Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A16005C0F9D11F096989A97762E951A.roa
File: 3A16005C0F9D11F096989A97762E951A.roa (raw, json)
Hash identifier: tRftiP9mypVKA2R1tYCm7+LSeZLtZleceg5SueJN23k=
Subject key identifier: 36:6F:BE:C9:EE:D2:3D:55:D6:A2:07:8E:6B:80:4F:97:31:D6:01:AC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014969
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A16005C0F9D11F096989A97762E951A.roa
Signing time: Wed 02 Apr 2025 08:34:01 +0000
ROA not before: Wed 02 Apr 2025 08:33:57 +0000
ROA not after: Fri 09 May 2025 08:33:57 +0000
asID: 139646
IP address blocks: 45.200.14.0/23 maxlen: 24
45.200.16.0/23 maxlen: 24
45.200.18.0/23 maxlen: 24
45.200.20.0/22 maxlen: 24
45.200.24.0/21 maxlen: 24
45.200.32.0/19 maxlen: 24
45.201.214.0/23 maxlen: 24
45.201.216.0/21 maxlen: 24
45.201.224.0/21 maxlen: 24
45.201.240.0/20 maxlen: 24
45.204.0.0/24 maxlen: 24
45.207.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84329 (0x14969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 2 08:33:57 2025 GMT
Not After : May 9 08:33:57 2025 GMT
Subject: CN=67ecf679-5399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:08:7b:a8:86:8b:ea:74:94:3f:20:4c:9c:ed:
c5:da:56:77:62:93:2f:35:89:e1:33:bc:b3:cf:90:
f9:86:3b:fc:2b:0d:f1:1c:06:d7:12:7f:d3:d7:2b:
81:7c:46:81:7d:2c:b2:5a:4b:98:67:bd:59:3a:85:
90:f3:88:79:ee:63:25:e5:e9:0f:2d:fd:64:8e:73:
9c:9a:68:21:10:b0:23:23:4e:e6:bb:3a:69:cd:4b:
9d:48:88:02:27:b1:6f:e6:90:b1:8a:71:66:95:cb:
46:7a:15:d2:15:7e:56:2e:fa:6e:72:a9:bc:44:23:
45:68:d7:03:5c:99:27:6e:6a:87:ff:6a:2c:9a:a1:
fc:4e:3f:55:e8:43:4d:a8:df:2d:d9:06:38:fb:63:
05:b6:17:98:a2:c6:c3:7d:ed:99:4a:bc:4d:8e:74:
13:9e:96:52:86:9f:42:c0:bd:fe:a6:ce:dd:7e:14:
2a:f9:0a:b0:7c:1a:32:c6:1b:90:cb:91:7f:10:63:
f5:10:b1:ce:11:d9:c1:d6:1e:68:c6:bb:c2:6f:17:
42:28:d7:e1:a9:ab:be:24:5b:4e:96:e1:d4:fd:08:
c6:fc:56:f5:b4:0b:23:60:b3:a6:ba:44:73:e2:0b:
9b:db:ad:85:9e:77:d1:a2:99:44:42:6f:f6:21:ad:
d8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:6F:BE:C9:EE:D2:3D:55:D6:A2:07:8E:6B:80:4F:97:31:D6:01:AC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3A16005C0F9D11F096989A97762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.200.14.0-45.200.63.255
45.201.214.0-45.201.231.255
45.201.240.0/20
45.204.0.0/24
45.207.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8a:c0:82:67:7a:08:76:93:58:ea:f1:9e:a9:d3:7f:b3:5f:2a:
7d:22:4b:89:df:e0:5a:95:cd:f6:df:2f:8f:9d:2b:30:e7:f8:
d2:75:08:42:0b:e2:57:b5:34:b0:5b:61:4c:96:46:24:84:bb:
28:58:72:6b:c5:18:dc:de:9d:92:63:34:2d:9c:98:30:68:a2:
8d:c6:b2:6a:81:94:88:58:f8:cb:b9:46:86:a5:f0:46:05:80:
ca:ca:cc:dd:57:12:1a:b4:39:ee:b5:88:62:05:4e:79:f6:b3:
fa:12:5e:d3:3b:bd:1f:cb:f4:e1:81:7a:67:fa:6f:83:e5:58:
c4:02:74:c2:2c:bf:b3:83:8d:4c:e9:50:e5:f6:c6:c8:ca:b5:
b2:34:f1:ad:ec:77:2c:bf:37:ce:51:98:0f:de:1d:eb:3f:8c:
f9:af:7b:f8:71:15:aa:94:af:ce:98:8f:51:82:9d:a2:9d:64:
8c:72:a5:3a:dc:17:a7:87:82:0b:ea:ac:39:0e:bb:a7:66:23:
b1:bf:7a:50:60:12:1d:2b:eb:4f:77:7c:9f:22:34:20:d4:cc:
04:06:d5:df:07:7b:98:b6:d1:f6:e8:c5:b7:fa:ac:a3:7e:df:
4e:81:6d:a5:25:4a:bd:39:d8:1a:e1:73:19:5b:d7:7a:b0:2d:
36:a9:38:be
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAUlpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDAyMDgzMzU3WhcNMjUwNTA5MDgzMzU3WjAYMRYw
FAYDVQQDEw02N2VjZjY3OS01Mzk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwwh7qIaL6nSUPyBMnO3F2lZ3YpMvNYnhM7yzz5D5hjv8Kw3xHAbXEn/T
1yuBfEaBfSyyWkuYZ71ZOoWQ84h57mMl5ekPLf1kjnOcmmghELAjI07muzppzUud
SIgCJ7Fv5pCxinFmlctGehXSFX5WLvpucqm8RCNFaNcDXJknbmqH/2osmqH8Tj9V
6ENNqN8t2QY4+2MFtheYosbDfe2ZSrxNjnQTnpZShp9CwL3+ps7dfhQq+QqwfBoy
xhuQy5F/EGP1ELHOEdnB1h5oxrvCbxdCKNfhqau+JFtOluHU/QjG/Fb1tAsjYLOm
ukRz4gub262FnnfRoplEQm/2Ia3YGwIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFDZv
vsnu0j1V1qIHjmuAT5cx1gGsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zQTE2MDA1QzBGOUQxMUYwOTY5ODlBOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAEtyA4DBAYtyAAwDAMEAS3J
1gMEAy3J4AMEBC3J8AMEAC3MAAMEBS3P4DANBgkqhkiG9w0BAQsFAAOCAQEAisCC
Z3oIdpNY6vGeqdN/s18qfSJLid/gWpXN9t8vj50rMOf40nUIQgviV7U0sFthTJZG
JIS7KFhya8UY3N6dkmM0LZyYMGiijcayaoGUiFj4y7lGhqXwRgWAysrM3VcSGrQ5
7rWIYgVOefaz+hJe0zu9H8v04YF6Z/pvg+VYxAJ0wiy/s4ONTOlQ5fbGyMq1sjTx
rex3LL83zlGYD94d6z+M+a97+HEVqpSvzpiPUYKdop1kjHKlOtwXp4eCC+qsOQ67
p2Yjsb96UGASHSvrT3d8nyI0INTMBAbV3wd7mLbR9ujFt/qso37fToFtpSVKvTnY
GuFzGVvXerAtNqk4vg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 06:19:12 2025 by rpki-client on console.sobornost.net