Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B68F5B21CA611F0B57FCB97DAE4EC9C.roa
File: 7B68F5B21CA611F0B57FCB97DAE4EC9C.roa (raw, json)
Hash identifier: 2S4Njhs9kpfH74maLMF+OXSfhBzT7LvpNAAj1AeBg8g=
Subject key identifier: 22:D1:8E:20:44:47:73:BA:52:D6:92:A8:42:43:0E:50:AD:05:68:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014D63
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B68F5B21CA611F0B57FCB97DAE4EC9C.roa
Signing time: Fri 18 Apr 2025 22:43:01 +0000
ROA not before: Fri 18 Apr 2025 22:42:57 +0000
ROA not after: Wed 04 Jun 2025 22:42:57 +0000
asID: 398823
IP address blocks: 156.229.176.0/20 maxlen: 24
156.229.192.0/19 maxlen: 24
156.252.144.0/20 maxlen: 24
156.252.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85347 (0x14d63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 22:42:57 2025 GMT
Not After : Jun 4 22:42:57 2025 GMT
Subject: CN=6802d575-20eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e5:d6:1e:2e:46:81:9d:e0:c6:6f:23:cc:d4:
45:50:53:35:70:3d:60:77:75:21:e7:31:bd:23:3a:
a9:96:73:eb:e4:05:83:1f:ff:ed:3b:6a:7e:12:08:
11:5b:18:f5:55:42:f6:a5:0d:64:85:d3:f3:26:65:
31:2c:16:66:e0:a6:b7:86:83:70:39:72:f4:4c:fe:
37:1b:46:ab:32:17:e7:9b:5f:9d:72:b1:85:fa:aa:
09:4c:83:8e:2a:7b:25:0f:2f:94:b0:69:56:5c:e5:
84:a2:c4:37:3f:73:cd:93:ec:16:8d:38:84:82:ba:
ff:12:42:c5:bd:9b:da:72:58:62:cb:41:6f:9e:12:
8d:76:3d:63:fd:59:23:e0:df:d2:f6:08:ae:b9:61:
b7:88:fa:5b:22:71:13:82:7a:98:5f:fb:4a:bc:53:
84:42:d3:3f:e1:cb:08:e5:4e:68:f2:48:b7:c0:44:
c8:9b:87:f2:82:73:a9:21:f5:02:2b:57:c5:2d:20:
4c:55:cc:8a:de:07:d9:a7:03:13:be:1d:5a:cd:b7:
b6:b6:b2:86:20:e2:c0:6b:06:b2:ff:68:f2:bc:1f:
0d:4a:d5:45:b6:8d:96:27:b0:3d:a8:bb:1c:b8:3d:
03:30:6a:8c:d2:34:34:1f:bd:8f:4b:7f:c9:b2:44:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D1:8E:20:44:47:73:BA:52:D6:92:A8:42:43:0E:50:AD:05:68:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7B68F5B21CA611F0B57FCB97DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.176.0-156.229.223.255
156.252.144.0-156.252.175.255
Signature Algorithm: sha256WithRSAEncryption
84:32:12:16:0f:c0:1f:65:c9:3e:92:00:8c:0d:b6:1e:b8:7d:
46:d1:42:35:d3:3b:41:c5:c2:63:ed:d2:f1:6d:aa:6d:90:be:
21:6f:30:65:dc:2c:75:f1:aa:bf:e4:03:71:b9:f5:51:f5:8e:
aa:7d:d9:32:a3:c7:f6:c5:6c:2f:96:0b:26:43:f5:e8:45:ca:
1d:ce:cb:67:22:97:53:3c:5d:10:b6:74:3e:4f:b1:d4:0b:37:
06:55:db:1c:6b:a8:87:00:4a:3c:b4:87:c1:fa:78:e1:38:8e:
e9:9f:64:67:b1:cc:97:d8:81:da:05:27:01:d4:7d:5c:19:84:
9a:77:d0:83:30:06:20:8a:44:72:ff:fc:5c:b0:9e:84:46:55:
e9:de:c9:40:b1:2a:3f:7c:90:f6:fa:2b:28:ae:88:d5:17:00:
e0:55:7c:66:76:f4:f9:b7:4b:b2:b2:3e:01:da:78:39:64:13:
ae:b4:24:5f:68:7e:e9:75:dd:48:18:50:41:dd:3c:28:de:3c:
be:05:10:49:f6:e2:d3:68:4f:d2:b1:f8:f6:cc:ac:38:0f:6f:
61:36:10:d7:04:35:f9:c8:51:c3:40:d5:8b:55:4b:b9:f8:98:
40:5a:ec:1a:29:92:04:73:67:cf:7a:a8:d1:e0:df:f3:a1:ae:
6d:5b:7b:67
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgIDAU1jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE4MjI0MjU3WhcNMjUwNjA0MjI0MjU3WjAYMRYw
FAYDVQQDEw02ODAyZDU3NS0yMGViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyOXWHi5GgZ3gxm8jzNRFUFM1cD1gd3Uh5zG9IzqplnPr5AWDH//tO2p+
EggRWxj1VUL2pQ1khdPzJmUxLBZm4Ka3hoNwOXL0TP43G0arMhfnm1+dcrGF+qoJ
TIOOKnslDy+UsGlWXOWEosQ3P3PNk+wWjTiEgrr/EkLFvZvaclhiy0FvnhKNdj1j
/Vkj4N/S9giuuWG3iPpbInETgnqYX/tKvFOEQtM/4csI5U5o8ki3wETIm4fygnOp
IfUCK1fFLSBMVcyK3gfZpwMTvh1azbe2trKGIOLAaway/2jyvB8NStVFto2WJ7A9
qLscuD0DMGqM0jQ0H72PS3/JskTszQIDAQABo4ICuDCCArQwHQYDVR0OBBYEFCLR
jiBER3O6UtaSqEJDDlCtBWggMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83QjY4RjVCMjFDQTYxMUYwQjU3RkNCOTdEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASc5bADBAWc5cAwDAMEBJz8
kAMEBJz8oDANBgkqhkiG9w0BAQsFAAOCAQEAhDISFg/AH2XJPpIAjA22Hrh9RtFC
NdM7QcXCY+3S8W2qbZC+IW8wZdwsdfGqv+QDcbn1UfWOqn3ZMqPH9sVsL5YLJkP1
6EXKHc7LZyKXUzxdELZ0Pk+x1As3BlXbHGuohwBKPLSHwfp44TiO6Z9kZ7HMl9iB
2gUnAdR9XBmEmnfQgzAGIIpEcv/8XLCehEZV6d7JQLEqP3yQ9vorKK6I1RcA4FV8
Znb0+bdLsrI+Adp4OWQTrrQkX2h+6XXdSBhQQd08KN48vgUQSfbi02hP0rH49sys
OA9vYTYQ1wQ1+chRw0DVi1VLufiYQFrsGimSBHNnz3qo0eDf86GubVt7Zw==
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:39:19 2025 by rpki-client on console.sobornost.net