Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/90D0E1D80FA111F0AF427BB3762E951A.roa
File: 90D0E1D80FA111F0AF427BB3762E951A.roa (raw, json)
Hash identifier: Su4A499vRlLVlq0OX1zSJ3p/wnTp5rU9LymgymsGySU=
Subject key identifier: 68:40:15:B0:C3:87:B5:A5:6D:B9:B1:62:F7:2F:C1:CC:25:DD:4C:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014979
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/90D0E1D80FA111F0AF427BB3762E951A.roa
Signing time: Wed 02 Apr 2025 09:05:04 +0000
ROA not before: Wed 02 Apr 2025 09:05:00 +0000
ROA not after: Fri 02 May 2025 09:05:00 +0000
asID: 200373
IP address blocks: 156.239.156.0/23 maxlen: 24
156.239.192.0/20 maxlen: 24
156.239.208.0/20 maxlen: 24
156.242.32.0/20 maxlen: 24
156.242.51.0/24 maxlen: 24
156.248.80.0/21 maxlen: 24
156.249.56.0/21 maxlen: 24
156.249.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84345 (0x14979)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 2 09:05:00 2025 GMT
Not After : May 2 09:05:00 2025 GMT
Subject: CN=67ecfdc0-7af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d7:55:3e:b5:3a:89:21:8a:80:35:95:b5:65:
22:a9:12:39:69:3b:6e:38:b4:9b:3f:be:d8:ce:ec:
10:62:46:b6:9f:eb:b4:33:e4:a9:b5:7c:31:40:c2:
8d:82:3e:94:67:8d:7a:2c:4c:8a:23:89:6e:78:00:
43:08:b6:11:d8:37:5d:a9:9a:ab:67:86:c1:c2:35:
ab:11:de:3a:fd:1f:11:95:f1:e6:ea:52:83:e1:c5:
80:c4:18:69:78:7b:6a:38:ad:d6:bf:e3:22:a1:36:
e6:39:87:5e:97:1b:b5:c6:52:f4:6b:a0:58:e1:f4:
e7:69:49:5e:71:27:25:5d:68:42:35:db:ea:e6:a1:
71:40:2e:ad:a6:e2:42:2c:e4:3b:ac:b2:ed:4b:3c:
c4:55:ad:63:7a:4e:1e:04:24:6c:de:2e:d7:4d:84:
a2:99:d8:de:f8:da:b0:e3:b4:bb:d1:87:60:93:aa:
8f:a5:d5:72:8b:35:b1:d3:46:1a:b2:93:4f:17:8d:
89:22:4b:16:a2:c9:e5:7d:d6:ac:db:00:57:39:5e:
d0:7f:68:cc:9f:cb:6e:4a:57:0b:af:b4:00:7e:12:
a6:3f:c2:68:11:73:bb:a5:44:f1:43:92:41:03:b6:
df:f6:1d:b5:88:c2:a1:ea:53:8a:d9:2e:8d:c6:ec:
19:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:40:15:B0:C3:87:B5:A5:6D:B9:B1:62:F7:2F:C1:CC:25:DD:4C:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/90D0E1D80FA111F0AF427BB3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.156.0/23
156.239.192.0/19
156.242.32.0/20
156.242.51.0/24
156.248.80.0/21
156.249.56.0/21
156.249.124.0/22
Signature Algorithm: sha256WithRSAEncryption
80:2c:45:e1:ad:73:47:d3:26:e9:7d:71:a4:f8:6f:71:47:6a:
20:0a:4e:7f:7d:30:3d:46:ca:77:bd:bb:76:69:9a:0e:f4:5f:
3f:a9:1e:f2:45:01:90:68:b0:8d:a2:da:94:12:2a:e9:64:60:
ba:88:59:b5:95:24:20:30:e9:71:5d:b1:59:e8:7e:5f:ad:c4:
78:d0:35:a9:1d:b0:72:08:12:e3:4c:56:71:f3:ae:14:ec:1a:
c7:65:20:2c:a3:4d:94:3d:ee:d9:46:19:dd:6a:86:22:2e:ca:
76:c8:80:89:46:6f:1a:2c:6b:c4:34:17:01:6e:7a:75:53:b2:
8d:5c:14:95:29:f7:9c:7b:ad:ce:bb:c2:be:ab:17:77:92:e4:
e7:53:1d:d7:af:f2:52:20:45:b6:fd:bb:04:11:d2:ec:19:cf:
0c:24:7e:a5:31:7d:b0:96:c4:43:ec:72:28:2a:6c:39:11:e1:
04:a5:fc:d4:3e:e3:ce:25:19:ae:7e:fc:bc:0e:65:ac:ab:c4:
76:37:84:d8:0b:1f:53:ad:49:2a:b0:09:31:d5:9d:03:92:05:
0c:84:6a:23:f2:e7:43:2f:62:08:f1:bb:41:b5:3e:7f:35:ad:
9e:24:b5:dd:0e:d8:c5:dc:71:65:70:37:a5:0d:6f:30:3d:4f:
5a:6e:b1:45
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAUl5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAyMDkwNTAwWhcNMjUwNTAyMDkwNTAwWjAYMRYw
FAYDVQQDEw02N2VjZmRjMC03YWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5ddVPrU6iSGKgDWVtWUiqRI5aTtuOLSbP77YzuwQYka2n+u0M+SptXwx
QMKNgj6UZ416LEyKI4lueABDCLYR2DddqZqrZ4bBwjWrEd46/R8RlfHm6lKD4cWA
xBhpeHtqOK3Wv+MioTbmOYdelxu1xlL0a6BY4fTnaUlecSclXWhCNdvq5qFxQC6t
puJCLOQ7rLLtSzzEVa1jek4eBCRs3i7XTYSimdje+Nqw47S70Ydgk6qPpdVyizWx
00YaspNPF42JIksWosnlfdas2wBXOV7Qf2jMn8tuSlcLr7QAfhKmP8JoEXO7pUTx
Q5JBA7bf9h21iMKh6lOK2S6NxuwZOQIDAQABo4ICxjCCAsIwHQYDVR0OBBYEFGhA
FbDDh7WlbbmxYvcvwcwl3UytMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MEQwRTFEODBGQTExMUYwQUY0MjdCQjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBnO+cAwQFnO/AAwQEnPIgAwQA
nPIzAwQDnPhQAwQDnPk4AwQCnPl8MA0GCSqGSIb3DQEBCwUAA4IBAQCALEXhrXNH
0ybpfXGk+G9xR2ogCk5/fTA9Rsp3vbt2aZoO9F8/qR7yRQGQaLCNotqUEirpZGC6
iFm1lSQgMOlxXbFZ6H5frcR40DWpHbByCBLjTFZx864U7BrHZSAso02UPe7ZRhnd
aoYiLsp2yICJRm8aLGvENBcBbnp1U7KNXBSVKfece63Ou8K+qxd3kuTnUx3Xr/JS
IEW2/bsEEdLsGc8MJH6lMX2wlsRD7HIoKmw5EeEEpfzUPuPOJRmufvy8DmWsq8R2
N4TYCx9TrUkqsAkx1Z0DkgUMhGoj8udDL2II8btBtT5/Na2eJLXdDtjF3HFlcDel
DW8wPU9abrFF
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:18:48 2025 by rpki-client