Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37C40336151911F08D543ECF6DB8BCC6.roa
File: 37C40336151911F08D543ECF6DB8BCC6.roa (raw, json)
Hash identifier: Z4PAj2cV/e8UJ3NWXTpp2l7yNwrE4uBmCXm/YC3f6b4=
Subject key identifier: 68:88:05:ED:DB:2C:19:49:A5:2D:B2:76:1F:E1:07:EF:3D:49:1C:2F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014B24
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37C40336151911F08D543ECF6DB8BCC6.roa
Signing time: Wed 09 Apr 2025 08:04:10 +0000
ROA not before: Wed 09 Apr 2025 08:04:06 +0000
ROA not after: Tue 13 May 2025 08:04:06 +0000
asID: 23470
IP address blocks: 45.199.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84772 (0x14b24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 08:04:06 2025 GMT
Not After : May 13 08:04:06 2025 GMT
Subject: CN=67f629fa-7c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b9:ab:b9:89:f4:fc:b5:84:b4:9e:4e:70:a3:
81:3e:fd:28:dc:cb:c2:f1:67:2c:51:57:eb:0b:ad:
e4:14:e1:66:07:24:cb:09:b6:7f:b1:db:f6:7c:19:
dd:da:56:c5:b1:16:b2:9f:60:ed:16:8e:44:c4:4c:
05:83:15:71:20:eb:40:05:bf:15:51:53:14:ca:44:
ca:f3:8f:5c:6a:a8:fb:7b:4b:61:da:33:2a:17:6c:
f1:95:13:1b:54:e6:b1:1e:45:bd:4a:e4:7c:f6:a0:
9b:0c:7e:24:e7:93:0b:6c:5d:3c:00:56:c8:b3:4e:
a6:bc:45:d0:67:5b:55:64:3a:2a:05:fe:0d:a0:83:
f5:01:e3:5c:6b:fc:49:84:e8:42:1d:e8:f5:1b:af:
ea:35:7e:5d:bf:4e:0e:d9:bc:0f:c1:21:f6:cd:74:
ab:64:9d:07:59:ed:0a:43:2e:5f:00:25:72:42:8a:
0b:12:33:dc:66:48:ea:f1:f8:90:59:40:9b:9e:54:
3c:01:11:f0:18:12:b5:73:d0:ee:92:5e:47:72:b1:
e3:23:1e:42:c5:5d:5e:3e:7b:bf:9c:04:ea:6e:a5:
20:48:08:ba:1f:70:bd:fc:00:fc:a0:d1:31:15:6c:
14:36:10:cb:a5:69:f9:13:fc:a5:7a:07:35:dd:41:
25:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:88:05:ED:DB:2C:19:49:A5:2D:B2:76:1F:E1:07:EF:3D:49:1C:2F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/37C40336151911F08D543ECF6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.199.189.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7c:14:77:52:be:67:3a:b1:78:7a:85:c3:d0:6d:3f:b1:bc:
c7:8c:ac:06:00:78:ad:8e:bf:aa:12:b1:82:d1:81:10:53:2e:
5f:95:c9:ce:ee:c4:43:3c:8d:41:b3:a2:9d:43:b4:34:e4:3b:
f4:d6:06:c8:a5:94:cf:d0:6f:80:e0:8c:47:9b:e7:4b:2f:2d:
d3:27:2f:46:a1:6e:7b:56:99:40:5a:ea:fa:c0:4e:9a:9c:2e:
68:b9:c7:d6:dc:56:0d:87:0f:3d:65:d3:65:e1:ec:e0:e5:94:
18:42:d6:0e:ce:4b:14:f3:44:cd:5d:38:4b:72:e9:49:29:f4:
ce:eb:ff:fe:dc:02:01:28:00:0e:75:c8:26:d5:18:94:8e:08:
c0:ae:a4:63:b8:a0:23:9a:22:60:63:8f:1c:49:75:84:5a:19:
08:eb:79:a0:56:10:aa:f6:72:0a:15:f9:a4:4d:69:58:ea:36:
c7:62:1a:58:bc:b5:cf:5f:e9:34:a6:56:f7:84:59:0d:05:98:
d7:3f:81:1c:55:6b:5a:71:20:fb:ef:ae:cc:48:25:08:fd:81:
dc:00:52:7a:33:ef:ce:b4:84:10:2c:aa:95:2f:97:ae:7b:fd:
ed:79:82:79:62:4d:9c:03:f3:ed:91:19:a0:a7:1e:46:b1:b2:
63:9d:25:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUskMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA5MDgwNDA2WhcNMjUwNTEzMDgwNDA2WjAYMRYw
FAYDVQQDEw02N2Y2MjlmYS03YzA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7bmruYn0/LWEtJ5OcKOBPv0o3MvC8WcsUVfrC63kFOFmByTLCbZ/sdv2
fBnd2lbFsRayn2DtFo5ExEwFgxVxIOtABb8VUVMUykTK849caqj7e0th2jMqF2zx
lRMbVOaxHkW9SuR89qCbDH4k55MLbF08AFbIs06mvEXQZ1tVZDoqBf4NoIP1AeNc
a/xJhOhCHej1G6/qNX5dv04O2bwPwSH2zXSrZJ0HWe0KQy5fACVyQooLEjPcZkjq
8fiQWUCbnlQ8ARHwGBK1c9Dukl5HcrHjIx5CxV1ePnu/nATqbqUgSAi6H3C9/AD8
oNExFWwUNhDLpWn5E/ylegc13UElIwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGiI
Be3bLBlJpS2ydh/hB+89SRwvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zN0M0MDMzNjE1MTkxMUYwOEQ1NDNFQ0Y2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALce9MA0GCSqGSIb3DQEBCwUA
A4IBAQB5fBR3Ur5nOrF4eoXD0G0/sbzHjKwGAHitjr+qErGC0YEQUy5flcnO7sRD
PI1Bs6KdQ7Q05Dv01gbIpZTP0G+A4IxHm+dLLy3TJy9GoW57VplAWur6wE6anC5o
ucfW3FYNhw89ZdNl4ezg5ZQYQtYOzksU80TNXThLculJKfTO6//+3AIBKAAOdcgm
1RiUjgjArqRjuKAjmiJgY48cSXWEWhkI63mgVhCq9nIKFfmkTWlY6jbHYhpYvLXP
X+k0plb3hFkNBZjXP4EcVWtacSD7767MSCUI/YHcAFJ6M+/OtIQQLKqVL5eue/3t
eYJ5Yk2cA/PtkRmgpx5GsbJjnSWm
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:49:19 2025 by rpki-client on console.sobornost.net