Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9240DD82190311F093E23DFB6DB8BCC6.roa
File: 9240DD82190311F093E23DFB6DB8BCC6.roa (raw, json)
Hash identifier: l9hJZmk0prc12atMmsrc2RiiP9zbd6z0DlpfEikkPU4=
Subject key identifier: A0:BF:A8:09:5E:7E:8B:0B:66:E3:6D:1E:11:98:43:0C:C0:D9:5F:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014C04
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9240DD82190311F093E23DFB6DB8BCC6.roa
Signing time: Mon 14 Apr 2025 07:39:18 +0000
ROA not before: Mon 14 Apr 2025 07:39:14 +0000
ROA not after: Sun 18 May 2025 07:39:14 +0000
asID: 57043
IP address blocks: 156.253.33.0/24 maxlen: 24
156.253.41.0/24 maxlen: 24
156.253.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84996 (0x14c04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 14 07:39:14 2025 GMT
Not After : May 18 07:39:14 2025 GMT
Subject: CN=67fcbba6-1a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6c:d9:86:52:83:2e:3f:62:e8:8d:29:ce:eb:
31:b6:c3:5d:18:f1:93:1a:f2:ac:56:64:d0:18:f6:
54:0e:b0:d0:06:ca:0f:c7:5f:3c:bf:69:2e:02:ec:
a8:14:48:82:65:80:55:2a:a6:21:16:de:a3:fd:0e:
6c:f9:a1:50:5f:96:0f:01:91:6e:1a:b7:d7:db:6b:
df:ae:c2:15:9c:ef:aa:a6:51:94:0f:87:b2:6a:00:
37:4d:33:3e:01:ac:e0:27:31:b7:f3:27:6b:2d:cd:
10:8e:1e:00:a8:8e:a6:3f:22:bc:f7:a0:a9:d4:42:
28:a9:c6:87:e4:3a:45:7a:3d:06:2f:b7:8d:91:16:
57:6f:a3:3a:a5:82:78:3a:90:00:da:db:f9:a8:6c:
bc:09:14:8d:06:56:d4:f3:71:b3:c7:5f:c1:a8:c4:
3e:90:7e:d8:79:80:aa:f8:6a:d6:ac:4b:6e:e6:6f:
5b:db:a5:02:e3:b6:98:58:e6:28:7c:b6:30:89:45:
15:e5:e9:b3:e7:1a:b6:e2:ae:24:b5:2b:a0:a6:76:
85:42:64:24:52:72:51:5a:86:35:0e:45:92:8b:cd:
75:34:5b:80:ad:94:7f:f3:5d:ed:41:d5:bd:59:ec:
bf:55:3b:f1:f6:7d:48:f4:92:1a:df:12:b5:e1:4c:
66:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BF:A8:09:5E:7E:8B:0B:66:E3:6D:1E:11:98:43:0C:C0:D9:5F:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9240DD82190311F093E23DFB6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.33.0/24
156.253.41.0/24
156.253.43.0/24
Signature Algorithm: sha256WithRSAEncryption
29:77:81:a1:32:b3:6d:a5:9c:2b:5c:ce:3c:a7:32:c6:99:f5:
c8:86:d7:58:86:70:dc:18:1f:58:c7:55:2f:a2:e8:c6:20:03:
b0:00:c9:f3:22:3f:81:9a:ab:12:15:16:b3:b8:ee:2c:6c:b5:
41:70:4a:0a:49:37:8d:00:ca:28:5b:a2:2c:9c:f9:56:6b:c6:
aa:28:4c:08:5c:ea:ee:3e:b7:99:58:b3:43:fe:f3:92:c7:86:
ee:b5:8d:45:03:99:f8:2d:83:45:cc:97:bc:22:36:bd:84:8d:
8c:dd:eb:83:c9:4c:48:bf:24:95:7e:7b:c7:23:cb:2e:c0:7d:
22:a3:69:80:c7:b6:af:f0:40:38:0f:b7:74:67:c9:70:f2:12:
b7:d0:cd:5d:56:4f:b4:77:d9:ae:3b:fe:16:e2:5b:72:49:85:
c9:7e:f2:d7:41:57:ed:1f:81:ee:bd:14:b4:fb:3f:7c:27:4d:
19:e0:5d:dd:47:6f:a4:e2:5f:5c:9f:e1:27:84:1c:53:d5:9c:
0c:48:04:a3:2c:99:e5:c4:74:28:67:d3:3e:42:fa:2b:06:86:
14:51:63:59:6a:81:b2:b8:a9:7a:a6:03:df:ab:3a:f4:3a:90:
6c:c1:12:ed:2a:71:3c:c6:93:21:47:16:97:fa:04:9c:53:63:
c8:f3:00:51
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAUwEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE0MDczOTE0WhcNMjUwNTE4MDczOTE0WjAYMRYw
FAYDVQQDEw02N2ZjYmJhNi0xYTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvGzZhlKDLj9i6I0pzusxtsNdGPGTGvKsVmTQGPZUDrDQBsoPx188v2ku
AuyoFEiCZYBVKqYhFt6j/Q5s+aFQX5YPAZFuGrfX22vfrsIVnO+qplGUD4eyagA3
TTM+AazgJzG38ydrLc0Qjh4AqI6mPyK896Cp1EIoqcaH5DpFej0GL7eNkRZXb6M6
pYJ4OpAA2tv5qGy8CRSNBlbU83Gzx1/BqMQ+kH7YeYCq+GrWrEtu5m9b26UC47aY
WOYofLYwiUUV5emz5xq24q4ktSugpnaFQmQkUnJRWoY1DkWSi811NFuArZR/813t
QdW9Wey/VTvx9n1I9JIa3xK14UxmYQIDAQABo4ICrjCCAqowHQYDVR0OBBYEFKC/
qAlefosLZuNtHhGYQwzA2V87MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MjQwREQ4MjE5MDMxMUYwOTNFMjNERkI2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnP0hAwQAnP0pAwQAnP0rMA0G
CSqGSIb3DQEBCwUAA4IBAQApd4GhMrNtpZwrXM48pzLGmfXIhtdYhnDcGB9Yx1Uv
oujGIAOwAMnzIj+BmqsSFRazuO4sbLVBcEoKSTeNAMooW6IsnPlWa8aqKEwIXOru
PreZWLND/vOSx4butY1FA5n4LYNFzJe8Ija9hI2M3euDyUxIvySVfnvHI8suwH0i
o2mAx7av8EA4D7d0Z8lw8hK30M1dVk+0d9muO/4W4ltySYXJfvLXQVftH4HuvRS0
+z98J00Z4F3dR2+k4l9cn+EnhBxT1ZwMSASjLJnlxHQoZ9M+QvorBoYUUWNZaoGy
uKl6pgPfqzr0OpBswRLtKnE8xpMhRxaX+gScU2PI8wBR
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:06:40 2025 by rpki-client on console.sobornost.net