Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/936B6F16152411F0BF885E1C6EB8BCC6.roa
File: 936B6F16152411F0BF885E1C6EB8BCC6.roa (raw, json)
Hash identifier: IBcyy4LUIYXag1Jke35bJFKw/l4PA8p1eS0LBFLOYQE=
Subject key identifier: A2:B6:85:FB:2A:D2:45:44:87:2C:45:CA:32:2B:4A:92:AC:C1:73:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014B3A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/936B6F16152411F0BF885E1C6EB8BCC6.roa
Signing time: Wed 09 Apr 2025 09:25:29 +0000
ROA not before: Wed 09 Apr 2025 09:25:24 +0000
ROA not after: Fri 16 May 2025 09:25:24 +0000
asID: 202736
IP address blocks: 156.254.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84794 (0x14b3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 09:25:24 2025 GMT
Not After : May 16 09:25:24 2025 GMT
Subject: CN=67f63d09-1873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:ee:d7:4b:64:30:5b:88:75:51:73:3e:3c:
02:d6:96:74:0c:0a:8d:d7:cb:f5:71:91:6c:2d:54:
3e:a2:aa:e6:e3:9f:5c:4b:68:03:c8:13:64:97:f4:
b6:5b:e4:2d:88:0d:e5:4c:7d:52:6f:cd:8d:11:7e:
dd:b9:ea:02:fa:86:f4:75:a5:af:75:bd:c1:40:18:
bc:77:3f:27:d6:ad:fd:e8:36:49:fa:74:45:61:98:
d9:2a:54:4b:ba:9e:76:81:09:f2:33:93:0f:3b:59:
0c:ec:32:2c:c8:89:91:0e:06:07:32:3c:a3:b6:9b:
74:b8:53:9a:84:18:74:6f:20:0e:29:b3:80:e7:5e:
00:d9:b4:63:3f:39:cf:ae:61:7d:b7:45:f5:e2:f1:
cf:81:b4:ba:80:1b:7a:b6:c2:ec:35:e6:67:7f:7e:
9b:a9:a0:ba:af:64:e4:8b:03:80:cb:09:21:6a:de:
20:98:79:61:46:d0:73:a8:f5:da:dd:28:42:61:1c:
16:c7:1a:f4:50:cb:23:4e:2f:3b:8c:59:66:77:1f:
23:02:44:6b:1a:12:9c:92:3b:8f:89:d0:5a:59:b2:
51:25:77:6b:59:22:bd:36:a5:df:57:76:ce:25:8d:
b7:1d:e9:e0:4c:06:7e:84:1c:23:27:9c:d6:52:5a:
33:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B6:85:FB:2A:D2:45:44:87:2C:45:CA:32:2B:4A:92:AC:C1:73:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/936B6F16152411F0BF885E1C6EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.116.0/22
Signature Algorithm: sha256WithRSAEncryption
03:83:90:67:56:a9:f8:72:46:3b:41:a3:be:43:00:44:cf:8e:
61:e1:3a:b0:7c:44:68:41:52:15:71:cf:1f:d4:9e:3a:5d:cf:
01:a7:af:f4:b1:83:ec:69:17:bf:ce:99:53:5f:27:c9:c4:72:
c5:2c:cd:a9:ff:83:01:b8:fa:e1:54:44:56:58:31:c7:5a:c5:
f6:2b:3f:d1:b5:a6:b6:38:be:85:6a:5d:41:79:7a:56:5b:21:
fd:49:1a:80:bf:b8:d5:58:e7:4f:4c:85:9d:b4:3a:d2:08:1f:
98:8f:6a:a7:cf:a5:29:f9:83:07:74:35:9c:bf:15:ce:b8:97:
77:4e:1c:5a:17:a0:69:40:16:1c:ba:26:92:f5:a7:50:47:8d:
a7:54:89:6e:0b:47:96:ae:65:41:fe:75:55:35:d0:f0:37:51:
ac:49:66:90:b3:be:65:44:16:4d:6a:85:31:36:3b:5b:2d:73:
f3:77:80:42:e8:45:4e:01:76:51:4c:ea:ec:e1:df:90:d6:31:
9c:2f:29:d0:c1:db:f9:dc:98:04:70:cc:76:db:26:0d:f5:11:
24:05:3b:1a:ce:ac:91:74:d8:a8:8f:06:3f:cc:05:c4:8d:99:
cc:f9:99:62:01:af:5b:63:fb:79:13:17:cd:6c:5d:99:bd:cc:
98:86:02:01
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUs6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA5MDkyNTI0WhcNMjUwNTE2MDkyNTI0WjAYMRYw
FAYDVQQDEw02N2Y2M2QwOS0xODczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArYnu10tkMFuIdVFzPjwC1pZ0DAqN18v1cZFsLVQ+oqrm459cS2gDyBNk
l/S2W+QtiA3lTH1Sb82NEX7dueoC+ob0daWvdb3BQBi8dz8n1q396DZJ+nRFYZjZ
KlRLup52gQnyM5MPO1kM7DIsyImRDgYHMjyjtpt0uFOahBh0byAOKbOA514A2bRj
PznPrmF9t0X14vHPgbS6gBt6tsLsNeZnf36bqaC6r2TkiwOAywkhat4gmHlhRtBz
qPXa3ShCYRwWxxr0UMsjTi87jFlmdx8jAkRrGhKckjuPidBaWbJRJXdrWSK9NqXf
V3bOJY23HengTAZ+hBwjJ5zWUlozqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKK2
hfsq0kVEhyxFyjIrSpKswXPiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MzZCNkYxNjE1MjQxMUYwQkY4ODVFMUM2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP50MA0GCSqGSIb3DQEBCwUA
A4IBAQADg5BnVqn4ckY7QaO+QwBEz45h4TqwfERoQVIVcc8f1J46Xc8Bp6/0sYPs
aRe/zplTXyfJxHLFLM2p/4MBuPrhVERWWDHHWsX2Kz/Rtaa2OL6Fal1BeXpWWyH9
SRqAv7jVWOdPTIWdtDrSCB+Yj2qnz6Up+YMHdDWcvxXOuJd3ThxaF6BpQBYcuiaS
9adQR42nVIluC0eWrmVB/nVVNdDwN1GsSWaQs75lRBZNaoUxNjtbLXPzd4BC6EVO
AXZRTOrs4d+Q1jGcLynQwdv53JgEcMx22yYN9REkBTsazqyRdNiojwY/zAXEjZnM
+ZliAa9bY/t5ExfNbF2ZvcyYhgIB
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:04:56 2025 by rpki-client on console.sobornost.net