Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B05F4B40CCE11F0B042A681762E951A.roa
File: 1B05F4B40CCE11F0B042A681762E951A.roa (raw, json)
Hash identifier: QnixjxEuTc6oBYaOF4A9pedtpijFVZT7qPnrbqdPPnc=
Subject key identifier: 73:FF:53:A4:31:85:E8:CF:42:1B:19:03:F2:FA:FC:43:EF:FA:13:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0148F0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B05F4B40CCE11F0B042A681762E951A.roa
Signing time: Sat 29 Mar 2025 18:46:20 +0000
ROA not before: Sat 29 Mar 2025 18:46:16 +0000
ROA not after: Thu 08 May 2025 18:46:16 +0000
asID: 200019
IP address blocks: 156.229.228.0/24 maxlen: 24
156.229.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84208 (0x148f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Mar 29 18:46:16 2025 GMT
Not After : May 8 18:46:16 2025 GMT
Subject: CN=67e83ffc-c393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:66:97:31:87:60:70:99:4d:47:db:e9:8d:b2:
60:0d:54:e1:2f:81:5b:55:13:25:c1:28:55:e6:71:
4a:03:4b:ae:91:f0:62:50:ba:99:53:4d:3c:f3:c4:
f5:ac:0c:c8:8b:1a:7d:e5:b0:52:fb:50:dc:5a:2e:
f2:4f:22:ae:0a:80:52:66:a8:ea:6a:b2:c0:f4:67:
97:97:bd:10:df:38:9e:f5:87:b7:67:a5:06:26:31:
f3:3e:6f:38:b3:1b:e2:a1:be:cf:6c:2b:2f:2f:d0:
1f:f1:fd:c0:70:74:12:1c:49:a1:94:49:6b:d6:04:
4c:41:9c:87:7d:fd:1e:0c:36:2b:fe:90:ce:25:ad:
e3:12:3f:61:06:01:92:68:26:1c:7f:f0:2a:ee:15:
8c:1c:58:9c:11:7a:42:99:98:7d:a3:0c:f8:a3:ce:
b1:4c:ad:08:ce:4b:6e:71:fa:af:5f:41:b3:a5:39:
23:ae:23:09:e4:5e:34:ca:4a:25:99:43:70:fe:0a:
12:3d:78:d6:cc:6b:c4:1f:9a:15:73:71:6c:54:b3:
7b:07:87:0c:db:db:96:be:d1:8e:45:fc:ad:50:1a:
30:f4:04:f7:3b:c7:fb:17:a9:b2:0c:76:2d:8d:55:
a1:e9:83:9e:90:96:0f:90:f0:df:99:6e:44:ae:91:
18:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FF:53:A4:31:85:E8:CF:42:1B:19:03:F2:FA:FC:43:EF:FA:13:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1B05F4B40CCE11F0B042A681762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.228.0/23
Signature Algorithm: sha256WithRSAEncryption
43:fd:98:d7:a3:d1:6f:48:2c:1c:c3:d5:1b:24:32:78:c4:ac:
8e:1c:e1:a9:21:12:40:af:92:6b:0d:88:7f:6f:63:97:5e:bd:
33:82:fe:96:4f:a0:fe:7c:cd:3f:3b:25:74:3e:16:fc:15:e7:
dd:fa:3f:18:61:bb:d2:47:af:25:d0:4d:79:6a:ae:cd:64:ad:
aa:78:69:f9:35:8a:7c:63:5a:31:ac:3c:2a:43:ce:8f:7b:0f:
49:20:8a:79:cf:e4:79:82:17:c7:2e:ce:0b:5b:a9:9d:5a:5f:
da:9d:87:a5:f4:e7:21:f7:0b:c5:b6:04:48:71:6f:41:6f:b3:
38:ed:00:49:b7:50:9d:26:e1:90:d1:02:7d:d6:11:63:e8:f5:
0a:41:d3:d4:bc:0e:e9:17:b8:1d:07:ce:a5:e3:39:61:9a:4c:
d9:51:29:77:a1:79:d5:83:05:c7:0e:56:dd:9e:bc:0d:55:92:
5c:5e:36:41:7f:93:43:39:b0:80:a2:67:78:f2:f0:27:38:b3:
f6:07:fa:23:ab:19:92:42:f5:24:7e:15:1e:cb:76:d3:74:17:
3e:8e:7b:c6:08:aa:3d:40:28:a0:13:8c:4f:21:18:9d:4f:08:
02:80:39:90:86:7b:b5:c5:74:a3:9d:5c:4a:df:3a:48:7c:fc:
bf:aa:b3:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUjwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MTg0NjE2WhcNMjUwNTA4MTg0NjE2WjAYMRYw
FAYDVQQDEw02N2U4M2ZmYy1jMzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1GaXMYdgcJlNR9vpjbJgDVThL4FbVRMlwShV5nFKA0uukfBiULqZU008
88T1rAzIixp95bBS+1DcWi7yTyKuCoBSZqjqarLA9GeXl70Q3zie9Ye3Z6UGJjHz
Pm84sxviob7PbCsvL9Af8f3AcHQSHEmhlElr1gRMQZyHff0eDDYr/pDOJa3jEj9h
BgGSaCYcf/Aq7hWMHFicEXpCmZh9owz4o86xTK0IzktucfqvX0GzpTkjriMJ5F40
ykolmUNw/goSPXjWzGvEH5oVc3FsVLN7B4cM29uWvtGORfytUBow9AT3O8f7F6my
DHYtjVWh6YOekJYPkPDfmW5ErpEYwQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHP/
U6QxhejPQhsZA/L6/EPv+hOjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQjA1RjRCNDBDQ0UxMUYwQjA0MkE2ODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOXkMA0GCSqGSIb3DQEBCwUA
A4IBAQBD/ZjXo9FvSCwcw9UbJDJ4xKyOHOGpIRJAr5JrDYh/b2OXXr0zgv6WT6D+
fM0/OyV0Phb8Fefd+j8YYbvSR68l0E15aq7NZK2qeGn5NYp8Y1oxrDwqQ86Pew9J
IIp5z+R5ghfHLs4LW6mdWl/anYel9Och9wvFtgRIcW9Bb7M47QBJt1CdJuGQ0QJ9
1hFj6PUKQdPUvA7pF7gdB86l4zlhmkzZUSl3oXnVgwXHDlbdnrwNVZJcXjZBf5ND
ObCAomd48vAnOLP2B/ojqxmSQvUkfhUey3bTdBc+jnvGCKo9QCigE4xPIRidTwgC
gDmQhnu1xXSjnVxK3zpIfPy/qrNj
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:05:23 2025 by rpki-client on console.sobornost.net