Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40768B681CFB11F0BCE6A1DBDAE4EC9C.roa
File: 40768B681CFB11F0BCE6A1DBDAE4EC9C.roa (raw, json)
Hash identifier: LVFMLMf2HFgDdsvC+v8rnwrZ2V0iGVtPe1D/VmtFcyk=
Subject key identifier: 32:B2:B2:5C:98:59:B0:D3:F5:A4:EC:48:DE:28:B1:B4:29:61:2B:39
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D7A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40768B681CFB11F0BCE6A1DBDAE4EC9C.roa
Signing time: Sat 19 Apr 2025 08:49:50 +0000
ROA not before: Sat 19 Apr 2025 08:49:45 +0000
ROA not after: Mon 26 May 2025 08:49:45 +0000
asID: 395793
IP address blocks: 156.228.62.0/24 maxlen: 24
156.228.210.0/24 maxlen: 24
156.228.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85370 (0x14d7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 19 08:49:45 2025 GMT
Not After : May 26 08:49:45 2025 GMT
Subject: CN=680363ae-14da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:db:8e:01:de:ea:bf:6e:6f:82:9e:ed:25:
8a:11:98:d2:3c:13:de:01:2c:8c:f3:60:80:f7:36:
fe:ef:e6:36:28:c3:3e:b0:29:86:fd:d0:65:8d:1b:
63:88:0d:f0:d5:21:f6:19:68:2d:47:38:df:47:e7:
55:c9:a1:e5:87:f8:c7:72:b8:08:7e:bf:fe:56:ae:
6b:6c:10:79:f3:b2:a1:44:46:03:53:90:04:21:4e:
28:86:c3:ff:95:e9:c6:49:fe:33:3b:27:50:e4:de:
82:dd:2b:6f:5c:80:e1:f6:e9:36:7b:b4:9d:58:74:
6a:61:08:91:f2:7f:53:39:c3:6f:8b:47:d7:9a:91:
ba:0e:f6:6d:66:2f:18:0b:3b:05:1b:19:bb:00:cc:
26:c4:de:26:9d:d7:e2:41:9b:c4:9b:f2:9f:45:f4:
f8:9d:df:71:d4:24:ae:60:d1:81:03:2b:f8:54:8b:
3d:10:89:ed:d8:44:ac:0a:72:b6:a1:fa:db:26:80:
5d:73:d8:90:07:a5:44:93:0d:39:97:c7:a3:21:fb:
da:2b:f1:2d:80:70:0d:62:2d:e0:97:72:7c:85:d6:
3b:3b:00:a1:52:3f:54:ee:70:2c:7c:2a:63:50:31:
d1:e2:56:64:ca:9e:2f:aa:be:bb:47:f4:02:4d:58:
9b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B2:B2:5C:98:59:B0:D3:F5:A4:EC:48:DE:28:B1:B4:29:61:2B:39
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/40768B681CFB11F0BCE6A1DBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.62.0/24
156.228.210.0/23
Signature Algorithm: sha256WithRSAEncryption
74:7b:95:70:07:0c:cd:d9:56:34:ce:74:19:19:2c:bf:77:94:
8e:f4:f2:f0:7f:79:ab:4d:9f:82:0f:95:6c:38:04:5d:c5:57:
83:1a:d1:df:89:36:d2:d7:03:05:1f:da:18:91:60:d5:28:ba:
45:0e:29:ec:bb:97:5f:b7:0e:02:23:2c:f3:83:c2:23:b8:c8:
9c:76:ea:36:32:45:b2:25:44:51:61:26:04:67:19:65:2d:1e:
cd:4e:c6:64:38:7a:fb:22:eb:18:a6:ed:c1:d3:92:95:0f:80:
4a:42:1e:3d:f2:6e:e1:5a:0b:08:33:d2:ba:83:64:f4:fa:66:
61:26:a5:9b:4e:86:28:42:d8:be:1b:da:f0:40:14:44:91:09:
c6:04:7d:89:48:75:fe:84:42:af:80:c0:66:28:02:c2:77:1f:
c6:38:db:f5:a7:bc:6f:6b:77:85:ce:9b:e4:a0:65:62:6b:a9:
70:a0:3b:ff:61:3d:cd:f7:d6:a1:80:1f:c7:69:17:9c:ab:db:
f9:6c:54:3a:af:d8:e8:20:cf:d7:24:c6:74:01:a5:9c:7a:bb:
31:6d:6f:88:a7:28:e0:11:48:d5:57:c7:41:84:70:c8:46:af:
f9:8d:3d:2b:f2:2c:ec:34:2c:0e:08:c3:ad:19:b8:83:9e:d2:
80:72:ec:d0
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAU16MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE5MDg0OTQ1WhcNMjUwNTI2MDg0OTQ1WjAYMRYw
FAYDVQQDEw02ODAzNjNhZS0xNGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvjnbjgHe6r9ub4Ke7SWKEZjSPBPeASyM82CA9zb+7+Y2KMM+sCmG/dBl
jRtjiA3w1SH2GWgtRzjfR+dVyaHlh/jHcrgIfr/+Vq5rbBB587KhREYDU5AEIU4o
hsP/lenGSf4zOydQ5N6C3StvXIDh9uk2e7SdWHRqYQiR8n9TOcNvi0fXmpG6DvZt
Zi8YCzsFGxm7AMwmxN4mndfiQZvEm/KfRfT4nd9x1CSuYNGBAyv4VIs9EInt2ESs
CnK2ofrbJoBdc9iQB6VEkw05l8ejIfvaK/EtgHANYi3gl3J8hdY7OwChUj9U7nAs
fCpjUDHR4lZkyp4vqr67R/QCTVibowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDKy
slyYWbDT9aTsSN4osbQpYSs5MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MDc2OEI2ODFDRkIxMUYwQkNFNkExREJEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnOQ+AwQBnOTSMA0GCSqGSIb3
DQEBCwUAA4IBAQB0e5VwBwzN2VY0znQZGSy/d5SO9PLwf3mrTZ+CD5VsOARdxVeD
GtHfiTbS1wMFH9oYkWDVKLpFDinsu5dftw4CIyzzg8IjuMicduo2MkWyJURRYSYE
ZxllLR7NTsZkOHr7IusYpu3B05KVD4BKQh498m7hWgsIM9K6g2T0+mZhJqWbToYo
Qti+G9rwQBREkQnGBH2JSHX+hEKvgMBmKALCdx/GONv1p7xva3eFzpvkoGVia6lw
oDv/YT3N99ahgB/HaRecq9v5bFQ6r9joIM/XJMZ0AaWcersxbW+IpyjgEUjVV8dB
hHDIRq/5jT0r8izsNCwOCMOtGbiDntKAcuzQ
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:05:47 2025 by rpki-client on console.sobornost.net