Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE1A1952CCF911EFBFC33780762E951A.roa
File: AE1A1952CCF911EFBFC33780762E951A.roa (raw, json)
Hash identifier: lFj5yZBNh8y/qY9vruW78SP2MeVC/+uWWpzQBfYASIk=
Subject key identifier: 80:58:FF:9D:5B:02:8B:BD:11:A9:40:85:43:36:59:61:71:FF:04:48
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC35
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE1A1952CCF911EFBFC33780762E951A.roa
Signing time: Tue 07 Jan 2025 13:17:01 +0000
ROA not before: Tue 07 Jan 2025 13:16:58 +0000
ROA not after: Mon 13 Dec 2027 13:16:58 +0000
asID: 17561
IP address blocks: 156.237.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64565 (0xfc35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 7 13:16:58 2025 GMT
Not After : Dec 13 13:16:58 2027 GMT
Subject: CN=677d294d-b5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:f5:dc:7e:0a:82:05:c8:93:c1:f7:c3:9f:
bb:93:94:57:32:16:99:2a:b5:9a:b1:b2:17:8a:15:
05:1e:36:90:bd:83:87:16:96:65:a3:5e:6a:aa:25:
38:a7:55:f2:04:ae:74:44:2c:c2:a7:63:60:8e:98:
bb:8c:2c:7e:71:b6:bb:9f:5b:ac:57:bd:25:d0:44:
96:c3:02:e7:b2:d1:0a:9a:0c:35:27:89:53:6d:41:
ee:32:7d:f6:e3:c8:73:a4:6e:f6:9a:96:c4:37:29:
7d:00:e8:b9:4f:70:38:ff:ce:44:f8:e1:43:49:e6:
4c:d4:83:92:6c:b6:c1:f6:bb:ba:06:fa:cd:9d:7c:
09:a8:90:d9:e4:6a:c7:b3:da:32:7b:e0:47:6a:21:
0c:6f:c7:25:23:27:59:bd:8b:86:e8:f1:a3:ae:c9:
ef:93:1e:58:be:82:42:ef:73:48:1a:80:db:30:ba:
ae:89:fa:29:bc:cb:f6:c0:c4:86:d9:2e:94:79:9d:
cb:2e:b5:7c:5c:55:2a:e5:18:ad:8f:4b:f3:a1:d9:
28:50:1d:11:b4:65:85:10:da:3c:5a:7d:82:b3:bc:
32:66:fb:66:61:38:4b:ed:df:f4:42:35:e2:05:5d:
3c:20:60:74:35:65:27:9e:86:48:02:2c:25:ed:35:
42:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:58:FF:9D:5B:02:8B:BD:11:A9:40:85:43:36:59:61:71:FF:04:48
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AE1A1952CCF911EFBFC33780762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.7.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:00:9e:b3:4b:0a:b8:03:14:d7:e0:e9:15:30:40:8a:6d:f3:
ac:4a:a3:f8:9b:6a:25:5a:67:6d:b0:a7:c5:6f:fd:25:79:04:
f6:9b:14:33:25:c9:38:ce:b8:08:de:56:2f:9a:aa:66:3d:ee:
5e:ab:77:c6:0b:80:01:5e:e9:fc:7a:2a:ce:7b:08:8f:24:65:
e7:d2:5c:b1:6b:60:1f:f6:90:cf:38:53:66:f9:da:aa:6e:43:
86:0e:e6:db:0e:6c:20:49:79:05:9d:c6:8a:0c:6b:15:4a:b5:
f5:69:6d:7f:2f:5b:e2:cd:65:00:43:1c:b5:17:bb:7a:7f:a2:
5f:b5:68:86:70:23:1c:1c:fb:9a:f3:78:84:cd:15:21:14:4b:
45:a6:d2:27:ee:9d:8f:4a:7f:1b:66:93:2c:65:ee:17:73:c1:
67:a0:ee:21:69:d3:b5:60:9e:dc:5c:a9:f8:fa:e9:92:9d:ab:
1b:36:9c:d3:5e:b1:e5:bf:09:f4:a1:43:b3:fb:f2:30:43:9c:
35:c2:0a:71:75:19:46:ea:83:1b:0e:8e:99:c9:69:d7:a6:f8:
09:2d:2d:ce:bf:60:4c:53:cd:0e:9d:c6:16:29:dd:d7:77:39:
3b:2a:43:42:ae:03:8f:c9:f4:d8:99:8d:55:06:c1:b6:90:90:
32:7f:3f:a2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPw1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMxNjU4WhcNMjcxMjEzMTMxNjU4WjAYMRYw
FAYDVQQDEw02NzdkMjk0ZC1iNWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwov13H4KggXIk8H3w5+7k5RXMhaZKrWasbIXihUFHjaQvYOHFpZlo15q
qiU4p1XyBK50RCzCp2Ngjpi7jCx+cba7n1usV70l0ESWwwLnstEKmgw1J4lTbUHu
Mn3248hzpG72mpbENyl9AOi5T3A4/85E+OFDSeZM1IOSbLbB9ru6BvrNnXwJqJDZ
5GrHs9oye+BHaiEMb8clIydZvYuG6PGjrsnvkx5YvoJC73NIGoDbMLquifopvMv2
wMSG2S6UeZ3LLrV8XFUq5Ritj0vzodkoUB0RtGWFENo8Wn2Cs7wyZvtmYThL7d/0
QjXiBV08IGB0NWUnnoZIAiwl7TVCJQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIBY
/51bAou9EalAhUM2WWFx/wRIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRTFBMTk1MkNDRjkxMUVGQkZDMzM3ODA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO0HMA0GCSqGSIb3DQEBCwUA
A4IBAQCbAJ6zSwq4AxTX4OkVMECKbfOsSqP4m2olWmdtsKfFb/0leQT2mxQzJck4
zrgI3lYvmqpmPe5eq3fGC4ABXun8eirOewiPJGXn0lyxa2Af9pDPOFNm+dqqbkOG
DubbDmwgSXkFncaKDGsVSrX1aW1/L1vizWUAQxy1F7t6f6JftWiGcCMcHPua83iE
zRUhFEtFptIn7p2PSn8bZpMsZe4Xc8FnoO4hadO1YJ7cXKn4+umSnasbNpzTXrHl
vwn0oUOz+/IwQ5w1wgpxdRlG6oMbDo6ZyWnXpvgJLS3Ov2BMU80OncYWKd3Xdzk7
KkNCrgOPyfTYmY1VBsG2kJAyfz+i
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:39:55 2025 by rpki-client on console.sobornost.net