Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00538DEA24D211F0AC551FD0DAE4EC9C.roa
File: 00538DEA24D211F0AC551FD0DAE4EC9C.roa (raw, json)
Hash identifier: JQ8UUfEQqVkhFqwhg/y8exfUbtsu4s57gs1kOY1EZiY=
Subject key identifier: 12:2B:58:28:02:5F:5E:42:85:15:89:25:26:55:71:63:7F:C8:C7:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01502D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00538DEA24D211F0AC551FD0DAE4EC9C.roa
Signing time: Tue 29 Apr 2025 08:14:42 +0000
ROA not before: Tue 29 Apr 2025 08:14:37 +0000
ROA not after: Tue 07 Oct 2025 08:14:37 +0000
asID: 141167
IP address blocks: 156.228.3.0/24 maxlen: 24
156.238.2.0/23 maxlen: 24
156.254.120.0/22 maxlen: 24
156.254.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 12 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86061 (0x1502d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 29 08:14:37 2025 GMT
Not After : Oct 7 08:14:37 2025 GMT
Subject: CN=68108a72-713f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5a:8e:af:01:9f:81:2d:fc:de:ac:43:55:3a:
c5:e7:e8:64:8b:54:56:ee:c4:23:58:12:b8:cd:90:
d4:87:f3:7f:5e:7e:0e:b8:b2:58:e6:fe:92:31:6b:
42:f7:21:84:79:96:1b:e7:a5:97:b1:86:40:2e:39:
a2:50:bb:f1:75:4e:ac:c9:e9:c8:b1:dd:da:13:2e:
5b:e1:3f:cc:c5:14:2a:b6:1b:5e:51:66:41:1d:f4:
43:fa:df:ec:f4:53:8b:56:ed:eb:00:97:06:a4:d8:
0b:07:78:9a:81:92:bf:0f:ab:31:e3:55:19:99:0c:
90:c7:1f:a0:c8:c6:93:b4:f9:1f:5d:f0:a1:76:4a:
55:5c:11:6f:b8:cb:34:06:ca:97:aa:ef:44:cb:7f:
a8:61:8f:43:ab:c0:73:59:e0:d0:d2:76:4c:43:34:
55:d2:58:7d:f2:70:63:16:50:87:fa:56:fb:7e:49:
2e:c2:4c:33:ef:06:e1:96:2b:46:47:2a:de:46:f3:
0d:4b:c4:4a:89:f1:d8:40:5f:2f:ae:c7:6f:ac:62:
b9:ca:62:0b:73:80:9e:91:4d:0a:70:80:5e:e3:0e:
d9:8e:19:93:37:d9:34:02:a5:95:fa:9a:b2:d3:81:
4b:b4:e4:40:29:c7:c5:da:b5:49:14:f3:81:88:4c:
83:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:2B:58:28:02:5F:5E:42:85:15:89:25:26:55:71:63:7F:C8:C7:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/00538DEA24D211F0AC551FD0DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.3.0/24
156.238.2.0/23
156.254.120.0-156.254.125.255
Signature Algorithm: sha256WithRSAEncryption
76:cc:be:76:fa:a7:f4:67:e3:8e:47:36:5f:e7:73:5f:ad:48:
a6:78:2e:08:6a:a4:2c:b6:9c:a6:77:39:b6:c0:4e:cf:d5:01:
36:2e:76:03:54:90:56:1b:9b:f4:e6:9e:40:a2:e2:24:88:2d:
47:53:08:4d:74:52:83:7f:34:3a:a7:8c:ce:43:8d:2b:f6:be:
21:f6:53:80:e7:d8:a2:09:16:3d:79:5c:dd:af:10:74:2c:75:
82:aa:bd:54:85:f8:52:63:ed:68:f5:41:f8:89:d9:f9:4b:69:
93:57:01:c3:d5:d2:b4:6b:59:0c:d4:ec:f9:19:8b:18:96:0c:
b6:a5:6a:ff:e1:4a:0b:84:f3:c1:69:3b:91:b3:ad:84:01:8a:
b3:a6:32:7f:d0:6b:45:9b:61:15:6d:13:83:fe:bf:ad:c2:af:
dc:41:8a:55:ed:f4:86:c3:0f:a5:ca:c0:53:7a:4c:dc:a2:12:
4c:a7:72:16:c7:1c:b4:0f:88:4e:0e:91:f2:81:04:88:fe:e0:
34:be:68:b8:1f:f1:5e:51:99:76:4a:06:07:39:53:e6:71:85:
83:94:80:cc:35:80:e5:97:89:21:a6:bc:34:cd:10:4e:80:21:
96:ff:e0:7c:24:0f:51:10:f6:d9:12:9e:02:f5:f4:43:33:36:
2b:8c:8e:1d
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAVAtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI5MDgxNDM3WhcNMjUxMDA3MDgxNDM3WjAYMRYw
FAYDVQQDEw02ODEwOGE3Mi03MTNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt1qOrwGfgS383qxDVTrF5+hki1RW7sQjWBK4zZDUh/N/Xn4OuLJY5v6S
MWtC9yGEeZYb56WXsYZALjmiULvxdU6syenIsd3aEy5b4T/MxRQqthteUWZBHfRD
+t/s9FOLVu3rAJcGpNgLB3iagZK/D6sx41UZmQyQxx+gyMaTtPkfXfChdkpVXBFv
uMs0BsqXqu9Ey3+oYY9Dq8BzWeDQ0nZMQzRV0lh98nBjFlCH+lb7fkkuwkwz7wbh
litGRyreRvMNS8RKifHYQF8vrsdvrGK5ymILc4CekU0KcIBe4w7ZjhmTN9k0AqWV
+pqy04FLtORAKcfF2rVJFPOBiEyDnwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFBIr
WCgCX15ChRWJJSZVcWN/yMfHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMDUzOERFQTI0RDIxMUYwQUM1NTFGRDBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAnOQDAwQBnO4CMAwDBAOc/ngD
BAGc/nwwDQYJKoZIhvcNAQELBQADggEBAHbMvnb6p/Rn445HNl/nc1+tSKZ4Lghq
pCy2nKZ3ObbATs/VATYudgNUkFYbm/TmnkCi4iSILUdTCE10UoN/NDqnjM5DjSv2
viH2U4Dn2KIJFj15XN2vEHQsdYKqvVSF+FJj7Wj1QfiJ2flLaZNXAcPV0rRrWQzU
7PkZixiWDLalav/hSguE88FpO5GzrYQBirOmMn/Qa0WbYRVtE4P+v63Cr9xBilXt
9IbDD6XKwFN6TNyiEkynchbHHLQPiE4OkfKBBIj+4DS+aLgf8V5RmXZKBgc5U+Zx
hYOUgMw1gOWXiSGmvDTNEE6AIZb/4HwkD1EQ9tkSngL19EMzNiuMjh0=
-----END CERTIFICATE-----
Generated at Sat May 10 21:05:08 2025 by rpki-client