Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBC937CA113711F0964B454E762E951A.roa
File: DBC937CA113711F0964B454E762E951A.roa (raw, json)
Hash identifier: cVFxByXnabPj2wx5+oYQQKl1ewgxM7586dy3k7FHtsk=
Subject key identifier: C7:27:23:31:0B:D3:1D:7C:B4:27:83:09:9A:EF:12:10:2B:4A:A7:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A03
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBC937CA113711F0964B454E762E951A.roa
Signing time: Fri 04 Apr 2025 09:33:26 +0000
ROA not before: Fri 04 Apr 2025 09:33:22 +0000
ROA not after: Thu 01 May 2025 09:33:22 +0000
asID: 44559
IP address blocks: 156.238.24.0/24 maxlen: 24
156.238.25.0/24 maxlen: 24
156.238.26.0/24 maxlen: 24
156.238.27.0/24 maxlen: 24
156.238.32.0/24 maxlen: 24
156.238.33.0/24 maxlen: 24
156.238.34.0/24 maxlen: 24
156.238.35.0/24 maxlen: 24
156.238.36.0/24 maxlen: 24
156.238.37.0/24 maxlen: 24
156.238.38.0/24 maxlen: 24
156.238.39.0/24 maxlen: 24
156.246.21.0/24 maxlen: 24
156.246.23.0/24 maxlen: 24
156.246.31.0/24 maxlen: 24
156.246.87.0/24 maxlen: 24
156.247.16.0/24 maxlen: 24
156.247.19.0/24 maxlen: 24
156.247.20.0/24 maxlen: 24
156.247.21.0/24 maxlen: 24
156.247.22.0/24 maxlen: 24
156.247.23.0/24 maxlen: 24
156.254.96.0/24 maxlen: 24
156.254.97.0/24 maxlen: 24
156.254.98.0/24 maxlen: 24
156.254.99.0/24 maxlen: 24
156.254.100.0/24 maxlen: 24
156.254.101.0/24 maxlen: 24
156.254.102.0/24 maxlen: 24
156.254.103.0/24 maxlen: 24
156.254.104.0/24 maxlen: 24
156.254.105.0/24 maxlen: 24
156.254.106.0/24 maxlen: 24
156.254.107.0/24 maxlen: 24
156.254.108.0/24 maxlen: 24
156.254.109.0/24 maxlen: 24
156.254.110.0/24 maxlen: 24
156.254.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84483 (0x14a03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 4 09:33:22 2025 GMT
Not After : May 1 09:33:22 2025 GMT
Subject: CN=67efa766-648b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:d9:8b:19:4f:e7:e3:01:6f:88:53:64:d4:6b:
77:4b:d4:d3:58:77:96:d6:86:c0:8f:93:e7:40:d3:
7d:2f:38:5a:96:d2:6e:50:7d:f9:82:8c:6e:51:34:
9d:6a:8d:6d:43:43:fb:15:fc:ae:0b:2d:d2:aa:29:
01:69:c3:53:5f:40:5e:3f:0b:24:be:61:6b:31:91:
d2:e4:e3:c8:6c:14:12:03:a1:2e:20:72:35:61:03:
3a:13:07:14:26:10:d8:a6:84:f0:b0:ac:61:9a:b9:
53:86:63:d2:00:15:43:f9:7e:66:da:8d:0b:41:7c:
99:4b:1f:fc:1f:5e:86:1e:fa:f1:1c:1c:a6:d5:b9:
46:ca:fb:c8:7a:3e:d0:e7:99:93:3b:26:52:c7:2b:
f9:e4:42:f3:35:70:e9:e8:c8:a4:dc:23:35:87:12:
58:ce:3e:32:f3:80:cd:48:d1:a2:fd:a1:2d:dc:7c:
06:63:e6:28:d0:c7:d2:c5:97:2c:c9:ef:73:b4:af:
f9:42:f3:73:89:b6:70:38:e1:a7:0d:89:54:7e:98:
d7:ad:6c:ec:a7:f9:c9:52:a5:6c:52:fa:55:2f:cb:
45:a9:49:75:d0:c9:df:18:a7:1d:59:6e:f5:23:ea:
37:2a:d1:15:5a:cc:d9:dc:90:5c:65:cd:82:f2:85:
b2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:27:23:31:0B:D3:1D:7C:B4:27:83:09:9A:EF:12:10:2B:4A:A7:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DBC937CA113711F0964B454E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.24.0/22
156.238.32.0/21
156.246.21.0/24
156.246.23.0/24
156.246.31.0/24
156.246.87.0/24
156.247.16.0/24
156.247.19.0-156.247.23.255
156.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5f:70:55:7d:90:b9:b5:e9:b9:3f:fd:0d:60:fe:cc:0b:e9:57:
94:2c:23:fe:b3:b2:6d:a2:e3:9f:8b:c7:97:fe:20:e0:14:d6:
29:cf:95:0d:fc:8e:27:9a:74:27:d6:26:3a:3e:0a:9c:f9:d2:
4f:62:67:f3:04:56:59:76:13:6a:ba:99:0e:4f:f9:f2:28:bb:
67:85:14:34:02:ae:82:33:79:55:45:96:a6:11:64:6e:0c:04:
82:06:2f:21:35:88:40:50:cb:ca:ec:b2:2b:38:42:96:6c:4e:
cb:82:76:a4:21:2e:0e:69:0f:3d:0f:7e:d1:0a:e6:42:a5:f7:
19:f8:b2:fc:3d:f7:ed:0f:a2:3c:d5:83:6a:79:7d:89:b1:05:
b7:30:f9:ae:d3:81:72:d4:4b:bf:ac:b6:66:a4:02:41:18:f6:
3b:73:f3:7d:19:8f:dd:4d:5f:60:c2:60:4f:a7:07:16:89:c6:
34:d5:27:72:93:fe:82:d1:64:ec:ca:59:39:1f:dc:32:e1:3f:
51:83:11:f3:ef:c2:ac:d1:81:4d:49:3f:9b:71:20:44:74:3f:
1c:c9:15:3a:7b:85:ac:2a:54:48:e5:bd:43:7b:59:ba:6f:f4:
d3:d0:32:50:08:08:69:20:16:12:03:82:6c:f5:30:98:71:5e:
f9:7d:d4:71
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAUoDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA0MDkzMzIyWhcNMjUwNTAxMDkzMzIyWjAYMRYw
FAYDVQQDEw02N2VmYTc2Ni02NDhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7tmLGU/n4wFviFNk1Gt3S9TTWHeW1obAj5PnQNN9LzhaltJuUH35goxu
UTSdao1tQ0P7FfyuCy3SqikBacNTX0BePwskvmFrMZHS5OPIbBQSA6EuIHI1YQM6
EwcUJhDYpoTwsKxhmrlThmPSABVD+X5m2o0LQXyZSx/8H16GHvrxHBym1blGyvvI
ej7Q55mTOyZSxyv55ELzNXDp6Mik3CM1hxJYzj4y84DNSNGi/aEt3HwGY+Yo0MfS
xZcsye9ztK/5QvNzibZwOOGnDYlUfpjXrWzsp/nJUqVsUvpVL8tFqUl10MnfGKcd
WW71I+o3KtEVWszZ3JBcZc2C8oWyUwIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFMcn
IzEL0x18tCeDCZrvEhArSqeRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQkM5MzdDQTExMzcxMUYwOTY0QjQ1NEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCnO4YAwQDnO4gAwQAnPYVAwQA
nPYXAwQAnPYfAwQAnPZXAwQAnPcQMAwDBACc9xMDBAOc9xADBASc/mAwDQYJKoZI
hvcNAQELBQADggEBAF9wVX2QubXpuT/9DWD+zAvpV5QsI/6zsm2i45+Lx5f+IOAU
1inPlQ38jieadCfWJjo+Cpz50k9iZ/MEVll2E2q6mQ5P+fIou2eFFDQCroIzeVVF
lqYRZG4MBIIGLyE1iEBQy8rssis4QpZsTsuCdqQhLg5pDz0PftEK5kKl9xn4svw9
9+0PojzVg2p5fYmxBbcw+a7TgXLUS7+stmakAkEY9jtz830Zj91NX2DCYE+nBxaJ
xjTVJ3KT/oLRZOzKWTkf3DLhP1GDEfPvwqzRgU1JP5txIER0PxzJFTp7hawqVEjl
vUN7Wbpv9NPQMlAICGkgFhIDgmz1MJhxXvl91HE=
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:12:32 2025 by rpki-client