24 maxlen: 24
156.233.93.0/24 maxlen: 24
156.233.94.0/24 maxlen: 24
156.233.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84446 (0x149de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 3 12:01:40 2025 GMT
Not After : May 8 12:01:40 2025 GMT
Subject: CN=67ee78a8-d3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:8f:85:9f:7d:cd:81:47:a5:96:ca:fa:b6:
f5:cb:c0:c8:e2:23:de:da:58:a3:17:2c:a2:0c:40:
b4:07:45:86:4a:a7:7e:62:f6:5c:f0:14:f9:05:ca:
a2:7d:35:98:43:20:39:d1:17:53:cc:b3:e4:a8:0c:
02:e4:17:07:01:72:a0:36:3c:f5:d6:0b:86:61:cc:
8a:2c:12:c2:f8:fd:a9:78:bb:fe:05:79:35:36:0f:
68:6d:ac:1c:07:3a:a5:14:4a:cb:d7:4e:bb:f7:b5:
13:34:d2:df:38:93:e5:46:05:9e:77:67:68:c2:3d:
23:3c:58:91:51:2d:e0:45:01:0a:65:d1:26:73:21:
d7:85:cd:ba:46:63:ca:51:58:cc:ac:8a:a0:51:a0:
31:04:ce:54:a7:da:80:62:ef:e8:fa:eb:3f:dd:ab:
fa:51:cd:ad:07:d5:26:5a:3b:d0:12:f5:9b:f3:56:
77:39:f7:6d:c4:eb:e2:57:cf:11:a9:6a:4e:36:8c:
d6:98:7c:0c:eb:59:cf:d4:e2:3e:67:bc:1f:d9:8f:
69:ef:c9:0f:4a:94:b8:89:45:81:4c:59:4a:24:37:
fe:b7:ac:e5:f1:eb:e1:59:0f:6b:7b:26:2a:16:8f:
88:1d:e8:b2:1f:54:35:79:7a:65:30:30:46:70:2b:
6a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:61:9D:E7:40:AF:48:DC:56:19:4F:E5:BB:EA:DD:E7:38:31:69:84
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/697172F0108311F080CE2E86762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.85.0/24
156.228.177.0-156.228.179.255
156.228.190.0/24
156.233.72.0/22
156.233.84.0/22
156.233.89.0-156.233.95.255
Signature Algorithm: sha256WithRSAEncryption
6f:e5:9b:c6:7d:3a:b3:ac:46:1a:29:06:8e:77:c9:e5:f8:90:
30:7a:b1:fe:59:59:00:48:8c:9b:04:29:95:94:a3:44:3f:db:
c1:ee:27:15:0e:be:75:c4:ea:3b:c9:6a:a9:42:91:5c:2c:f2:
2b:cf:76:ca:2f:f7:91:23:5b:99:96:20:23:c5:06:6a:fd:8d:
12:c2:a5:34:e1:a8:bd:e4:05:56:81:55:63:a2:48:79:67:c5:
17:71:fb:c6:0a:d2:e6:d1:b1:26:3b:e5:97:01:46:35:1e:85:
12:f7:33:f1:b8:bd:3d:1a:ca:d5:db:9b:97:dc:bf:8f:e3:63:
66:7f:de:2f:b2:d6:bc:d6:86:f7:c1:82:51:6f:55:26:37:b7:
2c:27:13:ea:27:71:ab:d4:85:20:59:e4:52:46:26:1d:45:c2:
fb:2e:5c:bf:72:91:f4:0c:6d:cc:b3:98:52:c6:68:24:68:ab:
eb:cb:04:bc:a1:e4:5e:71:1c:ba:a6:4c:0c:dc:4f:c5:27:fc:
92:72:e6:1f:18:91:f9:1e:8f:8c:45:31:73:b0:c2:73:45:42:
09:3e:84:55:3c:9e:73:a6:9a:78:10:c5:74:81:cc:65:b1:e8:
bc:d0:1d:93:df:82:72:2b:ac:6b:bc:dc:96:1e:98:40:ad:09:
4a:f3:7f:e7
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIDAUneMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAzMTIwMTQwWhcNMjUwNTA4MTIwMTQwWjAYMRYw
FAYDVQQDEw02N2VlNzhhOC1kM2RkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlnePhZ99zYFHpZbK+rb1y8DI4iPe2lijFyyiDEC0B0WGSqd+YvZc8BT5
BcqifTWYQyA50RdTzLPkqAwC5BcHAXKgNjz11guGYcyKLBLC+P2peLv+BXk1Ng9o
bawcBzqlFErL106797UTNNLfOJPlRgWed2dowj0jPFiRUS3gRQEKZdEmcyHXhc26
RmPKUVjMrIqgUaAxBM5Up9qAYu/o+us/3av6Uc2tB9UmWjvQEvWb81Z3OfdtxOvi
V88RqWpONozWmHwM61nP1OI+Z7wf2Y9p78kPSpS4iUWBTFlKJDf+t6zl8evhWQ9r
eyYqFo+IHeiyH1Q1eXplMDBGcCtqkwIDAQABo4IC0DCCAswwHQYDVR0OBBYEFNlh
nedAr0jcVhlP5bvq3ec4MWmEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OTcxNzJGMDEwODMxMUYwODBDRTJFODY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
ME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAnORVMAwDBACc5LEDBAKc5LAD
BACc5L4DBAKc6UgDBAKc6VQwDAMEAJzpWQMEBZzpQDANBgkqhkiG9w0BAQsFAAOC
AQEAb+Wbxn06s6xGGikGjnfJ5fiQMHqx/llZAEiMmwQplZSjRD/bwe4nFQ6+dcTq
O8lqqUKRXCzyK892yi/3kSNbmZYgI8UGav2NEsKlNOGoveQFVoFVY6JIeWfFF3H7
xgrS5tGxJjvllwFGNR6FEvcz8bi9PRrK1dubl9y/j+NjZn/eL7LWvNaG98GCUW9V
Jje3LCcT6idxq9SFIFnkUkYmHUXC+y5cv3KR9AxtzLOYUsZoJGir68sEvKHkXnEc
uqZMDNxPxSf8knLmHxiR+R6PjEUxc7DCc0VCCT6EVTyec6aaeBDFdIHMZbHovNAd
k9+Cciusa7zclh6YQK0JSvN/5w==
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:09:30 2025 by rpki-client