Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1460C7EA28C811F0A30379D1DAE4EC9C.roa
File: 1460C7EA28C811F0A30379D1DAE4EC9C.roa (raw, json)
Hash identifier: ZHGbH5tFps5Nja2X8IM/ek50obZpfjFxOl74xXg+BUI=
Subject key identifier: CB:49:7A:22:DD:E8:89:53:A1:1D:81:B3:54:45:D7:BE:C3:7A:41:06
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151DA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1460C7EA28C811F0A30379D1DAE4EC9C.roa
Signing time: Sun 04 May 2025 09:13:45 +0000
ROA not before: Sun 04 May 2025 09:13:41 +0000
ROA not after: Wed 11 Jun 2025 09:13:41 +0000
asID: 57043
IP address blocks: 156.229.120.0/24 maxlen: 24
156.229.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 07 May 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86490 (0x151da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 4 09:13:41 2025 GMT
Not After : Jun 11 09:13:41 2025 GMT
Subject: CN=68172fc9-37fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:da:51:45:80:4c:6f:b0:cc:0b:a2:51:20:
50:64:6c:99:30:35:8b:a8:b9:9d:f0:1e:e5:73:98:
13:6d:0b:5b:57:23:c8:28:1c:9d:7d:d8:6b:2a:ef:
e0:9a:e0:ae:2d:22:59:97:33:32:09:8c:31:be:b8:
c1:34:9c:ca:ea:56:2a:5c:55:c0:de:c8:ac:1b:87:
8b:e8:e7:1a:f7:b1:36:c1:2a:59:0d:e9:4d:e9:8b:
72:1a:32:13:db:b8:08:bd:2e:29:29:70:3d:43:82:
8e:98:cf:91:d9:a1:b7:92:8c:ad:67:2e:61:24:fd:
bf:ea:3f:20:7a:64:9b:dc:67:d8:4e:76:fd:7f:32:
d8:3f:04:fa:26:7f:d5:1f:75:f8:1b:e3:ff:3d:f4:
fe:95:a5:1f:b6:32:17:29:5e:31:5a:0a:64:6e:c3:
f4:d6:36:ec:4b:8d:ca:df:5c:aa:ec:74:12:5a:50:
58:bd:f4:d4:89:7f:06:f3:b1:8e:fb:7f:66:99:8c:
26:f8:f4:93:8c:ab:94:8a:ff:da:f5:ca:ab:5f:ca:
1c:44:58:4a:f1:07:07:67:bf:23:14:2a:5c:52:15:
86:db:93:56:31:c9:f9:7e:ee:d4:82:e6:c6:15:d6:
f1:a4:d2:9f:40:b1:4a:1e:8d:ec:2a:01:95:f2:2e:
9e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:49:7A:22:DD:E8:89:53:A1:1D:81:B3:54:45:D7:BE:C3:7A:41:06
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1460C7EA28C811F0A30379D1DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.120.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:95:5d:4d:7b:84:2f:9e:c0:fb:2b:e0:62:90:0d:b4:e8:b3:
dc:22:87:17:1d:19:15:8c:f8:89:db:17:ef:93:ea:f4:15:c3:
f9:2b:04:f7:e2:3a:05:33:01:4d:3f:91:ed:48:72:37:8b:04:
f2:1c:b5:06:89:fa:22:c5:ea:19:64:99:48:41:62:a9:3d:20:
bd:f1:f3:17:c0:ee:8c:0d:06:8a:20:86:1d:95:19:e7:57:9b:
cd:1b:3b:bd:1f:df:75:94:b0:cf:79:2f:c7:2d:5f:0c:82:75:
67:98:b9:ed:16:35:05:32:2d:77:cb:c8:61:e6:6a:ca:e4:3c:
65:81:0d:d7:0d:aa:15:35:66:7e:54:b9:62:66:dd:3e:f5:4d:
2c:ca:ef:0a:fe:97:b1:92:2e:fa:b7:63:05:0d:70:aa:a7:e7:
72:10:43:67:09:0a:5f:85:8c:4c:1d:e2:a4:5b:2f:72:91:7e:
1e:71:7b:84:86:23:6f:ae:d9:11:d2:4c:8e:0c:2b:5e:10:09:
44:5e:b7:bf:1e:5a:59:8c:b2:6f:da:91:76:79:9a:b3:5b:ac:
3b:f4:25:2a:e1:bd:45:f8:3e:42:bd:99:f6:ed:e8:9d:8d:ae:
b2:66:8b:e5:13:53:cf:9e:b1:6a:88:d1:76:74:bc:28:7f:3b:
a8:93:c0:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVHaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA0MDkxMzQxWhcNMjUwNjExMDkxMzQxWjAYMRYw
FAYDVQQDEw02ODE3MmZjOS0zN2ZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx3jaUUWATG+wzAuiUSBQZGyZMDWLqLmd8B7lc5gTbQtbVyPIKBydfdhr
Ku/gmuCuLSJZlzMyCYwxvrjBNJzK6lYqXFXA3sisG4eL6Oca97E2wSpZDelN6Yty
GjIT27gIvS4pKXA9Q4KOmM+R2aG3koytZy5hJP2/6j8gemSb3GfYTnb9fzLYPwT6
Jn/VH3X4G+P/PfT+laUftjIXKV4xWgpkbsP01jbsS43K31yq7HQSWlBYvfTUiX8G
87GO+39mmYwm+PSTjKuUiv/a9cqrX8ocRFhK8QcHZ78jFCpcUhWG25NWMcn5fu7U
gubGFdbxpNKfQLFKHo3sKgGV8i6eaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMtJ
eiLd6IlToR2Bs1RF177DekEGMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNDYwQzdFQTI4QzgxMUYwQTMwMzc5RDFEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOV4MA0GCSqGSIb3DQEBCwUA
A4IBAQArlV1Ne4QvnsD7K+BikA206LPcIocXHRkVjPiJ2xfvk+r0FcP5KwT34joF
MwFNP5HtSHI3iwTyHLUGifoixeoZZJlIQWKpPSC98fMXwO6MDQaKIIYdlRnnV5vN
Gzu9H991lLDPeS/HLV8MgnVnmLntFjUFMi13y8hh5mrK5DxlgQ3XDaoVNWZ+VLli
Zt0+9U0syu8K/pexki76t2MFDXCqp+dyEENnCQpfhYxMHeKkWy9ykX4ecXuEhiNv
rtkR0kyODCteEAlEXre/HlpZjLJv2pF2eZqzW6w79CUq4b1F+D5CvZn27eidja6y
ZovlE1PPnrFqiNF2dLwofzuok8BO
-----END CERTIFICATE-----
Generated at Mon May 5 12:12:45 2025 by rpki-client