Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9CBA3A025DD11F0B81BB2C9DAE4EC9C.roa
File: B9CBA3A025DD11F0B81BB2C9DAE4EC9C.roa (raw, json)
Hash identifier: qAGsiBDUR05CLXhbF1sQ0cbNmvu+d+1cLQHrkPH8Pbo=
Subject key identifier: E6:34:69:19:C3:CE:00:1A:27:CB:9E:1E:1F:B5:AE:47:0A:92:50:BA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015091
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9CBA3A025DD11F0B81BB2C9DAE4EC9C.roa
Signing time: Wed 30 Apr 2025 16:11:09 +0000
ROA not before: Wed 30 Apr 2025 16:11:03 +0000
ROA not after: Fri 14 Apr 2028 16:11:03 +0000
asID: 17561
IP address blocks: 156.235.139.0/24 maxlen: 24
156.235.140.0/24 maxlen: 24
156.235.141.0/24 maxlen: 24
156.235.142.0/24 maxlen: 24
156.235.143.0/24 maxlen: 24
156.235.144.0/24 maxlen: 24
156.235.145.0/24 maxlen: 24
156.235.146.0/24 maxlen: 24
156.235.147.0/24 maxlen: 24
156.235.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86161 (0x15091)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 30 16:11:03 2025 GMT
Not After : Apr 14 16:11:03 2028 GMT
Subject: CN=68124b9d-fbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d6:69:06:ff:1f:9f:3c:d5:a7:cc:83:50:95:
3d:86:66:1c:4c:51:5a:3b:fa:bc:5f:38:2f:0f:ad:
cf:30:ac:ab:9a:ac:f7:e4:09:2e:ab:42:d3:49:16:
12:4d:8b:b2:d5:f6:05:ec:49:03:97:7f:51:0d:d4:
e8:8f:e3:f5:63:a8:b2:e3:de:db:4a:cf:f8:b9:84:
ce:ca:b1:aa:84:1d:cc:82:59:51:42:ba:1c:94:10:
ee:75:0b:ad:b5:0f:cb:ef:c1:55:72:d9:de:bc:33:
0b:5a:ce:3e:4e:03:d8:2c:a4:80:5d:41:dc:db:a9:
8f:92:47:e7:69:17:7e:1c:e2:d0:31:f7:b4:cb:4f:
52:38:f0:8c:66:6b:c6:b1:dd:f0:24:4f:5e:cf:17:
97:f2:d7:1c:eb:46:59:14:db:8f:4c:40:fa:a5:a7:
03:ba:ed:dd:ef:cb:1d:9c:8b:41:7d:c4:af:fd:b3:
1b:4d:d9:ee:e7:76:74:6f:e3:4a:8f:51:74:dd:ac:
0e:ef:7b:ce:73:dd:7b:67:84:da:79:e9:b5:16:cf:
2e:93:07:e8:90:ad:c4:e8:eb:d1:72:94:cd:59:85:
33:35:4e:c1:d6:c3:b5:ed:9e:a1:f2:1c:45:ce:62:
88:bb:99:02:8b:21:34:69:64:c5:e9:bd:38:f7:b3:
99:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:34:69:19:C3:CE:00:1A:27:CB:9E:1E:1F:B5:AE:47:0A:92:50:BA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B9CBA3A025DD11F0B81BB2C9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.139.0-156.235.148.255
Signature Algorithm: sha256WithRSAEncryption
6e:a6:9e:15:b3:b3:45:4c:60:f2:6b:14:cc:a8:5a:33:f2:48:
da:10:28:e7:f3:dd:f0:5b:85:5c:7c:75:05:0e:36:f8:e2:bd:
f1:48:89:ca:cd:d8:a6:16:32:20:34:1c:d8:1f:5f:fe:cb:28:
5d:2a:ca:ca:d8:48:f5:58:f1:26:b8:b5:0a:70:f8:8d:5f:a7:
86:b8:1a:1f:3d:96:f6:e6:9d:2e:da:d1:c7:31:2c:ff:7b:b3:
a9:ed:1b:71:05:89:75:48:94:a8:23:fb:1f:99:72:b4:23:2f:
64:91:25:94:0e:af:bf:aa:6f:63:3d:77:2c:fe:20:cf:2a:4f:
74:75:b3:ec:b6:8d:7c:fe:aa:4f:70:10:19:26:e7:ad:e6:b0:
27:f5:07:e3:1e:c2:2f:a8:d2:c0:f5:3d:4c:b8:b4:6e:97:c7:
35:34:01:ea:eb:a4:e1:a9:b8:30:ac:b2:ff:cf:68:db:4e:83:
ae:67:7c:c1:a2:24:6c:18:e2:62:ce:7e:aa:d4:1f:68:27:f7:
af:f9:b2:c0:40:33:74:df:5e:87:d9:25:dc:7e:e4:50:eb:77:
8b:50:c6:52:ce:8e:de:ea:28:5a:10:1d:90:62:4d:eb:d5:b0:
c5:34:e7:7a:be:80:77:41:76:f2:a7:b1:2f:55:19:ca:7e:4a:
83:d9:f5:07
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAVCRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDMwMTYxMTAzWhcNMjgwNDE0MTYxMTAzWjAYMRYw
FAYDVQQDEw02ODEyNGI5ZC1mYmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtZpBv8fnzzVp8yDUJU9hmYcTFFaO/q8XzgvD63PMKyrmqz35Akuq0LT
SRYSTYuy1fYF7EkDl39RDdToj+P1Y6iy497bSs/4uYTOyrGqhB3MgllRQroclBDu
dQuttQ/L78FVctnevDMLWs4+TgPYLKSAXUHc26mPkkfnaRd+HOLQMfe0y09SOPCM
ZmvGsd3wJE9ezxeX8tcc60ZZFNuPTED6pacDuu3d78sdnItBfcSv/bMbTdnu53Z0
b+NKj1F03awO73vOc917Z4Taeem1Fs8ukwfokK3E6OvRcpTNWYUzNU7B1sO17Z6h
8hxFzmKIu5kCiyE0aWTF6b0497OZhwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFOY0
aRnDzgAaJ8ueHh+1rkcKklC6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COUNCQTNBMDI1REQxMUYwQjgxQkIyQzlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACc64sDBACc65QwDQYJKoZI
hvcNAQELBQADggEBAG6mnhWzs0VMYPJrFMyoWjPySNoQKOfz3fBbhVx8dQUONvji
vfFIicrN2KYWMiA0HNgfX/7LKF0qysrYSPVY8Sa4tQpw+I1fp4a4Gh89lvbmnS7a
0ccxLP97s6ntG3EFiXVIlKgj+x+ZcrQjL2SRJZQOr7+qb2M9dyz+IM8qT3R1s+y2
jXz+qk9wEBkm563msCf1B+Mewi+o0sD1PUy4tG6XxzU0AerrpOGpuDCssv/PaNtO
g65nfMGiJGwY4mLOfqrUH2gn96/5ssBAM3TfXofZJdx+5FDrd4tQxlLOjt7qKFoQ
HZBiTevVsMU053q+gHdBdvKnsS9VGcp+SoPZ9Qc=
-----END CERTIFICATE-----
Generated at Mon May 12 21:37:13 2025 by rpki-client