Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14FDACD41DD011F0898F34E9DAE4EC9C.roa
File: 14FDACD41DD011F0898F34E9DAE4EC9C.roa (raw, json)
Hash identifier: 9V2X3oO+nWK/FNfM9/o47A/gYF3SxE9pgFFFjnNVb3I=
Subject key identifier: 6A:74:49:0D:17:F7:87:33:40:88:89:BD:BD:52:F5:41:E4:29:9F:D3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14FDACD41DD011F0898F34E9DAE4EC9C.roa
Signing time: Sun 20 Apr 2025 10:13:19 +0000
ROA not before: Sun 20 Apr 2025 10:13:15 +0000
ROA not after: Mon 26 May 2025 10:13:15 +0000
asID: 20473
IP address blocks: 156.255.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85405 (0x14d9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 20 10:13:15 2025 GMT
Not After : May 26 10:13:15 2025 GMT
Subject: CN=6804c8bf-bbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5a:3c:f7:e4:e3:04:57:2c:d3:82:5e:a2:e7:
df:4b:cb:d1:dd:74:da:66:fc:7d:3c:e4:2d:d3:db:
99:a8:b0:5c:ce:ae:09:cd:0d:27:08:67:24:df:bb:
1a:51:ce:19:b5:59:1a:cb:f5:85:8b:87:89:9f:6e:
41:40:cb:55:34:3f:a5:a3:bf:0b:c7:f9:55:29:0c:
0d:b8:34:2e:4b:45:fa:fc:1b:64:f3:fb:75:1b:24:
3f:a5:a8:6c:16:4f:c6:2f:4a:85:e8:bf:31:29:35:
2d:d5:bd:2c:bd:e6:41:32:85:e7:8f:a4:13:44:8b:
c0:4c:79:24:c3:44:c3:a7:92:d4:21:90:a8:2b:3e:
85:52:53:de:15:91:c0:e1:8d:4c:5e:1b:f0:07:82:
88:b2:f4:fe:d3:ef:5c:6a:8a:aa:0e:54:61:10:af:
cd:3e:9f:38:2d:cc:bf:e0:2f:14:08:7c:f5:19:b1:
c4:33:99:be:06:d0:6c:d9:a2:35:0b:70:4e:bf:6d:
83:37:69:bc:8f:23:31:34:40:3a:3b:14:33:ce:e7:
88:d1:e9:7c:da:9e:be:89:a3:4e:e6:d0:bc:83:0e:
26:07:cb:4d:d4:f2:2e:d0:12:a1:88:fd:32:62:1a:
a2:90:fd:39:20:23:e3:71:ce:90:22:e2:08:25:ea:
ac:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:74:49:0D:17:F7:87:33:40:88:89:BD:BD:52:F5:41:E4:29:9F:D3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/14FDACD41DD011F0898F34E9DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.32.0/24
Signature Algorithm: sha256WithRSAEncryption
53:ec:c0:c5:53:64:ef:10:f0:a6:20:e1:f7:ff:62:f7:3a:af:
a4:95:bc:14:d0:7e:56:cc:df:25:a0:93:35:a7:84:4b:b2:b8:
50:21:db:2a:3e:c5:94:6d:8a:8a:c9:65:f2:a2:f5:e8:72:f0:
09:34:08:15:0e:03:09:0b:56:bc:99:a3:67:e8:79:a4:6f:d3:
45:34:72:92:38:d7:45:80:14:f0:b7:c2:1d:1d:43:63:4c:03:
d5:b2:54:82:e5:e3:ac:45:bb:f6:b3:44:1d:45:68:72:81:76:
89:64:62:80:e4:50:f5:c6:53:17:3d:88:49:fe:28:f9:e6:b4:
aa:77:02:01:7c:f6:45:a0:76:10:b8:6b:84:7d:c2:d9:27:10:
79:f8:44:32:67:93:92:b5:07:dc:95:2b:43:e4:ef:74:01:c0:
4e:74:bf:0f:52:0e:00:cc:be:0f:48:51:5d:1c:0d:c2:af:d0:
7a:5e:c0:fd:ba:50:3b:a7:d7:aa:57:b6:b9:e5:b2:25:94:0c:
17:fd:9e:58:07:de:73:2b:c2:d9:cf:c9:46:ea:f3:fd:bc:13:
9c:a5:57:4b:16:80:f7:3b:b2:b2:e7:6e:a2:ab:63:72:72:39:
32:f6:d4:72:cf:a0:68:bb:e7:91:58:cb:62:54:03:53:52:4b:
e7:d4:e4:79
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAU2dMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIwMTAxMzE1WhcNMjUwNTI2MTAxMzE1WjAYMRYw
FAYDVQQDEw02ODA0YzhiZi1iYmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Fo89+TjBFcs04JeouffS8vR3XTaZvx9POQt09uZqLBczq4JzQ0nCGck
37saUc4ZtVkay/WFi4eJn25BQMtVND+lo78Lx/lVKQwNuDQuS0X6/Btk8/t1GyQ/
pahsFk/GL0qF6L8xKTUt1b0sveZBMoXnj6QTRIvATHkkw0TDp5LUIZCoKz6FUlPe
FZHA4Y1MXhvwB4KIsvT+0+9caoqqDlRhEK/NPp84Lcy/4C8UCHz1GbHEM5m+BtBs
2aI1C3BOv22DN2m8jyMxNEA6OxQzzueI0el82p6+iaNO5tC8gw4mB8tN1PIu0BKh
iP0yYhqikP05ICPjcc6QIuIIJeqsWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGp0
SQ0X94czQIiJvb1S9UHkKZ/TMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNEZEQUNENDFERDAxMUYwODk4RjM0RTlEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP8gMA0GCSqGSIb3DQEBCwUA
A4IBAQBT7MDFU2TvEPCmIOH3/2L3Oq+klbwU0H5WzN8loJM1p4RLsrhQIdsqPsWU
bYqKyWXyovXocvAJNAgVDgMJC1a8maNn6Hmkb9NFNHKSONdFgBTwt8IdHUNjTAPV
slSC5eOsRbv2s0QdRWhygXaJZGKA5FD1xlMXPYhJ/ij55rSqdwIBfPZFoHYQuGuE
fcLZJxB5+EQyZ5OStQfclStD5O90AcBOdL8PUg4AzL4PSFFdHA3Cr9B6XsD9ulA7
p9eqV7a55bIllAwX/Z5YB95zK8LZz8lG6vP9vBOcpVdLFoD3O7Ky526iq2Nycjky
9tRyz6Bou+eRWMtiVANTUkvn1OR5
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:05:19 2025 by rpki-client on console.sobornost.net