Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43AE35881C7911F0894A9BECDAE4EC9C.roa
File: 43AE35881C7911F0894A9BECDAE4EC9C.roa (raw, json)
Hash identifier: aWN9xbeal2mN67JTYw/wGcT878wUz+i9L5gXDqVlCgM=
Subject key identifier: 0F:DC:99:13:40:AC:E9:B6:34:9A:13:BE:43:DE:03:1A:ED:D4:65:25
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D39
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43AE35881C7911F0894A9BECDAE4EC9C.roa
Signing time: Fri 18 Apr 2025 17:19:20 +0000
ROA not before: Fri 18 Apr 2025 17:19:16 +0000
ROA not after: Tue 27 May 2025 17:19:16 +0000
asID: 44559
IP address blocks: 156.246.151.0/24 maxlen: 24
156.246.184.0/24 maxlen: 24
156.246.185.0/24 maxlen: 24
156.246.186.0/24 maxlen: 24
156.246.187.0/24 maxlen: 24
156.246.188.0/24 maxlen: 24
156.246.189.0/24 maxlen: 24
156.246.190.0/24 maxlen: 24
156.246.191.0/24 maxlen: 24
156.246.197.0/24 maxlen: 24
156.246.212.0/24 maxlen: 24
156.246.224.0/24 maxlen: 24
156.246.225.0/24 maxlen: 24
156.246.226.0/24 maxlen: 24
156.246.227.0/24 maxlen: 24
156.246.228.0/24 maxlen: 24
156.246.231.0/24 maxlen: 24
156.246.236.0/24 maxlen: 24
156.246.237.0/24 maxlen: 24
156.246.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85305 (0x14d39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 17:19:16 2025 GMT
Not After : May 27 17:19:16 2025 GMT
Subject: CN=68028998-45e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a2:55:bb:cd:63:3d:c0:2e:57:4b:5f:67:9c:
29:a6:83:b6:c2:c9:bb:31:2f:7b:d9:13:5f:c4:40:
df:48:06:e7:8b:ff:b8:eb:77:9a:6b:d4:bd:1a:9a:
f2:09:4f:7f:63:7b:2d:1d:6a:26:4f:5a:b8:94:15:
cd:22:9c:14:86:92:ed:fd:85:89:02:15:86:6d:d8:
0a:06:d8:53:f7:c2:dd:ee:f5:16:e6:ae:d1:d1:15:
fa:00:86:5f:76:82:d1:7f:4c:13:2e:25:3f:c0:76:
92:25:1a:f8:6d:b6:29:b7:31:df:10:f4:e0:68:fe:
3d:be:15:e9:cf:05:eb:cd:a4:27:66:34:c5:f0:5c:
e5:85:a9:ec:fd:bc:cb:f7:e4:4d:19:77:3f:75:9c:
c1:02:50:df:ad:59:bb:46:a3:f4:b9:48:c5:87:ce:
7b:90:90:ec:6e:94:3a:42:38:79:d8:0a:f7:96:82:
8b:68:27:94:af:03:c7:d4:c7:ca:8d:ba:45:0e:25:
56:b8:11:80:86:ac:16:b2:01:ff:e5:a8:26:70:3a:
bd:0a:4e:ac:65:24:0a:ca:2c:74:f3:b5:66:ba:e3:
eb:73:3f:09:ce:82:1d:96:7d:b6:66:02:6d:be:fb:
53:35:9b:d2:48:2a:ea:ce:f0:c5:ca:86:a4:80:47:
71:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DC:99:13:40:AC:E9:B6:34:9A:13:BE:43:DE:03:1A:ED:D4:65:25
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/43AE35881C7911F0894A9BECDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.151.0/24
156.246.184.0/21
156.246.197.0/24
156.246.212.0/24
156.246.224.0-156.246.228.255
156.246.231.0/24
156.246.236.0-156.246.238.255
Signature Algorithm: sha256WithRSAEncryption
7e:59:2a:eb:42:02:63:e4:88:ff:c7:fa:d7:b7:41:03:94:62:
60:4c:7a:d7:13:81:9c:ab:c3:2a:05:22:5b:14:40:60:a9:ff:
34:4e:89:39:84:b0:c4:ff:0e:05:9b:30:56:fd:68:59:02:61:
9b:4b:61:10:94:9f:e0:96:72:4a:9b:e5:82:36:3c:31:7b:e3:
b2:21:e7:3b:4d:eb:c2:6c:37:da:5f:68:45:79:76:d8:69:d1:
5c:53:93:3c:7f:13:d3:fa:99:2d:a8:55:04:77:6e:24:66:a8:
be:4d:e3:e9:32:3e:35:2a:6f:73:1c:21:b2:9c:30:58:55:e2:
09:64:f9:e9:39:40:19:1e:14:47:4e:4c:aa:f7:cf:1b:16:a4:
f6:32:de:c0:e4:2a:45:17:9b:96:ba:1d:bc:60:c2:77:e6:1c:
a5:0a:f4:96:06:eb:c8:9b:42:77:8c:a5:d2:0a:0d:0b:b0:f8:
fc:53:b6:f3:eb:14:3d:45:59:fb:93:43:dc:96:b7:46:a4:4a:
4c:9c:9b:cb:16:32:48:c1:31:89:42:c9:30:74:02:05:ff:83:
98:6a:b7:4c:df:e2:d0:6a:70:2c:a4:51:f5:db:1e:1d:bc:6f:
03:34:f8:7a:0d:7e:4e:22:e7:f7:fb:e4:93:bd:de:58:85:e7:
c1:bd:c9:6d
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIDAU05MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE4MTcxOTE2WhcNMjUwNTI3MTcxOTE2WjAYMRYw
FAYDVQQDEw02ODAyODk5OC00NWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAz6JVu81jPcAuV0tfZ5wppoO2wsm7MS972RNfxEDfSAbni/+463eaa9S9
GpryCU9/Y3stHWomT1q4lBXNIpwUhpLt/YWJAhWGbdgKBthT98Ld7vUW5q7R0RX6
AIZfdoLRf0wTLiU/wHaSJRr4bbYptzHfEPTgaP49vhXpzwXrzaQnZjTF8Fzlhans
/bzL9+RNGXc/dZzBAlDfrVm7RqP0uUjFh857kJDsbpQ6Qjh52Ar3loKLaCeUrwPH
1MfKjbpFDiVWuBGAhqwWsgH/5agmcDq9Ck6sZSQKyix087VmuuPrcz8JzoIdln22
ZgJtvvtTNZvSSCrqzvDFyoakgEdx9wIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFA/c
mRNArOm2NJoTvkPeAxrt1GUlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80M0FFMzU4ODFDNzkxMUYwODk0QTlCRUNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAnPaXAwQDnPa4AwQAnPbFAwQA
nPbUMAwDBAWc9uADBACc9uQDBACc9ucwDAMEApz27AMEAJz27jANBgkqhkiG9w0B
AQsFAAOCAQEAflkq60ICY+SI/8f617dBA5RiYEx61xOBnKvDKgUiWxRAYKn/NE6J
OYSwxP8OBZswVv1oWQJhm0thEJSf4JZySpvlgjY8MXvjsiHnO03rwmw32l9oRXl2
2GnRXFOTPH8T0/qZLahVBHduJGaovk3j6TI+NSpvcxwhspwwWFXiCWT56TlAGR4U
R05MqvfPGxak9jLewOQqRReblrodvGDCd+YcpQr0lgbryJtCd4yl0goNC7D4/FO2
8+sUPUVZ+5ND3Ja3RqRKTJybyxYySMExiULJMHQCBf+DmGq3TN/i0GpwLKRR9dse
HbxvAzT4eg1+TiLn9/vkk73eWIXnwb3JbQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:49:35 2025 by rpki-client on console.sobornost.net