Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D788778CD7611EF82D85EA8762E951A.roa
File: 4D788778CD7611EF82D85EA8762E951A.roa (raw, json)
Hash identifier: WCRwtKpPD6f3qwgbHuq0v+4JFpvGiP/SyXlByVTSV0o=
Subject key identifier: C8:6D:DE:DF:12:34:AC:99:D3:1C:A0:3D:2D:3E:CC:F5:6A:27:6F:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFB3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D788778CD7611EF82D85EA8762E951A.roa
Signing time: Wed 08 Jan 2025 04:09:06 +0000
ROA not before: Wed 08 Jan 2025 04:09:02 +0000
ROA not after: Mon 13 Dec 2027 04:09:02 +0000
asID: 17561
IP address blocks: 156.248.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65459 (0xffb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 8 04:09:02 2025 GMT
Not After : Dec 13 04:09:02 2027 GMT
Subject: CN=677dfa62-0329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:35:4f:23:aa:78:6d:27:ad:b8:bd:aa:d5:f4:
b7:7a:01:78:c2:08:39:d1:a6:c9:6b:15:74:13:10:
5d:c5:d3:58:17:f2:a0:21:f0:61:15:06:3e:b1:07:
7b:25:4b:2f:91:30:83:6d:c0:b4:bc:be:a8:fe:fd:
2b:d4:d6:62:9e:f5:20:d4:86:ee:71:c1:9a:fd:a2:
38:0a:c8:92:e4:36:77:1b:8d:85:51:8a:fb:9a:e8:
8c:98:e3:2c:56:33:8d:11:13:6f:b5:00:9d:ab:bb:
6a:67:23:ed:d0:f7:ad:54:c1:77:1e:91:cf:68:05:
25:bf:72:84:b5:fc:f3:64:36:f0:1f:69:9e:33:e3:
9e:a0:40:9e:e4:63:7a:80:ff:9d:ae:c3:57:ab:e1:
13:44:95:43:fe:a0:c6:41:85:d9:49:e9:84:7b:23:
ae:42:20:f6:4a:89:d0:0f:e2:aa:55:d4:34:e7:96:
de:ff:43:31:ca:88:de:a6:ba:ce:96:3d:b5:c8:29:
36:a0:6f:1f:1e:74:47:d1:d1:be:c4:34:2c:62:72:
da:36:e2:e4:f8:97:62:3f:83:b3:3b:53:ea:7a:f3:
92:b1:f3:f2:f5:62:2c:74:a4:ce:13:d3:6d:fa:b5:
29:ce:c9:c2:34:70:0f:7b:bc:b0:be:af:ba:41:c3:
66:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:6D:DE:DF:12:34:AC:99:D3:1C:A0:3D:2D:3E:CC:F5:6A:27:6F:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4D788778CD7611EF82D85EA8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.99.0/24
Signature Algorithm: sha256WithRSAEncryption
55:3c:9c:63:a8:df:59:6b:97:38:01:d3:f8:05:d9:ed:72:6c:
08:ea:ab:2b:e1:c5:41:3d:80:49:e6:b6:4d:5d:e5:8e:fc:9f:
16:07:24:b2:fc:11:c9:bf:b9:d4:0a:d2:04:04:1c:2f:a8:f6:
76:b0:0a:8d:5a:89:20:67:11:af:60:75:33:39:33:73:4d:53:
b6:31:bc:59:1f:be:3b:ae:6d:5b:07:d4:f4:62:fd:8b:a8:bd:
39:42:a8:74:6e:c0:94:fe:f0:0a:3b:a8:dd:7b:43:90:11:ec:
04:12:c8:64:00:78:94:7b:97:0d:da:64:6c:38:f7:7a:a4:a2:
e2:4d:ee:0d:8b:91:1a:02:4c:55:b5:1b:7f:62:c9:43:13:3f:
6e:8d:a8:fc:59:73:52:4b:a3:cb:73:0b:e0:a6:94:d0:c6:96:
48:82:43:c8:ea:24:5d:c2:30:88:96:36:6b:c7:f5:3b:5a:7f:
d7:0f:d5:1e:a1:ff:e3:57:ac:dd:cb:70:dd:0e:ad:7a:b1:4f:
bd:70:9e:a1:74:bd:5e:2e:63:7c:0e:b7:66:20:ac:b7:fb:fe:
6b:d1:af:4c:a6:5c:1b:cd:5e:5f:55:50:1b:2a:74:82:4c:31:
73:00:4a:7d:5d:d4:8a:01:a0:b9:9e:e8:07:15:9b:d2:bd:68:
bd:a3:17:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+zMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQwOTAyWhcNMjcxMjEzMDQwOTAyWjAYMRYw
FAYDVQQDEw02NzdkZmE2Mi0wMzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxjVPI6p4bSetuL2q1fS3egF4wgg50abJaxV0ExBdxdNYF/KgIfBhFQY+
sQd7JUsvkTCDbcC0vL6o/v0r1NZinvUg1IbuccGa/aI4CsiS5DZ3G42FUYr7muiM
mOMsVjONERNvtQCdq7tqZyPt0PetVMF3HpHPaAUlv3KEtfzzZDbwH2meM+OeoECe
5GN6gP+drsNXq+ETRJVD/qDGQYXZSemEeyOuQiD2SonQD+KqVdQ055be/0Mxyoje
prrOlj21yCk2oG8fHnRH0dG+xDQsYnLaNuLk+JdiP4OzO1PqevOSsfPy9WIsdKTO
E9Nt+rUpzsnCNHAPe7ywvq+6QcNm+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMht
3t8SNKyZ0xygPS0+zPVqJ28gMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80RDc4ODc3OENENzYxMUVGODJEODVFQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhjMA0GCSqGSIb3DQEBCwUA
A4IBAQBVPJxjqN9Za5c4AdP4BdntcmwI6qsr4cVBPYBJ5rZNXeWO/J8WBySy/BHJ
v7nUCtIEBBwvqPZ2sAqNWokgZxGvYHUzOTNzTVO2MbxZH747rm1bB9T0Yv2LqL05
Qqh0bsCU/vAKO6jde0OQEewEEshkAHiUe5cN2mRsOPd6pKLiTe4Ni5EaAkxVtRt/
YslDEz9ujaj8WXNSS6PLcwvgppTQxpZIgkPI6iRdwjCIljZrx/U7Wn/XD9Ueof/j
V6zdy3DdDq16sU+9cJ6hdL1eLmN8DrdmIKy3+/5r0a9MplwbzV5fVVAbKnSCTDFz
AEp9XdSKAaC5nugHFZvSvWi9oxfG
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:54:38 2025 by rpki-client on console.sobornost.net