Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/599F01D61CA811F090B946A3DAE4EC9C.roa
File: 599F01D61CA811F090B946A3DAE4EC9C.roa (raw, json)
Hash identifier: dzcpxtLpboDVuprnh45MusTh8nE3EgibLAtMhiMbzaY=
Subject key identifier: CF:36:48:23:5F:C9:DC:8E:AF:25:70:E8:A6:27:4E:55:93:7B:1D:95
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D67
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/599F01D61CA811F090B946A3DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 22:56:24 +0000
ROA not before: Fri 18 Apr 2025 22:56:19 +0000
ROA not after: Wed 04 Jun 2025 22:56:19 +0000
asID: 399195
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 00:26:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85351 (0x14d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 22:56:19 2025 GMT
Not After : Jun 4 22:56:19 2025 GMT
Subject: CN=6802d898-a225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:20:2d:8e:39:9a:69:9f:b7:4a:3b:ad:7b:aa:
41:29:6e:18:70:0e:85:6f:c5:3a:5b:08:3e:86:9f:
ee:1c:36:0a:f6:13:fb:c3:7f:4f:66:b0:07:be:fb:
f8:5f:9a:29:fb:47:f5:f5:01:15:c6:6b:d1:cb:f8:
ab:53:51:39:95:4f:ad:00:b6:06:3e:57:9b:b3:af:
70:96:08:8c:fb:9d:83:dd:e1:c2:fb:cc:f3:68:bf:
ca:24:95:b4:cf:b7:74:8c:71:0d:38:2c:59:9d:50:
a7:4e:e8:de:db:df:ab:aa:8b:69:de:0d:b6:90:cb:
e8:c4:0f:4d:bb:a5:7f:0e:e7:3f:e2:b2:dc:ec:57:
c0:ab:bc:b4:dd:e5:81:e8:63:70:61:80:9c:02:8a:
6e:ba:f8:ec:ce:48:0a:bb:54:69:47:0d:53:cf:0f:
9c:a2:ea:74:c1:49:5a:80:96:5d:09:6f:38:82:e3:
15:51:3c:77:cf:c4:93:31:3c:9b:cc:97:0c:cd:7e:
3b:ab:d7:f5:6f:ce:e4:38:43:31:34:aa:b3:f7:fb:
d7:ff:d8:59:89:f9:74:8f:b9:92:68:cb:fe:40:53:
09:6d:1f:68:fc:96:ef:3a:17:1b:fa:29:ac:d0:68:
dd:50:71:ae:2d:7f:c7:70:bb:14:1f:0e:c4:88:ca:
4b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:36:48:23:5F:C9:DC:8E:AF:25:70:E8:A6:27:4E:55:93:7B:1D:95
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/599F01D61CA811F090B946A3DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
5e:3c:6c:e5:b6:71:24:15:13:42:6d:a5:fb:c9:03:22:6f:66:
16:df:d1:97:64:b6:2f:03:39:39:a1:57:b1:a3:f5:36:61:2d:
7b:ff:3b:4f:f6:d7:8b:d9:0c:1c:2b:bb:9b:ab:88:73:70:f9:
c3:e5:97:c3:32:c2:72:a1:4f:f6:5d:30:ad:ff:4e:a9:45:b4:
9e:de:0c:1b:c7:53:fe:0e:e3:2e:5a:78:a0:06:89:bd:62:14:
bf:fb:63:42:2d:fc:2d:61:e1:87:61:07:4d:0b:f9:e8:3e:32:
30:5e:52:53:d4:6a:db:da:03:82:a5:12:c6:0a:74:18:6a:c4:
05:5e:ec:65:6b:7f:4e:c6:e0:c3:ca:0c:f4:58:0e:b6:5f:c4:
b3:8b:44:73:0b:50:2b:57:26:8c:f9:4f:50:5e:19:e2:8c:e3:
16:6c:49:73:7f:fe:05:bf:01:60:de:9c:e3:f9:00:97:c1:80:
ef:c7:c2:f8:8c:ec:8f:8b:a1:9e:66:d1:20:b7:b6:56:ee:88:
d0:6f:4e:f0:91:20:6c:51:cb:a7:f9:47:5a:05:5c:0e:4e:39:
d5:b0:33:72:82:9e:91:28:b0:e7:7e:09:c0:2e:19:2a:a0:6d:
0b:85:dc:62:a3:11:ec:76:a5:58:e6:90:60:88:da:36:b8:d7:
d4:85:bd:ab
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAU1nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE4MjI1NjE5WhcNMjUwNjA0MjI1NjE5WjAYMRYw
FAYDVQQDEw02ODAyZDg5OC1hMjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyyAtjjmaaZ+3Sjute6pBKW4YcA6Fb8U6Wwg+hp/uHDYK9hP7w39PZrAH
vvv4X5op+0f19QEVxmvRy/irU1E5lU+tALYGPlebs69wlgiM+52D3eHC+8zzaL/K
JJW0z7d0jHENOCxZnVCnTuje29+rqotp3g22kMvoxA9Nu6V/Duc/4rLc7FfAq7y0
3eWB6GNwYYCcAopuuvjszkgKu1RpRw1Tzw+coup0wUlagJZdCW84guMVUTx3z8ST
MTybzJcMzX47q9f1b87kOEMxNKqz9/vX/9hZifl0j7mSaMv+QFMJbR9o/JbvOhcb
+ims0GjdUHGuLX/HcLsUHw7EiMpLZQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFM82
SCNfydyOryVw6KYnTlWTex2VMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTlGMDFENjFDQTgxMUYwOTBCOTQ2QTNEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASc5bADBAWc5cAwDAMEBJz8
kAMEBJz8oDANBgkqhkiG9w0BAQsFAAOCAQEAXjxs5bZxJBUTQm2l+8kDIm9mFt/R
l2S2LwM5OaFXsaP1NmEte/87T/bXi9kMHCu7m6uIc3D5w+WXwzLCcqFP9l0wrf9O
qUW0nt4MG8dT/g7jLlp4oAaJvWIUv/tjQi38LWHhh2EHTQv56D4yMF5SU9Rq29oD
gqUSxgp0GGrEBV7sZWt/Tsbgw8oM9FgOtl/Es4tEcwtQK1cmjPlPUF4Z4ozjFmxJ
c3/+Bb8BYN6c4/kAl8GA78fC+Izsj4uhnmbRILe2Vu6I0G9O8JEgbFHLp/lHWgVc
Dk451bAzcoKekSiw534JwC4ZKqBtC4XcYqMR7HalWOaQYIjaNrjX1IW9qw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:49:49 2025 by rpki-client on console.sobornost.net