Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/044DFA5C1F6911F094E99A9BDAE4EC9C.roa
File: 044DFA5C1F6911F094E99A9BDAE4EC9C.roa (raw, json)
Hash identifier: 4F7tznWx7/g8+u9iJxUh1f8FesNxYrqN46/gMAcvztI=
Subject key identifier: 15:75:84:B1:73:43:68:40:D8:F6:34:B2:4C:45:F1:75:8E:AA:19:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014E1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/044DFA5C1F6911F094E99A9BDAE4EC9C.roa
Signing time: Tue 22 Apr 2025 11:00:36 +0000
ROA not before: Tue 22 Apr 2025 11:00:31 +0000
ROA not after: Fri 02 May 2025 11:00:31 +0000
asID: 395793
IP address blocks: 156.228.16.0/23 maxlen: 24
156.228.48.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85533 (0x14e1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 22 11:00:31 2025 GMT
Not After : May 2 11:00:31 2025 GMT
Subject: CN=680776d4-bf1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:cf:70:a9:e0:a1:08:86:56:2d:c3:9a:4c:31:
de:fa:68:8e:33:3e:d0:44:e6:58:b1:d2:f2:0f:e0:
75:79:dd:93:b9:ea:aa:36:4a:d9:69:59:47:69:c3:
10:8a:40:e2:28:37:e3:65:c4:41:41:cb:4d:65:da:
35:aa:c9:af:cb:d6:6b:e5:17:97:36:cf:0f:62:11:
95:07:e8:ac:2b:aa:34:93:7c:52:89:31:49:41:f7:
13:46:3d:6d:a0:7f:e8:d1:a9:1b:a0:bc:96:89:b4:
07:8d:04:30:4d:16:fc:3a:b5:fe:c5:59:a7:e1:02:
f6:1e:52:16:e4:14:cb:2e:10:df:61:25:9c:75:66:
a0:2f:4e:24:04:ae:14:04:8b:74:1f:6c:ce:48:e5:
1e:9a:21:a6:14:ed:78:4b:6a:71:57:39:fe:29:c2:
bc:48:9b:99:9e:4d:2e:31:c7:5e:bf:45:c4:04:77:
7d:96:14:01:c0:2e:a0:1f:69:67:a1:ac:32:ec:66:
80:fa:00:f4:be:ca:7a:ed:b5:3c:e8:a3:cb:31:1d:
57:aa:0f:b5:72:87:bb:b7:8f:2e:69:f2:0d:c4:ce:
52:d4:da:55:f3:2a:1e:48:10:29:f8:21:55:e4:95:
99:38:63:d9:a2:5b:dc:e6:81:cf:90:f0:9b:15:12:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:75:84:B1:73:43:68:40:D8:F6:34:B2:4C:45:F1:75:8E:AA:19:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/044DFA5C1F6911F094E99A9BDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.16.0/23
156.228.48.0/21
Signature Algorithm: sha256WithRSAEncryption
60:1b:2f:6d:e3:d9:81:f8:08:6f:22:7d:74:7f:13:b4:74:f6:
ec:7d:75:9e:f2:ed:5e:b4:b1:fd:59:fd:d8:ad:5c:49:a3:76:
34:99:bb:82:ae:1b:f5:8a:fc:d2:18:58:c9:35:01:53:62:a8:
59:80:75:95:4d:4a:b1:76:44:be:05:8d:d5:fd:5b:f5:40:52:
92:ea:16:37:1d:81:76:bb:62:71:a0:23:22:f7:7c:e7:1f:4e:
a8:ea:84:4d:9b:e4:08:5a:aa:f3:7b:22:cb:2d:ad:a0:18:7f:
e3:c2:52:a0:a9:6a:4f:85:fa:8b:e2:6d:63:df:e8:d9:fb:3d:
04:37:37:17:bc:7f:4c:a5:73:f3:bc:1e:e7:5a:2b:ea:ad:fd:
4e:fa:f9:6c:0f:9a:81:a4:be:f3:26:56:25:fd:a4:90:27:68:
f9:74:f5:75:b4:b5:bd:f3:db:f2:65:01:73:96:0d:8b:41:9f:
ae:65:01:b0:f7:81:30:6d:3f:47:be:62:66:c9:81:90:52:90:
a3:66:9d:64:03:08:37:c1:e1:30:d3:77:83:dd:03:e3:27:13:
65:04:40:c2:78:09:1c:7f:fe:d1:92:11:39:2a:b2:6d:e5:af:
c2:56:58:31:66:63:56:3c:f5:ce:de:22:8d:a4:0c:d9:99:d6:
f9:ef:0e:73
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAU4dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIyMTEwMDMxWhcNMjUwNTAyMTEwMDMxWjAYMRYw
FAYDVQQDEw02ODA3NzZkNC1iZjFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7s9wqeChCIZWLcOaTDHe+miOMz7QROZYsdLyD+B1ed2TueqqNkrZaVlH
acMQikDiKDfjZcRBQctNZdo1qsmvy9Zr5ReXNs8PYhGVB+isK6o0k3xSiTFJQfcT
Rj1toH/o0akboLyWibQHjQQwTRb8OrX+xVmn4QL2HlIW5BTLLhDfYSWcdWagL04k
BK4UBIt0H2zOSOUemiGmFO14S2pxVzn+KcK8SJuZnk0uMcdev0XEBHd9lhQBwC6g
H2lnoawy7GaA+gD0vsp67bU86KPLMR1Xqg+1coe7t48uafINxM5S1NpV8yoeSBAp
+CFV5JWZOGPZolvc5oHPkPCbFRJ+FwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBV1
hLFzQ2hA2PY0skxF8XWOqhk6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wNDRERkE1QzFGNjkxMUYwOTRFOTlBOUJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnOQQAwQDnOQwMA0GCSqGSIb3
DQEBCwUAA4IBAQBgGy9t49mB+AhvIn10fxO0dPbsfXWe8u1etLH9Wf3YrVxJo3Y0
mbuCrhv1ivzSGFjJNQFTYqhZgHWVTUqxdkS+BY3V/Vv1QFKS6hY3HYF2u2JxoCMi
93znH06o6oRNm+QIWqrzeyLLLa2gGH/jwlKgqWpPhfqL4m1j3+jZ+z0ENzcXvH9M
pXPzvB7nWivqrf1O+vlsD5qBpL7zJlYl/aSQJ2j5dPV1tLW989vyZQFzlg2LQZ+u
ZQGw94EwbT9HvmJmyYGQUpCjZp1kAwg3weEw03eD3QPjJxNlBEDCeAkcf/7RkhE5
KrJt5a/CVlgxZmNWPPXO3iKNpAzZmdb57w5z
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:05:07 2025 by rpki-client on console.sobornost.net