Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CF3ABA187511F08D4F4BC06DB8BCC6.roa
File: A7CF3ABA187511F08D4F4BC06DB8BCC6.roa (raw, json)
Hash identifier: giYACh8JLTIzKr7penZtWUsC9gDfX4CxLHNsOvF9P3Y=
Subject key identifier: 7D:36:2C:65:1C:C8:DE:62:19:40:2D:12:3C:B7:AF:53:7C:8F:FB:F5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014BFB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CF3ABA187511F08D4F4BC06DB8BCC6.roa
Signing time: Sun 13 Apr 2025 14:43:25 +0000
ROA not before: Sun 13 Apr 2025 14:43:21 +0000
ROA not after: Thu 05 Jun 2025 14:43:21 +0000
asID: 394432
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.252.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84987 (0x14bfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 13 14:43:21 2025 GMT
Not After : Jun 5 14:43:21 2025 GMT
Subject: CN=67fbcd8d-31a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:06:fc:32:d7:f4:f8:aa:96:85:62:a3:93:a1:
f4:f3:6f:f0:e0:c8:44:ce:6b:b3:ab:13:7d:3b:ca:
85:df:e6:39:a0:e9:6c:66:0b:fe:08:a9:a3:c1:db:
1a:36:ad:2f:10:3c:c8:ac:41:a2:c8:34:5a:8d:7c:
9d:df:92:6e:7b:74:d9:04:fb:b1:f7:34:77:a8:a8:
b6:91:01:c6:87:48:71:8d:18:3e:9a:af:95:25:07:
9a:6e:41:64:8f:69:30:c9:ac:8f:1f:ad:ea:8d:01:
c8:d7:31:3a:9d:f0:77:ee:72:a5:3c:65:0c:25:d8:
c3:60:21:24:d2:e9:2a:52:56:e2:4d:5b:52:9e:44:
60:4a:97:2a:35:27:b2:a2:3e:e2:94:c8:f9:f2:b7:
7c:c1:3c:72:54:84:1b:97:66:23:6d:17:02:6a:99:
d3:84:df:72:63:cd:08:a2:84:f5:1a:a9:d5:29:a9:
48:c6:3a:ff:23:10:bb:96:74:36:d1:9d:1a:10:a9:
54:f5:72:75:26:76:30:12:28:c2:55:07:24:32:a6:
b6:72:00:91:ba:88:b4:5b:d9:a9:5b:74:75:8b:7d:
4f:8d:0a:a7:59:55:f9:03:45:8a:46:82:69:90:5d:
a7:68:b4:64:57:79:8f:f7:53:81:ee:3e:ec:4a:ec:
fb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:36:2C:65:1C:C8:DE:62:19:40:2D:12:3C:B7:AF:53:7C:8F:FB:F5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A7CF3ABA187511F08D4F4BC06DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.252.96.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:b4:49:97:0a:9e:ee:88:a7:91:f4:46:f0:dd:51:2f:8e:9e:
ca:c4:bb:40:11:11:07:bd:52:35:d9:bf:b3:a6:4a:f9:5a:6c:
40:b4:dc:91:7a:60:22:a2:1e:24:40:e4:80:dd:3e:6c:1c:23:
ad:aa:9a:f6:0f:f0:31:21:d6:d0:5f:c4:75:cb:35:5a:9d:1e:
4d:cb:65:96:98:31:02:8c:df:50:36:75:f7:f8:9d:3d:51:9e:
b1:08:37:f1:26:df:62:d1:01:3f:17:2d:20:8c:be:f6:b7:e2:
e8:d0:07:9f:c7:16:12:1a:6c:21:8e:bc:bf:32:8e:5a:d6:bf:
db:0b:6c:fd:c2:b5:36:b5:33:de:d1:57:a7:34:1e:17:23:c8:
74:48:88:de:74:f3:3c:3e:97:26:bc:75:46:46:60:53:87:f3:
77:6a:a1:ba:f5:8b:a5:0c:bf:b1:24:52:07:62:90:d8:19:c4:
0d:d9:2f:9d:01:6d:bd:5c:d9:36:eb:f3:f6:4f:1c:30:ae:16:
a6:20:a2:26:26:83:e2:fa:0a:f5:b9:36:08:fe:90:41:37:b8:
92:3d:74:c7:56:21:1f:a3:ad:9d:49:b8:0e:68:14:56:d9:d4:
f1:23:ea:37:21:30:58:de:b2:e8:ea:a7:3d:45:04:01:49:ee:
ce:41:60:7a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUv7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDEzMTQ0MzIxWhcNMjUwNjA1MTQ0MzIxWjAYMRYw
FAYDVQQDEw02N2ZiY2Q4ZC0zMWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvgb8Mtf0+KqWhWKjk6H082/w4MhEzmuzqxN9O8qF3+Y5oOlsZgv+CKmj
wdsaNq0vEDzIrEGiyDRajXyd35Jue3TZBPux9zR3qKi2kQHGh0hxjRg+mq+VJQea
bkFkj2kwyayPH63qjQHI1zE6nfB37nKlPGUMJdjDYCEk0ukqUlbiTVtSnkRgSpcq
NSeyoj7ilMj58rd8wTxyVIQbl2YjbRcCapnThN9yY80IooT1GqnVKalIxjr/IxC7
lnQ20Z0aEKlU9XJ1JnYwEijCVQckMqa2cgCRuoi0W9mpW3R1i31PjQqnWVX5A0WK
RoJpkF2naLRkV3mP91OB7j7sSuz7oQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH02
LGUcyN5iGUAtEjy3r1N8j/v1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BN0NGM0FCQTE4NzUxMUYwOEQ0RjRCQzA2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFnOOgAwQFnPxgMA0GCSqGSIb3
DQEBCwUAA4IBAQAatEmXCp7uiKeR9Ebw3VEvjp7KxLtAEREHvVI12b+zpkr5WmxA
tNyRemAioh4kQOSA3T5sHCOtqpr2D/AxIdbQX8R1yzVanR5Ny2WWmDECjN9QNnX3
+J09UZ6xCDfxJt9i0QE/Fy0gjL72t+Lo0AefxxYSGmwhjry/Mo5a1r/bC2z9wrU2
tTPe0VenNB4XI8h0SIjedPM8PpcmvHVGRmBTh/N3aqG69YulDL+xJFIHYpDYGcQN
2S+dAW29XNk26/P2TxwwrhamIKImJoPi+gr1uTYI/pBBN7iSPXTHViEfo62dSbgO
aBRW2dTxI+o3ITBY3rLo6qc9RQQBSe7OQWB6
-----END CERTIFICATE-----
Generated at Fri Apr 25 12:59:42 2025 by rpki-client on console.sobornost.net