Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40FAFDE825E911F098952995DAE4EC9C.roa
File: 40FAFDE825E911F098952995DAE4EC9C.roa (raw, json)
Hash identifier: VV/F0l7k+6oK8LHmknJKSQFB/GqX86Jxozmc7sGa9qM=
Subject key identifier: 86:43:F3:B3:4B:C1:D3:DD:B7:59:72:65:BD:F5:FB:91:74:9D:72:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0150A9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40FAFDE825E911F098952995DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 17:33:40 +0000
ROA not before: Wed 30 Apr 2025 17:33:35 +0000
ROA not after: Fri 14 Apr 2028 17:33:35 +0000
asID: 17561
IP address blocks: 156.237.132.0/24 maxlen: 24
156.237.133.0/24 maxlen: 24
156.237.135.0/24 maxlen: 24
156.237.136.0/24 maxlen: 24
156.237.137.0/24 maxlen: 24
156.237.138.0/24 maxlen: 24
156.237.140.0/24 maxlen: 24
156.237.141.0/24 maxlen: 24
156.237.142.0/24 maxlen: 24
156.237.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 15 May 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86185 (0x150a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 17:33:35 2025 GMT
Not After : Apr 14 17:33:35 2028 GMT
Subject: CN=68125ef4-95f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8d:5a:5b:69:b2:e0:7d:b3:e4:23:48:cf:3d:
5b:fe:bc:6b:f9:c9:07:f9:3c:41:5d:41:0c:d8:4f:
72:81:73:39:2b:be:c5:9e:0f:2a:b1:34:90:a1:40:
38:f9:6f:ef:9b:ac:eb:f7:56:6e:d8:7e:29:a3:a9:
3c:13:de:fd:20:6e:4b:b7:53:75:b2:57:ec:59:bd:
da:de:58:a7:20:42:ae:74:be:b9:8b:19:55:86:e0:
01:13:c7:a0:f1:6d:8e:bb:e5:c9:5c:14:22:21:79:
7b:10:ab:c5:89:56:4a:71:38:16:89:4a:ac:a4:26:
e3:da:4a:61:df:79:de:bf:79:af:02:58:71:55:af:
de:b3:20:0c:99:ac:4a:0b:97:f7:0a:4d:94:11:ec:
a1:78:80:db:32:df:48:ad:29:89:68:09:2d:60:02:
43:d5:bc:1b:62:64:77:43:9b:07:56:cf:8a:61:7a:
cf:d9:2a:25:74:4d:88:31:91:b4:46:98:3b:e4:83:
11:d8:f1:85:a7:0d:9b:41:ea:4f:07:89:6e:22:2b:
46:9c:f1:cc:c6:af:01:09:fb:0b:22:82:5b:42:69:
7d:94:67:4c:f5:30:41:23:48:ff:08:96:87:c5:f2:
63:fa:0c:d0:0d:6d:ea:a7:0b:55:07:5d:7b:fb:ae:
ae:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:43:F3:B3:4B:C1:D3:DD:B7:59:72:65:BD:F5:FB:91:74:9D:72:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40FAFDE825E911F098952995DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.132.0/23
156.237.135.0-156.237.138.255
156.237.140.0/22
Signature Algorithm: sha256WithRSAEncryption
73:8f:c9:14:c2:fc:34:8e:0c:c4:7e:1a:01:b2:cb:a2:85:b5:
e4:2a:6e:15:32:18:8a:16:b4:63:2b:96:e3:4c:63:51:2e:1e:
95:f8:50:48:95:5d:4e:97:0b:c7:a9:b3:f0:98:67:d0:d8:92:
3d:6d:6d:66:a8:89:70:df:1f:ca:74:6f:a6:59:ad:7a:65:ce:
2c:f9:3b:58:47:23:e9:75:aa:96:ad:5b:8a:d6:2e:da:7a:d0:
58:8c:92:e3:06:75:a3:32:22:ff:83:a5:4e:04:9c:13:87:cb:
fb:8e:d5:a1:5e:dc:7a:dd:18:7b:fa:ad:8b:32:22:a6:06:7a:
6d:de:37:b0:f7:11:1b:3e:11:51:3e:45:24:1a:e3:1a:0d:3f:
33:04:2c:60:a2:40:94:83:b7:29:da:e3:90:65:56:9d:01:3f:
4c:95:63:c5:ce:37:b8:1f:f5:0d:d5:38:3b:03:59:6a:c0:7c:
06:c6:3f:6d:68:3d:ef:a5:66:9f:05:c9:9b:cc:ce:af:ce:4f:
42:7f:a3:42:ed:75:ff:8f:16:b6:d0:34:95:74:75:80:49:1a:
03:b1:10:fb:32:d4:20:d8:6e:ac:76:cc:69:69:99:fe:27:9a:
ea:c6:f4:84:98:8a:e8:e6:9d:4a:61:4c:a0:23:7a:59:c1:af:
24:1a:bb:94
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIDAVCpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMTczMzM1WhcNMjgwNDE0MTczMzM1WjAYMRYw
FAYDVQQDEw02ODEyNWVmNC05NWYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu41aW2my4H2z5CNIzz1b/rxr+ckH+TxBXUEM2E9ygXM5K77Fng8qsTSQ
oUA4+W/vm6zr91Zu2H4po6k8E979IG5Lt1N1slfsWb3a3linIEKudL65ixlVhuAB
E8eg8W2Ou+XJXBQiIXl7EKvFiVZKcTgWiUqspCbj2kph33nev3mvAlhxVa/esyAM
maxKC5f3Ck2UEeyheIDbMt9IrSmJaAktYAJD1bwbYmR3Q5sHVs+KYXrP2SoldE2I
MZG0Rpg75IMR2PGFpw2bQepPB4luIitGnPHMxq8BCfsLIoJbQml9lGdM9TBBI0j/
CJaHxfJj+gzQDW3qpwtVB117+66uewIDAQABo4ICtjCCArIwHQYDVR0OBBYEFIZD
87NLwdPdt1lyZb31+5F0nXKqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MEZBRkRFODI1RTkxMUYwOTg5NTI5OTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBnO2EMAwDBACc7YcDBACc7YoD
BAKc7YwwDQYJKoZIhvcNAQELBQADggEBAHOPyRTC/DSODMR+GgGyy6KFteQqbhUy
GIoWtGMrluNMY1EuHpX4UEiVXU6XC8eps/CYZ9DYkj1tbWaoiXDfH8p0b6ZZrXpl
ziz5O1hHI+l1qpatW4rWLtp60FiMkuMGdaMyIv+DpU4EnBOHy/uO1aFe3HrdGHv6
rYsyIqYGem3eN7D3ERs+EVE+RSQa4xoNPzMELGCiQJSDtyna45BlVp0BP0yVY8XO
N7gf9Q3VODsDWWrAfAbGP21oPe+lZp8FyZvMzq/OT0J/o0Ltdf+PFrbQNJV0dYBJ
GgOxEPsy1CDYbqx2zGlpmf4nmurG9ISYiujmnUphTKAjelnBryQau5Q=
-----END CERTIFICATE-----
Generated at Tue May 13 07:56:45 2025 by rpki-client