Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A43960E81A0411F0BC118C2B6EB8BCC6.roa
File: A43960E81A0411F0BC118C2B6EB8BCC6.roa (raw, json)
Hash identifier: zVTVEy0am938or0ZnyV4eca2VP2N+g75jPBdXTniQ30=
Subject key identifier: ED:1D:43:EE:34:03:1D:3A:41:84:85:3F:49:21:87:B6:31:B9:96:30
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014C6E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A43960E81A0411F0BC118C2B6EB8BCC6.roa
Signing time: Tue 15 Apr 2025 14:19:29 +0000
ROA not before: Tue 15 Apr 2025 14:19:24 +0000
ROA not after: Thu 22 May 2025 14:19:24 +0000
asID: 7018
IP address blocks: 156.253.226.0/24 maxlen: 24
156.253.240.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85102 (0x14c6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 15 14:19:24 2025 GMT
Not After : May 22 14:19:24 2025 GMT
Subject: CN=67fe6af1-a72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:dd:21:9c:fb:8d:b3:e6:21:12:74:df:47:c1:
ab:ef:75:9b:6c:0e:30:26:ba:11:37:b9:c4:2d:2d:
d5:17:f4:bc:8c:02:4a:de:8f:31:58:fc:95:f4:26:
72:43:37:65:8f:8a:a7:8d:8d:f2:53:2b:01:35:37:
5b:21:d3:66:39:b6:bd:40:cb:83:a2:07:d7:0e:2b:
9e:fa:8d:49:f4:30:c7:19:38:ac:ff:6f:54:db:cd:
a8:86:5f:07:ca:a0:63:44:10:13:71:67:05:59:55:
bb:fc:f2:d2:af:04:39:4b:73:01:b4:4a:f4:ae:e9:
2f:d6:5f:b6:2a:45:7d:8b:d2:ef:3c:57:53:09:9c:
d4:f2:4e:f8:c5:ca:f8:35:9f:83:98:4d:df:2a:b0:
00:03:78:72:00:3f:02:7e:d6:6f:a4:b7:8b:dd:e8:
e0:26:c0:23:c6:7c:9b:75:ce:38:8c:5f:50:05:4f:
5b:fd:93:cb:6a:f0:f6:43:8a:4d:50:db:6e:53:c5:
de:f8:a2:ae:2a:85:47:5d:20:90:8a:ce:e5:80:bb:
df:9e:b7:78:24:6e:46:c7:38:09:01:99:32:bd:d3:
72:7b:4d:a4:a1:dd:a3:ca:1e:1e:57:34:af:19:64:
75:52:8d:66:55:43:66:f8:b9:d4:0b:af:f9:e4:47:
c7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1D:43:EE:34:03:1D:3A:41:84:85:3F:49:21:87:B6:31:B9:96:30
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A43960E81A0411F0BC118C2B6EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.226.0/24
156.253.240.0/21
Signature Algorithm: sha256WithRSAEncryption
32:f0:37:5a:92:9f:cf:6a:39:93:be:c6:2a:4a:65:61:0c:75:
dd:10:8b:f0:4b:e6:7c:f5:ce:2a:e8:7a:23:14:27:e5:24:4c:
26:55:0d:f4:80:c1:59:a7:94:0c:8e:c8:fe:0c:d9:44:ec:30:
fe:26:be:6a:c1:3e:2d:f4:57:b8:3a:79:a8:ef:9b:fc:0e:ff:
ef:37:74:fb:1d:56:a0:55:14:6d:99:c2:2b:e8:3b:0f:b6:09:
95:f7:88:2c:b3:95:e3:66:02:87:ba:51:d3:a9:cb:46:3e:c9:
1e:55:50:c6:35:40:39:39:11:53:e2:0e:20:10:60:3d:f6:7a:
48:e0:fe:cb:58:8b:71:7f:e9:15:d7:c5:e6:be:5d:6e:6a:fb:
b1:24:0e:63:d5:fa:fa:26:44:ef:b7:ad:e6:fa:09:76:7d:f4:
4e:8d:a1:a9:d3:4d:3c:98:c2:ac:c6:60:a5:c9:3e:4f:c1:0f:
a6:66:ec:8d:b6:98:f6:db:62:01:5f:ae:9a:bf:19:a1:8f:d4:
24:fd:9c:21:05:3e:40:5d:56:bb:d7:10:d7:cc:2a:49:47:f9:
6d:ca:33:1c:24:b3:85:b2:9b:0e:6a:5d:81:1f:35:7c:2b:d3:
35:a5:c1:ae:0a:b3:a5:9f:fc:df:93:b7:2e:58:bd:a2:97:62:
89:fd:0d:ae
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUxuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDE1MTQxOTI0WhcNMjUwNTIyMTQxOTI0WjAYMRYw
FAYDVQQDEw02N2ZlNmFmMS1hNzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4d0hnPuNs+YhEnTfR8Gr73WbbA4wJroRN7nELS3VF/S8jAJK3o8xWPyV
9CZyQzdlj4qnjY3yUysBNTdbIdNmOba9QMuDogfXDiue+o1J9DDHGTis/29U282o
hl8HyqBjRBATcWcFWVW7/PLSrwQ5S3MBtEr0rukv1l+2KkV9i9LvPFdTCZzU8k74
xcr4NZ+DmE3fKrAAA3hyAD8CftZvpLeL3ejgJsAjxnybdc44jF9QBU9b/ZPLavD2
Q4pNUNtuU8Xe+KKuKoVHXSCQis7lgLvfnrd4JG5GxzgJAZkyvdNye02kod2jyh4e
VzSvGWR1Uo1mVUNm+LnUC6/55EfH0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO0d
Q+40Ax06QYSFP0khh7YxuZYwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNDM5NjBFODFBMDQxMUYwQkMxMThDMkI2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnP3iAwQDnP3wMA0GCSqGSIb3
DQEBCwUAA4IBAQAy8Ddakp/PajmTvsYqSmVhDHXdEIvwS+Z89c4q6HojFCflJEwm
VQ30gMFZp5QMjsj+DNlE7DD+Jr5qwT4t9Fe4Onmo75v8Dv/vN3T7HVagVRRtmcIr
6DsPtgmV94gss5XjZgKHulHTqctGPskeVVDGNUA5ORFT4g4gEGA99npI4P7LWItx
f+kV18Xmvl1uavuxJA5j1fr6JkTvt63m+gl2ffROjaGp0008mMKsxmClyT5PwQ+m
ZuyNtpj222IBX66avxmhj9Qk/ZwhBT5AXVa71xDXzCpJR/ltyjMcJLOFspsOal2B
HzV8K9M1pcGuCrOln/zfk7cuWL2il2KJ/Q2u
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:06:54 2025 by rpki-client on console.sobornost.net