Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/71B959A41CFA11F0A746ACD6DAE4EC9C.roa
File: 71B959A41CFA11F0A746ACD6DAE4EC9C.roa (raw, json)
Hash identifier: H7zFLVnPxC2q/6PO5jo/+lsnCTILvKg6VVoNkRiGKJc=
Subject key identifier: 34:55:1B:77:4D:33:FE:CF:16:AD:C4:0B:C7:99:90:04:63:D6:8C:9E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D78
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/71B959A41CFA11F0A746ACD6DAE4EC9C.roa
Signing time: Sat 19 Apr 2025 08:44:03 +0000
ROA not before: Sat 19 Apr 2025 08:43:58 +0000
ROA not after: Sat 24 May 2025 08:43:58 +0000
asID: 395886
IP address blocks: 156.239.24.0/21 maxlen: 24
156.239.32.0/20 maxlen: 24
156.239.48.0/22 maxlen: 24
156.239.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85368 (0x14d78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 19 08:43:58 2025 GMT
Not After : May 24 08:43:58 2025 GMT
Subject: CN=68036253-61cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ed:b3:27:f9:0f:c5:a6:e3:49:f7:c6:14:d4:
2e:1e:9a:dd:dd:de:1f:99:ee:fd:fe:ad:cb:6b:f5:
d7:c0:cb:c9:5e:93:68:c4:b0:13:d8:3d:19:3e:0a:
59:e0:ee:60:25:66:cd:e7:83:5b:6d:31:ff:5f:8e:
b5:bb:40:a6:9f:a6:16:64:6a:44:ef:e0:22:98:7e:
14:09:a4:0f:e7:b4:78:c4:d6:c3:36:db:9d:dc:b9:
d1:fa:fc:8a:39:05:14:28:9f:1e:a1:c2:9e:ad:fa:
88:e4:02:22:5b:71:18:ec:c7:09:17:5e:49:0f:b4:
1e:3c:5d:4f:23:96:2f:c4:84:1f:c2:4d:9f:91:5c:
f0:75:7a:53:7c:a1:ec:6e:28:74:97:ec:43:b8:84:
94:b8:ac:93:a7:f5:4b:50:45:ab:f0:f8:fa:c2:97:
fd:23:29:63:88:a2:2b:0e:df:f5:c0:f6:dd:18:60:
1c:6d:6a:0d:47:1f:c6:98:64:b3:bd:aa:ef:74:11:
f0:a0:c5:73:af:40:17:28:78:06:04:ee:59:1e:68:
56:eb:ef:0a:27:fc:93:4f:82:f8:cb:22:ca:ff:1f:
2f:24:c7:15:21:47:4e:17:1e:3b:6b:01:b0:a9:30:
66:82:39:54:79:5f:d5:81:30:00:8d:fb:ee:2d:c0:
36:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:55:1B:77:4D:33:FE:CF:16:AD:C4:0B:C7:99:90:04:63:D6:8C:9E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/71B959A41CFA11F0A746ACD6DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0-156.239.53.255
Signature Algorithm: sha256WithRSAEncryption
33:48:e4:7c:a4:ad:6d:9c:22:2f:9f:1a:3c:af:28:e4:d0:d1:
e2:7b:f6:56:82:7f:9b:5d:26:4c:08:9e:54:9e:e9:77:ed:1a:
1e:37:cb:3d:42:cf:16:9a:a6:06:e2:a1:fe:7f:5d:90:2b:9c:
da:2e:38:b9:34:a8:65:b3:a9:f1:e9:23:81:d1:2d:e5:b1:9c:
69:a7:2a:1a:30:25:47:db:bd:ef:fb:99:b2:dd:ac:83:5d:61:
3c:c1:bb:19:b8:37:7c:08:bb:df:82:e1:41:c5:44:90:f3:5c:
bc:6f:e6:48:cd:b4:45:6d:64:00:84:16:5a:a1:62:85:ed:6c:
bf:98:2a:fc:50:49:68:e8:4d:b8:d9:35:cb:91:77:a1:bc:7a:
04:fd:f4:33:6b:10:fc:34:23:ff:05:61:f2:64:b5:cf:17:e4:
58:d0:f1:dd:f5:99:70:24:b1:b0:9e:28:58:fa:d5:12:5f:19:
fa:37:77:de:1e:cc:cd:cf:d0:8e:df:ad:db:b8:87:a4:e3:be:
2e:f8:b9:18:e4:90:1c:8a:9f:43:95:84:7d:77:f8:8c:dd:5e:
35:a9:3d:8d:9c:e4:48:ef:39:c0:10:57:58:c4:4c:1e:5a:05:
84:a2:76:a4:fb:42:23:bb:5e:ae:93:06:57:bf:58:c5:93:0c:
2b:b6:31:dd
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAU14MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE5MDg0MzU4WhcNMjUwNTI0MDg0MzU4WjAYMRYw
FAYDVQQDEw02ODAzNjI1My02MWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5u2zJ/kPxabjSffGFNQuHprd3d4fme79/q3La/XXwMvJXpNoxLAT2D0Z
PgpZ4O5gJWbN54NbbTH/X461u0Cmn6YWZGpE7+AimH4UCaQP57R4xNbDNtud3LnR
+vyKOQUUKJ8eocKerfqI5AIiW3EY7McJF15JD7QePF1PI5YvxIQfwk2fkVzwdXpT
fKHsbih0l+xDuISUuKyTp/VLUEWr8Pj6wpf9IyljiKIrDt/1wPbdGGAcbWoNRx/G
mGSzvarvdBHwoMVzr0AXKHgGBO5ZHmhW6+8KJ/yTT4L4yyLK/x8vJMcVIUdOFx47
awGwqTBmgjlUeV/VgTAAjfvuLcA21wIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDRV
G3dNM/7PFq3EC8eZkARj1oyeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MUI5NTlBNDFDRkExMUYwQTc0NkFDRDZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOc7xgDBAGc7zQwDQYJKoZI
hvcNAQELBQADggEBADNI5HykrW2cIi+fGjyvKOTQ0eJ79laCf5tdJkwInlSe6Xft
Gh43yz1Czxaapgbiof5/XZArnNouOLk0qGWzqfHpI4HRLeWxnGmnKhowJUfbve/7
mbLdrINdYTzBuxm4N3wIu9+C4UHFRJDzXLxv5kjNtEVtZACEFlqhYoXtbL+YKvxQ
SWjoTbjZNcuRd6G8egT99DNrEPw0I/8FYfJktc8X5FjQ8d31mXAksbCeKFj61RJf
Gfo3d94ezM3P0I7frdu4h6Tjvi74uRjkkByKn0OVhH13+IzdXjWpPY2c5EjvOcAQ
V1jETB5aBYSidqT7QiO7Xq6TBle/WMWTDCu2Md0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:59:14 2025 by rpki-client on console.sobornost.net