Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9252090411F611F0AFAFAC52762E951A.roa
File: 9252090411F611F0AFAFAC52762E951A.roa (raw, json)
Hash identifier: H4OtDJufL0rkZpJNUiroCrCH3ONm+cVOXHqp1U797/E=
Subject key identifier: D4:2E:63:67:CE:41:69:B7:82:4D:F4:E7:A0:56:30:32:FE:CC:51:C3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A46
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9252090411F611F0AFAFAC52762E951A.roa
Signing time: Sat 05 Apr 2025 08:18:36 +0000
ROA not before: Sat 05 Apr 2025 08:18:31 +0000
ROA not after: Sun 11 May 2025 08:18:31 +0000
asID: 42689
IP address blocks: 156.241.48.0/21 maxlen: 24
156.241.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84550 (0x14a46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 5 08:18:31 2025 GMT
Not After : May 11 08:18:31 2025 GMT
Subject: CN=67f0e75c-1c55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:04:42:f5:3a:03:59:5a:e8:7b:e2:bf:8c:
3f:43:2f:98:c0:d0:ef:df:a9:24:23:55:73:d1:d8:
d3:ff:ce:a7:43:eb:ad:f2:a0:84:5b:1a:cd:95:53:
40:ad:ae:c1:ef:63:c5:7c:30:97:3f:6b:b9:25:4a:
c9:6d:0b:69:f7:7f:ef:1f:ce:19:85:40:9e:0e:ea:
bb:a5:da:22:e4:3c:06:98:1f:b6:28:c5:b2:19:0b:
cb:4c:a1:7c:e5:4c:b8:0f:01:76:82:ef:7f:0a:cf:
50:cc:9b:69:f6:74:54:26:62:88:b0:e7:43:1b:66:
c4:c7:7a:4f:ed:fe:c5:09:81:5b:5e:d5:e8:08:86:
49:6e:06:71:dd:89:87:e9:84:84:0d:69:e5:47:20:
e1:fd:bd:73:f7:53:5e:0c:ee:25:e8:95:70:bf:c5:
d9:0b:c6:0e:bf:ef:c6:6f:4c:df:fc:30:5e:da:d5:
cc:a1:83:81:16:c3:d9:d0:fc:ae:91:fe:85:2f:91:
ae:75:b3:bc:69:2b:16:7f:67:c5:34:1d:b4:0d:82:
fb:9b:32:63:cd:2a:d5:5c:d5:06:40:cc:f5:11:c7:
3b:27:df:cb:3f:fd:94:6f:80:34:c8:f0:0e:78:81:
d3:1f:cc:78:cd:36:62:b0:5d:48:43:25:13:c4:d5:
e8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2E:63:67:CE:41:69:B7:82:4D:F4:E7:A0:56:30:32:FE:CC:51:C3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9252090411F611F0AFAFAC52762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.48.0-156.241.59.255
Signature Algorithm: sha256WithRSAEncryption
7e:1c:96:44:8e:52:ca:a6:84:86:c5:59:15:62:21:ef:7b:5f:
d9:ef:13:43:90:f0:10:79:81:9f:8f:73:38:41:ec:6c:e1:ea:
a0:19:90:9e:c6:06:6d:9d:ee:09:a9:3d:d8:cb:cd:7e:ca:50:
c2:0a:fe:af:f3:43:7c:f1:a6:7f:7e:77:e6:5b:99:d4:4c:e3:
53:bd:de:ae:18:fa:54:13:07:e4:ec:b5:4b:52:96:c0:bf:ca:
e3:38:bc:6d:28:c8:84:00:38:90:33:27:16:9e:37:53:55:c9:
83:48:fb:7f:50:7e:ba:53:60:60:3a:5a:db:90:38:bc:bc:01:
0b:1b:5c:bb:80:7f:81:6e:24:aa:f7:14:32:ff:35:af:3d:30:
65:a2:c3:36:01:89:34:23:7c:8c:44:92:6f:6e:06:c9:5b:31:
b4:ad:e7:47:13:d0:a7:fb:5c:ab:e7:4f:3d:b2:6b:99:05:61:
f5:9b:bf:84:00:74:a7:7e:04:02:8b:3c:ec:5e:72:90:78:17:
a2:ea:4c:59:c0:08:c6:bf:65:c1:75:92:8f:ab:0e:06:17:ff:
ee:79:d3:41:11:b0:59:ab:7e:e0:c3:67:75:5a:fc:d4:36:b1:
a8:76:72:49:b1:7e:84:b0:ce:2d:7c:05:12:41:e4:fb:fb:4c:
46:4e:b5:e0
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAUpGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA1MDgxODMxWhcNMjUwNTExMDgxODMxWjAYMRYw
FAYDVQQDEw02N2YwZTc1Yy0xYzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAszIEQvU6A1la6Hviv4w/Qy+YwNDv36kkI1Vz0djT/86nQ+ut8qCEWxrN
lVNAra7B72PFfDCXP2u5JUrJbQtp93/vH84ZhUCeDuq7pdoi5DwGmB+2KMWyGQvL
TKF85Uy4DwF2gu9/Cs9QzJtp9nRUJmKIsOdDG2bEx3pP7f7FCYFbXtXoCIZJbgZx
3YmH6YSEDWnlRyDh/b1z91NeDO4l6JVwv8XZC8YOv+/Gb0zf/DBe2tXMoYOBFsPZ
0Pyukf6FL5GudbO8aSsWf2fFNB20DYL7mzJjzSrVXNUGQMz1Ecc7J9/LP/2Ub4A0
yPAOeIHTH8x4zTZisF1IQyUTxNXokwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFNQu
Y2fOQWm3gk3056BWMDL+zFHDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MjUyMDkwNDExRjYxMUYwQUZBRkFDNTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBASc8TADBAKc8TgwDQYJKoZI
hvcNAQELBQADggEBAH4clkSOUsqmhIbFWRViIe97X9nvE0OQ8BB5gZ+PczhB7Gzh
6qAZkJ7GBm2d7gmpPdjLzX7KUMIK/q/zQ3zxpn9+d+ZbmdRM41O93q4Y+lQTB+Ts
tUtSlsC/yuM4vG0oyIQAOJAzJxaeN1NVyYNI+39QfrpTYGA6WtuQOLy8AQsbXLuA
f4FuJKr3FDL/Na89MGWiwzYBiTQjfIxEkm9uBslbMbSt50cT0Kf7XKvnTz2ya5kF
YfWbv4QAdKd+BAKLPOxecpB4F6LqTFnACMa/ZcF1ko+rDgYX/+5500ERsFmrfuDD
Z3Va/NQ2sah2ckmxfoSwzi18BRJB5Pv7TEZOteA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:59:51 2025 by rpki-client