Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B36D6D228B511F0A353FBD4DAE4EC9C.roa
File: 4B36D6D228B511F0A353FBD4DAE4EC9C.roa (raw, json)
Hash identifier: rOlx0NDMkeZz6A5Rl26zXy2c23UkiflbREG4eK429HY=
Subject key identifier: 9F:82:1D:EA:26:50:1A:56:1F:6A:A1:46:F9:FD:E4:FC:EB:D1:2D:D0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151B8
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B36D6D228B511F0A353FBD4DAE4EC9C.roa
Signing time: Sun 04 May 2025 06:59:17 +0000
ROA not before: Sun 04 May 2025 06:59:12 +0000
ROA not after: Sun 08 Jun 2025 06:59:12 +0000
asID: 49434
IP address blocks: 156.229.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86456 (0x151b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 4 06:59:12 2025 GMT
Not After : Jun 8 06:59:12 2025 GMT
Subject: CN=68171045-d246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7c:ba:c6:e5:fa:29:98:8e:bd:fd:18:a4:78:
29:7c:e1:b4:4c:eb:a6:a0:49:ba:02:f3:1d:4b:da:
bd:ca:4e:75:78:1a:b2:5e:b5:22:a7:2c:7e:0d:23:
00:22:bf:6f:64:90:48:33:c7:73:59:32:06:51:a6:
92:bd:9e:41:8a:ab:2e:50:b8:6e:b7:3e:a6:45:ac:
c9:3f:ad:cb:fd:98:19:8a:c3:74:82:29:fc:0a:de:
0b:92:6e:7a:24:38:e2:67:3b:6b:f9:e2:ca:31:40:
b8:60:f4:fc:7f:d5:ed:05:40:57:0d:77:4c:10:e5:
ff:3e:24:30:aa:06:43:fb:93:0a:21:19:27:d1:94:
6a:30:0e:01:0e:2d:9b:33:93:5f:c7:08:89:d9:9c:
7f:17:00:dc:94:32:f3:72:52:43:61:9e:df:c0:3b:
d2:b4:5f:03:69:be:98:fc:9f:99:ca:9d:3d:3b:5b:
e2:6a:6c:33:f8:bc:8e:8f:40:8a:f5:44:85:6a:c9:
16:0f:3b:6e:98:f7:1b:5f:08:31:a3:4f:7e:2a:29:
bf:96:27:e6:71:48:fc:3a:6c:40:f2:22:d1:ce:50:
bc:40:71:d7:d7:f3:2e:f5:62:c0:6b:7c:43:dc:ac:
eb:20:68:49:b2:ab:b7:f8:82:48:a9:b8:62:00:74:
e5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:82:1D:EA:26:50:1A:56:1F:6A:A1:46:F9:FD:E4:FC:EB:D1:2D:D0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4B36D6D228B511F0A353FBD4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.228.0/22
Signature Algorithm: sha256WithRSAEncryption
32:88:5e:df:30:ed:bf:32:96:c3:d7:c8:17:ab:1b:98:e5:c1:
35:ec:7c:9d:7b:48:44:be:4e:62:33:93:63:e6:46:9f:03:36:
38:4e:52:6d:f4:04:bf:59:da:dc:d7:7f:02:21:85:d9:62:26:
04:bb:8f:f7:29:4e:b3:b2:1d:5b:e4:47:dd:7d:10:e0:fe:e0:
59:85:a4:1d:ff:11:1e:e8:b1:ff:78:4d:63:61:ff:6a:38:c8:
89:7a:1a:e0:21:97:bf:19:d7:70:5f:9a:65:27:84:ef:7e:31:
09:74:5d:48:50:ca:5d:f7:ea:f2:62:73:8c:cb:53:ad:a5:52:
81:58:5f:a9:77:31:0f:12:d0:78:2e:db:6e:11:7c:6e:16:bc:
0e:3c:74:df:74:4d:7a:21:d8:28:d3:a0:7a:5f:2f:2a:1c:6d:
dd:ba:98:99:fe:72:21:63:4b:21:3e:01:c6:95:fa:4d:21:9d:
53:6c:74:92:01:4c:d0:48:9a:01:ef:2b:6a:f5:d7:5e:a3:19:
92:de:52:52:34:73:8c:db:7f:35:ba:31:1d:87:8c:92:39:9f:
12:3e:ef:4e:b6:e2:2f:99:0f:5f:37:0d:c4:15:14:b3:8f:36:
44:54:ee:33:b1:48:e3:85:23:a7:4f:42:a9:a7:2a:b9:e1:ae:
ff:ca:f0:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAVG4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA0MDY1OTEyWhcNMjUwNjA4MDY1OTEyWjAYMRYw
FAYDVQQDEw02ODE3MTA0NS1kMjQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqny6xuX6KZiOvf0YpHgpfOG0TOumoEm6AvMdS9q9yk51eBqyXrUipyx+
DSMAIr9vZJBIM8dzWTIGUaaSvZ5BiqsuULhutz6mRazJP63L/ZgZisN0gin8Ct4L
km56JDjiZztr+eLKMUC4YPT8f9XtBUBXDXdMEOX/PiQwqgZD+5MKIRkn0ZRqMA4B
Di2bM5NfxwiJ2Zx/FwDclDLzclJDYZ7fwDvStF8Dab6Y/J+Zyp09O1viamwz+LyO
j0CK9USFaskWDztumPcbXwgxo09+Kim/lifmcUj8OmxA8iLRzlC8QHHX1/Mu9WLA
a3xD3KzrIGhJsqu3+IJIqbhiAHTl9wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ+C
HeomUBpWH2qhRvn95Pzr0S3QMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QjM2RDZEMjI4QjUxMUYwQTM1M0ZCRDREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOXkMA0GCSqGSIb3DQEBCwUA
A4IBAQAyiF7fMO2/MpbD18gXqxuY5cE17Hyde0hEvk5iM5Nj5kafAzY4TlJt9AS/
Wdrc138CIYXZYiYEu4/3KU6zsh1b5EfdfRDg/uBZhaQd/xEe6LH/eE1jYf9qOMiJ
ehrgIZe/GddwX5plJ4TvfjEJdF1IUMpd9+ryYnOMy1OtpVKBWF+pdzEPEtB4Lttu
EXxuFrwOPHTfdE16Idgo06B6Xy8qHG3dupiZ/nIhY0shPgHGlfpNIZ1TbHSSAUzQ
SJoB7ytq9ddeoxmS3lJSNHOM2381ujEdh4ySOZ8SPu9OtuIvmQ9fNw3EFRSzjzZE
VO4zsUjjhSOnT0Kppyq54a7/yvA+
-----END CERTIFICATE-----
Generated at Mon May 12 15:07:08 2025 by rpki-client