Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/250C7A24244211F0AF867784DAE4EC9C.roa
File: 250C7A24244211F0AF867784DAE4EC9C.roa (raw, json)
Hash identifier: BXsVdw9RC4FoX2t0UOof8NC/g+Fe5f6G8Fuzs1DPxt8=
Subject key identifier: BA:89:B1:6E:88:3B:A7:AE:92:31:DD:FF:04:EF:C8:19:C6:11:87:47
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014F8D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/250C7A24244211F0AF867784DAE4EC9C.roa
Signing time: Mon 28 Apr 2025 15:04:56 +0000
ROA not before: Mon 28 Apr 2025 15:04:51 +0000
ROA not after: Tue 28 Apr 2026 15:04:51 +0000
asID: 984
IP address blocks: 156.246.39.0/24 maxlen: 24
156.246.40.0/24 maxlen: 24
156.246.42.0/24 maxlen: 24
156.246.49.0/24 maxlen: 24
156.246.51.0/24 maxlen: 24
156.246.52.0/24 maxlen: 24
156.246.53.0/24 maxlen: 24
156.246.56.0/24 maxlen: 24
156.246.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85901 (0x14f8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 28 15:04:51 2025 GMT
Not After : Apr 28 15:04:51 2026 GMT
Subject: CN=680f9918-737e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:df:a9:43:f0:12:40:7b:1b:1c:e4:99:fa:a8:
dc:a3:d2:74:32:52:01:bf:87:4c:7f:07:09:58:6a:
10:8c:f6:41:96:3b:56:8f:e8:c6:ab:d3:4f:da:d2:
21:cb:55:0f:fa:a6:af:19:38:5a:eb:2d:75:e7:f0:
cb:20:44:a5:d4:93:1e:71:5e:be:61:57:b8:9d:90:
95:21:0b:d7:b1:77:45:41:36:c0:7a:d9:b8:57:c4:
39:17:fc:33:7e:a7:09:28:ba:bc:18:15:ec:6f:c0:
00:45:82:b4:36:15:4c:46:42:2e:dd:8c:72:f1:17:
bb:06:48:d3:29:48:f3:d2:a8:a6:7b:bb:d7:c8:39:
a6:e6:20:92:73:9c:a2:04:ce:ab:db:54:f3:8c:d4:
41:89:21:a1:19:98:74:6f:6c:6e:fa:64:1d:9c:49:
e6:d6:b9:86:62:23:ef:9b:ce:94:d5:18:dd:5d:7f:
e2:1b:12:aa:67:d2:d2:37:21:43:85:54:23:cd:92:
9d:11:ee:60:44:75:3b:9e:f2:bd:87:4b:f6:79:89:
09:eb:2b:6b:cf:a9:e6:7d:69:a1:28:6b:26:06:ea:
9d:51:1d:b9:15:07:20:e8:80:fb:f6:a7:b7:d1:94:
62:44:0c:85:37:0f:a7:4c:c0:7b:9b:2d:b8:3a:3d:
f8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:89:B1:6E:88:3B:A7:AE:92:31:DD:FF:04:EF:C8:19:C6:11:87:47
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/250C7A24244211F0AF867784DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.39.0-156.246.40.255
156.246.42.0/24
156.246.49.0/24
156.246.51.0-156.246.53.255
156.246.56.0/23
Signature Algorithm: sha256WithRSAEncryption
71:8d:d5:96:dd:5d:be:0d:a2:d4:b0:06:59:9e:98:ed:56:df:
08:b4:2b:db:ed:1f:79:43:05:ad:f6:e0:4b:c0:d2:c4:53:87:
68:01:2f:61:85:6c:35:7c:05:32:91:62:a5:f6:71:d4:f6:72:
c1:4c:c2:10:5d:3c:e5:ab:a0:12:62:cb:3c:f6:59:18:b6:a9:
23:05:a5:aa:a0:4b:7d:ec:50:6a:5b:d8:05:ea:c5:f7:10:03:
05:08:dc:c9:d4:4d:42:8e:68:da:36:de:7c:dc:78:d3:60:ed:
2c:e1:9a:95:85:4d:1d:51:aa:97:92:ba:67:b2:54:4c:dc:18:
c9:4b:ac:9c:dc:4f:45:62:1d:b5:ff:06:fc:58:e8:ee:45:30:
39:93:e4:a9:8a:54:e9:61:a4:d9:66:19:84:58:5d:d9:4a:68:
6a:4e:24:98:6a:09:d4:2e:ba:aa:a0:a7:61:f4:59:4b:2c:33:
36:86:a4:68:47:eb:fd:55:bb:fa:8e:76:48:19:7c:07:ad:ff:
3e:93:e0:1c:7c:1a:c5:53:0c:3b:6c:60:0c:bd:23:71:35:85:
3c:c3:a2:84:e7:15:a9:28:c4:d2:ea:b2:dd:1b:eb:8c:53:23:
aa:4c:6d:0d:f9:ac:8d:be:7d:29:ef:ad:5f:be:2f:dc:21:1e:
3a:0a:1a:03
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAU+NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDI4MTUwNDUxWhcNMjYwNDI4MTUwNDUxWjAYMRYw
FAYDVQQDEw02ODBmOTkxOC03MzdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlN+pQ/ASQHsbHOSZ+qjco9J0MlIBv4dMfwcJWGoQjPZBljtWj+jGq9NP
2tIhy1UP+qavGTha6y115/DLIESl1JMecV6+YVe4nZCVIQvXsXdFQTbAetm4V8Q5
F/wzfqcJKLq8GBXsb8AARYK0NhVMRkIu3Yxy8Re7BkjTKUjz0qime7vXyDmm5iCS
c5yiBM6r21TzjNRBiSGhGZh0b2xu+mQdnEnm1rmGYiPvm86U1RjdXX/iGxKqZ9LS
NyFDhVQjzZKdEe5gRHU7nvK9h0v2eYkJ6ytrz6nmfWmhKGsmBuqdUR25FQcg6ID7
9qe30ZRiRAyFNw+nTMB7my24Oj34NQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFLqJ
sW6IO6eukjHd/wTvyBnGEYdHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNTBDN0EyNDI0NDIxMUYwQUY4Njc3ODREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBACc9icDBACc9igDBACc9ioD
BACc9jEwDAMEAJz2MwMEAZz2NAMEAZz2ODANBgkqhkiG9w0BAQsFAAOCAQEAcY3V
lt1dvg2i1LAGWZ6Y7VbfCLQr2+0feUMFrfbgS8DSxFOHaAEvYYVsNXwFMpFipfZx
1PZywUzCEF085augEmLLPPZZGLapIwWlqqBLfexQalvYBerF9xADBQjcydRNQo5o
2jbefNx402DtLOGalYVNHVGql5K6Z7JUTNwYyUusnNxPRWIdtf8G/Fjo7kUwOZPk
qYpU6WGk2WYZhFhd2Upoak4kmGoJ1C66qqCnYfRZSywzNoakaEfr/VW7+o52SBl8
B63/PpPgHHwaxVMMO2xgDL0jcTWFPMOihOcVqSjE0uqy3RvrjFMjqkxtDfmsjb59
Ke+tX74v3CEeOgoaAw==
-----END CERTIFICATE-----
Generated at Sun May 11 04:55:38 2025 by rpki-client