Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB11D05A297A11F0A241AC80DAE4EC9C.roa
File: FB11D05A297A11F0A241AC80DAE4EC9C.roa (raw, json)
Hash identifier: u64YoeWa3UFh2VNy1RBdMbN7M6PE5VwJWV1kajc8kSY=
Subject key identifier: AA:D1:AC:C3:24:89:D5:D6:20:63:F4:35:23:57:46:A4:30:CF:9F:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0151ED
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB11D05A297A11F0A241AC80DAE4EC9C.roa
Signing time: Mon 05 May 2025 06:34:23 +0000
ROA not before: Mon 05 May 2025 06:34:18 +0000
ROA not after: Mon 09 Jun 2025 06:34:18 +0000
asID: 141883
IP address blocks: 156.240.0.0/19 maxlen: 24
156.240.32.0/20 maxlen: 24
156.240.48.0/21 maxlen: 24
156.242.10.0/23 maxlen: 24
156.242.12.0/22 maxlen: 24
156.246.0.0/20 maxlen: 24
156.246.16.0/23 maxlen: 24
156.249.28.0/22 maxlen: 24
156.255.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 14 May 2025 00:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86509 (0x151ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 5 06:34:18 2025 GMT
Not After : Jun 9 06:34:18 2025 GMT
Subject: CN=68185bef-74db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fa:80:fd:d9:4f:d4:34:4f:8b:52:bc:a7:cb:
25:ae:77:b5:e8:0d:4c:15:74:79:8e:4a:97:c2:9e:
70:bf:dc:91:3a:55:7f:08:73:a6:5f:c5:1b:7c:22:
9d:eb:6b:8b:e6:ba:d0:48:62:8a:69:85:0d:c4:d7:
f0:ac:de:b5:19:37:31:c8:d4:64:51:c4:b9:10:da:
96:d8:4b:6d:22:bc:d1:6f:2b:db:a0:3a:73:76:ed:
0a:cb:7e:31:4a:ad:ac:41:89:60:b0:17:45:5a:af:
90:a0:47:23:88:78:6e:dd:8d:22:d5:b5:0c:5c:85:
ee:2c:c5:fc:e8:2d:64:49:cd:d7:85:bf:bf:f5:d1:
cc:7f:6e:84:bc:6b:74:33:ff:51:43:1d:64:7d:b4:
80:6e:4e:ae:98:2a:21:4e:aa:bd:98:2b:ef:1f:a6:
7f:6e:20:8c:ff:89:16:45:b3:5a:4d:ed:4c:1f:30:
5c:b0:44:78:92:0f:29:fd:bc:8c:c0:0d:4f:7a:29:
26:06:30:b5:99:f7:40:32:a0:0b:0f:db:2c:5d:ea:
a6:19:1d:c1:01:c2:70:b7:9d:5a:19:fb:3c:5b:5c:
7c:2b:11:56:3b:14:b5:6e:7d:ad:f5:1a:c4:7b:d7:
8f:46:d7:d6:f5:fb:ce:90:42:eb:7c:9d:99:73:60:
9e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D1:AC:C3:24:89:D5:D6:20:63:F4:35:23:57:46:A4:30:CF:9F:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB11D05A297A11F0A241AC80DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.0.0-156.240.55.255
156.242.10.0-156.242.15.255
156.246.0.0-156.246.17.255
156.249.28.0/22
156.255.0.0/24
Signature Algorithm: sha256WithRSAEncryption
73:3b:ad:cd:05:cc:96:5f:87:e9:5c:8e:52:66:58:22:b3:f4:
b5:e6:e4:b4:e9:fc:73:d6:43:6f:40:e1:13:75:e0:5f:28:bd:
e9:c8:21:8a:ca:aa:83:f5:ed:83:fb:8e:62:42:a8:13:f2:6b:
f1:71:ef:40:0b:93:7c:b6:83:81:28:f2:1b:a2:62:5e:4e:87:
70:f0:ea:39:99:ac:90:d3:7f:7c:7a:b7:0c:66:23:c8:4f:d7:
0b:eb:ce:86:e0:ae:6d:99:7a:37:2d:f8:67:92:97:b6:90:54:
11:49:27:28:1d:34:8d:ec:9f:11:98:a9:c1:88:4f:bd:60:8d:
87:3f:28:61:98:67:a4:5d:a7:f6:87:25:b3:6a:9f:0a:62:ff:
2b:00:79:b3:f7:e8:dd:ac:3d:c5:34:43:c9:2a:9d:a0:e5:8c:
7d:67:a0:41:7b:a7:92:a0:af:c1:f7:3b:f0:f5:17:4b:9b:e9:
f7:eb:7a:b9:64:5e:30:ce:cf:b1:29:af:79:89:93:13:3f:1d:
94:4b:8b:15:e4:12:44:c3:34:3f:5f:56:b1:51:b0:f9:6a:9c:
c0:e3:cf:a3:97:be:63:c2:c4:4f:25:61:b9:5a:a7:ee:13:eb:
74:1d:17:29:54:04:80:54:94:dd:30:06:14:3e:98:67:10:8c:
6d:6a:23:8b
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgIDAVHtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTA1MDYzNDE4WhcNMjUwNjA5MDYzNDE4WjAYMRYw
FAYDVQQDEw02ODE4NWJlZi03NGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyfqA/dlP1DRPi1K8p8slrne16A1MFXR5jkqXwp5wv9yROlV/CHOmX8Ub
fCKd62uL5rrQSGKKaYUNxNfwrN61GTcxyNRkUcS5ENqW2EttIrzRbyvboDpzdu0K
y34xSq2sQYlgsBdFWq+QoEcjiHhu3Y0i1bUMXIXuLMX86C1kSc3Xhb+/9dHMf26E
vGt0M/9RQx1kfbSAbk6umCohTqq9mCvvH6Z/biCM/4kWRbNaTe1MHzBcsER4kg8p
/byMwA1PeikmBjC1mfdAMqALD9ssXeqmGR3BAcJwt51aGfs8W1x8KxFWOxS1bn2t
9RrEe9ePRtfW9fvOkELrfJ2Zc2CenwIDAQABo4IC0DCCAswwHQYDVR0OBBYEFKrR
rMMkidXWIGP0NSNXRqQwz59IMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjExRDA1QTI5N0ExMUYwQTI0MUFDODBEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
ME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAsDAwSc8AMEA5zwMDAMAwQBnPIK
AwQEnPIAMAsDAwGc9gMEAZz2EAMEApz5HAMEAJz/ADANBgkqhkiG9w0BAQsFAAOC
AQEAczutzQXMll+H6VyOUmZYIrP0tebktOn8c9ZDb0DhE3XgXyi96cghisqqg/Xt
g/uOYkKoE/Jr8XHvQAuTfLaDgSjyG6JiXk6HcPDqOZmskNN/fHq3DGYjyE/XC+vO
huCubZl6Ny34Z5KXtpBUEUknKB00jeyfEZipwYhPvWCNhz8oYZhnpF2n9ocls2qf
CmL/KwB5s/fo3aw9xTRDySqdoOWMfWegQXunkqCvwfc78PUXS5vp9+t6uWReMM7P
sSmveYmTEz8dlEuLFeQSRMM0P19WsVGw+WqcwOPPo5e+Y8LETyVhuVqn7hPrdB0X
KVQEgFSU3TAGFD6YZxCMbWojiw==
-----END CERTIFICATE-----
Generated at Tue May 13 01:16:05 2025 by rpki-client