Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9195773A151B11F0827AE0E06DB8BCC6.roa
File: 9195773A151B11F0827AE0E06DB8BCC6.roa (raw, json)
Hash identifier: D0HqYG5MQk0604dxstvs7+e6sWci/0U+3KtgisMuenI=
Subject key identifier: 72:69:E9:A8:88:D8:32:1F:85:12:01:42:C2:14:7A:79:02:17:99:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014B2C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9195773A151B11F0827AE0E06DB8BCC6.roa
Signing time: Wed 09 Apr 2025 08:21:00 +0000
ROA not before: Wed 09 Apr 2025 08:20:56 +0000
ROA not after: Wed 14 May 2025 08:20:56 +0000
asID: 20473
IP address blocks: 156.236.77.0/24 maxlen: 24
156.236.78.0/23 maxlen: 24
156.240.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84780 (0x14b2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 08:20:56 2025 GMT
Not After : May 14 08:20:56 2025 GMT
Subject: CN=67f62dec-9c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9b:23:e6:06:27:27:17:3a:cb:2e:64:e8:31:
ea:be:66:86:58:36:9f:d1:49:54:eb:64:aa:43:ad:
5a:9b:6c:92:90:89:33:9d:9a:ec:65:d4:88:a8:c1:
33:b9:4e:09:42:a8:00:2f:4f:d3:1d:77:16:3f:d2:
93:1f:ac:98:ed:85:95:c8:98:a1:60:f5:80:a7:37:
10:89:47:27:73:e7:65:31:9d:dd:87:19:46:51:fa:
ac:ec:76:c8:23:3e:82:5a:cf:52:e6:8d:09:5d:13:
8c:cc:28:d8:2c:9a:a4:de:70:f8:82:34:45:ae:d4:
d8:b7:30:a2:9c:3f:59:b1:71:37:e2:61:9c:92:35:
d4:8f:24:d4:3f:c6:28:20:12:1b:68:30:9c:39:54:
ae:e2:d7:3d:79:33:de:08:d8:0a:31:2f:58:0d:44:
23:9f:c8:2d:d4:cd:84:97:6c:e9:b6:ce:d3:11:09:
78:93:56:60:ee:cf:9b:c1:e9:21:b1:d8:2a:21:ba:
17:d7:47:a7:9b:f8:dc:15:70:3a:f4:ee:f3:8b:a2:
b8:35:80:54:1b:73:48:f3:93:e2:be:20:46:79:51:
f1:05:8c:da:1f:bb:12:f3:b4:b6:19:3c:58:04:6b:
81:6c:b4:71:44:c0:af:0c:13:a2:51:bf:46:f4:38:
8f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:69:E9:A8:88:D8:32:1F:85:12:01:42:C2:14:7A:79:02:17:99:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9195773A151B11F0827AE0E06DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.77.0-156.236.79.255
156.240.98.0/24
Signature Algorithm: sha256WithRSAEncryption
23:2d:6e:c1:51:dc:9e:80:92:0a:3c:e7:98:e7:03:de:f8:a4:
c4:13:1f:7d:84:e8:94:7f:be:a9:7d:63:4d:0b:0a:d8:8a:af:
38:3c:38:1d:27:e1:d7:c7:04:91:14:7b:6f:9e:9e:d6:71:83:
18:7b:ed:34:b7:06:d1:a3:e1:ca:2a:52:90:a7:c2:90:5e:cd:
d8:02:d7:3b:0e:95:df:fc:2e:84:d3:70:1d:21:72:a4:50:07:
b0:52:0e:a2:0c:5b:64:c5:a7:77:38:9f:a3:6c:c8:4f:03:d5:
84:4e:5b:b7:8a:57:ea:49:c5:25:d0:f4:0f:7c:0e:98:46:45:
80:43:97:4a:89:9b:ae:99:4e:03:6d:c7:e1:55:ed:21:05:e5:
b2:b0:8b:8b:02:54:0c:63:06:be:a0:6a:c5:5f:79:ad:81:a7:
52:18:ff:dd:28:21:62:77:a3:69:ea:8f:7c:f4:b5:b6:d1:ae:
32:b7:26:b4:1d:a0:d6:b5:18:62:31:be:29:f7:cf:30:b3:d7:
00:9b:29:d3:13:d8:84:af:07:ba:a5:21:f1:d9:54:a0:b1:6b:
1e:55:2a:76:c5:ec:a0:d6:56:e1:35:69:6e:9b:6d:ce:29:09:
51:a1:34:f5:52:58:5e:a2:b4:56:11:d5:df:c5:ba:c7:d6:4f:
cb:ee:6e:21
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAUssMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA5MDgyMDU2WhcNMjUwNTE0MDgyMDU2WjAYMRYw
FAYDVQQDEw02N2Y2MmRlYy05YzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsZsj5gYnJxc6yy5k6DHqvmaGWDaf0UlU62SqQ61am2ySkIkznZrsZdSI
qMEzuU4JQqgAL0/THXcWP9KTH6yY7YWVyJihYPWApzcQiUcnc+dlMZ3dhxlGUfqs
7HbIIz6CWs9S5o0JXROMzCjYLJqk3nD4gjRFrtTYtzCinD9ZsXE34mGckjXUjyTU
P8YoIBIbaDCcOVSu4tc9eTPeCNgKMS9YDUQjn8gt1M2El2zpts7TEQl4k1Zg7s+b
wekhsdgqIboX10enm/jcFXA69O7zi6K4NYBUG3NI85PiviBGeVHxBYzaH7sS87S2
GTxYBGuBbLRxRMCvDBOiUb9G9DiPbQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFHJp
6aiI2DIfhRIBQsIUenkCF5mMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTk1NzczQTE1MUIxMUYwODI3QUUwRTA2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBACc7E0DBASc7EADBACc8GIw
DQYJKoZIhvcNAQELBQADggEBACMtbsFR3J6Akgo855jnA974pMQTH32E6JR/vql9
Y00LCtiKrzg8OB0n4dfHBJEUe2+entZxgxh77TS3BtGj4coqUpCnwpBezdgC1zsO
ld/8LoTTcB0hcqRQB7BSDqIMW2TFp3c4n6NsyE8D1YROW7eKV+pJxSXQ9A98DphG
RYBDl0qJm66ZTgNtx+FV7SEF5bKwi4sCVAxjBr6gasVfea2Bp1IY/90oIWJ3o2nq
j3z0tbbRrjK3JrQdoNa1GGIxvin3zzCz1wCbKdMT2ISvB7qlIfHZVKCxax5VKnbF
7KDWVuE1aW6bbc4pCVGhNPVSWF6itFYR1d/FusfWT8vubiE=
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:06:40 2025 by rpki-client on console.sobornost.net