Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21F80A06114611F080B583A3762E951A.roa
File: 21F80A06114611F080B583A3762E951A.roa (raw, json)
Hash identifier: EMVzdlWPbsZ1uzjgXGWKh3GNKlh4IQQyfuBYWQxX330=
Subject key identifier: 97:65:AD:52:BE:A5:1A:3A:57:BA:5F:A3:55:85:44:04:E4:67:7D:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21F80A06114611F080B583A3762E951A.roa
Signing time: Fri 04 Apr 2025 11:15:36 +0000
ROA not before: Fri 04 Apr 2025 11:15:32 +0000
ROA not after: Wed 28 May 2025 11:15:32 +0000
asID: 329278
IP address blocks: 156.232.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84513 (0x14a21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 4 11:15:32 2025 GMT
Not After : May 28 11:15:32 2025 GMT
Subject: CN=67efbf58-6928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:43:1b:19:8a:fb:b5:05:42:9b:46:3a:13:85:
fb:a9:31:79:c9:bf:02:f2:dd:b6:02:5b:01:1a:01:
32:4a:bd:c9:c1:0a:e5:a7:d6:64:ca:4f:4f:e7:59:
f3:bb:ac:28:e3:6e:37:4c:b2:d9:56:1b:54:36:26:
b7:7a:94:87:e9:4c:45:c2:15:43:f8:7c:41:0b:58:
f7:f5:2e:9a:30:80:78:0a:f6:c4:2f:94:b5:52:80:
10:32:ae:c4:9f:03:ef:13:96:b6:5b:1e:4a:c4:0e:
22:32:82:e5:37:cc:9f:4e:a0:d7:b7:59:e0:53:64:
3a:f3:ba:ab:89:0f:94:bc:cd:c3:02:0e:34:e6:f6:
d0:65:4a:c8:f1:79:9e:14:70:5a:92:8b:20:11:48:
b6:21:9a:f0:52:4b:dd:23:00:ef:36:47:24:bc:3a:
67:d3:0e:67:6e:30:ef:6b:37:71:eb:4b:80:66:33:
a2:ee:ef:eb:77:7e:4e:a6:e0:f9:a9:04:df:2b:5a:
c1:2f:84:d2:8e:5b:33:bd:4c:9f:97:c9:f7:c5:19:
00:ea:c4:21:f3:06:80:e0:17:cc:a5:b4:6b:82:3e:
e2:14:a9:58:7d:91:a2:cd:12:12:12:4b:25:53:2f:
15:81:24:32:28:14:00:1a:ad:1a:73:01:4e:ea:b2:
7b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:65:AD:52:BE:A5:1A:3A:57:BA:5F:A3:55:85:44:04:E4:67:7D:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/21F80A06114611F080B583A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.88.0/24
Signature Algorithm: sha256WithRSAEncryption
51:71:52:7a:27:04:7c:37:a4:ee:e7:58:c9:45:4d:16:4d:ae:
a6:6a:b9:6d:57:16:53:62:a2:e5:0d:c5:f0:7a:dd:1d:3b:9f:
21:28:48:87:29:1f:b6:7b:76:36:c9:fd:c6:41:21:15:88:fa:
d0:4e:8b:c4:f6:f1:a5:24:52:52:c6:26:da:12:5e:d8:6a:e2:
f0:43:77:2d:8e:5e:7b:be:73:e2:10:c4:b2:44:d1:98:70:e2:
cc:f7:ef:a8:81:74:65:bd:4b:76:48:9b:6b:6b:b3:25:83:02:
38:b5:f1:9a:f1:23:3a:ec:08:f1:ff:86:7b:98:aa:f8:c0:58:
1e:d9:b4:28:f2:13:e1:f1:c3:8e:8d:10:e9:f2:d6:83:0f:57:
10:7f:2f:35:50:c7:4c:ef:bb:cb:08:52:84:ab:79:f9:35:42:
9c:d1:e2:3e:56:b2:99:65:e7:7a:b8:e9:2e:87:a3:8e:b0:8c:
7e:5f:a3:a2:1d:23:15:6e:f1:69:d3:94:e9:c5:57:fa:46:63:
f3:f5:c8:90:57:83:d3:b5:4b:9e:d9:68:2b:5e:2f:0c:30:00:
57:e0:6d:a9:b3:92:68:83:9e:52:86:2b:46:4c:b8:a7:b6:d1:
ab:48:9d:aa:69:69:61:5a:7a:2b:1a:bc:20:a0:52:71:63:29:
c7:84:07:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUohMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA0MTExNTMyWhcNMjUwNTI4MTExNTMyWjAYMRYw
FAYDVQQDEw02N2VmYmY1OC02OTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuUMbGYr7tQVCm0Y6E4X7qTF5yb8C8t22AlsBGgEySr3JwQrlp9Zkyk9P
51nzu6wo4243TLLZVhtUNia3epSH6UxFwhVD+HxBC1j39S6aMIB4CvbEL5S1UoAQ
Mq7EnwPvE5a2Wx5KxA4iMoLlN8yfTqDXt1ngU2Q687qriQ+UvM3DAg405vbQZUrI
8XmeFHBakosgEUi2IZrwUkvdIwDvNkckvDpn0w5nbjDvazdx60uAZjOi7u/rd35O
puD5qQTfK1rBL4TSjlszvUyfl8n3xRkA6sQh8waA4BfMpbRrgj7iFKlYfZGizRIS
EkslUy8VgSQyKBQAGq0acwFO6rJ7WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJdl
rVK+pRo6V7pfo1WFRATkZ31yMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yMUY4MEEwNjExNDYxMUYwODBCNTgzQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhYMA0GCSqGSIb3DQEBCwUA
A4IBAQBRcVJ6JwR8N6Tu51jJRU0WTa6marltVxZTYqLlDcXwet0dO58hKEiHKR+2
e3Y2yf3GQSEViPrQTovE9vGlJFJSxibaEl7YauLwQ3ctjl57vnPiEMSyRNGYcOLM
9++ogXRlvUt2SJtra7MlgwI4tfGa8SM67Ajx/4Z7mKr4wFge2bQo8hPh8cOOjRDp
8taDD1cQfy81UMdM77vLCFKEq3n5NUKc0eI+VrKZZed6uOkuh6OOsIx+X6OiHSMV
bvFp05TpxVf6RmPz9ciQV4PTtUue2WgrXi8MMABX4G2ps5Jog55ShitGTLinttGr
SJ2qaWlhWnorGrwgoFJxYynHhAfW
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:54:11 2025 by rpki-client on console.sobornost.net