Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4024B0A1F4711F09D9C47BFDAE4EC9C.roa
File: B4024B0A1F4711F09D9C47BFDAE4EC9C.roa (raw, json)
Hash identifier: N6+ntjZxH7MAxar3H30zG6/B9MgvQXTVsKt5W81pIAI=
Subject key identifier: 4D:2E:70:2D:76:08:B0:28:FB:56:6B:78:F1:75:54:E7:D6:37:93:34
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014DD6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4024B0A1F4711F09D9C47BFDAE4EC9C.roa
Signing time: Tue 22 Apr 2025 07:02:08 +0000
ROA not before: Tue 22 Apr 2025 07:02:03 +0000
ROA not after: Mon 26 May 2025 07:02:03 +0000
asID: 174
IP address blocks: 45.202.111.0/24 maxlen: 24
45.202.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85462 (0x14dd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 22 07:02:03 2025 GMT
Not After : May 26 07:02:03 2025 GMT
Subject: CN=68073eef-ae86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:39:8a:59:60:b7:da:72:33:bd:e9:fb:14:fe:
2d:c2:87:bc:7b:5d:1d:28:60:57:0b:1a:c5:ca:4f:
86:ac:08:ad:fe:d0:3d:9e:6c:39:9f:bb:26:ef:fa:
f9:e3:61:26:b9:38:22:98:06:04:0d:73:27:c1:3f:
74:e9:2d:d1:81:d9:67:fa:eb:55:6f:21:8c:9a:fd:
b1:b0:e3:5d:ac:30:7f:e9:ca:1e:67:63:40:88:ee:
d3:95:d0:ee:cd:c1:fb:92:38:9f:cf:d7:e2:aa:2d:
2a:c6:dd:0e:b4:86:c9:d7:09:a9:37:2b:5b:d0:af:
50:c7:00:87:45:80:c7:0f:86:35:d1:49:ef:0f:aa:
00:31:7a:2b:1f:cd:43:4e:de:0b:2a:4d:3c:aa:46:
12:6b:80:a4:21:6b:ac:f9:68:00:4c:d5:f9:ff:07:
ad:4a:e8:6f:41:8f:4d:a4:fb:7c:14:32:00:bc:83:
52:eb:9c:19:b9:a4:73:2c:b1:8f:7f:28:94:4c:72:
99:1a:7a:fe:a5:24:fc:a4:42:b4:df:d0:76:38:e4:
3f:7d:2d:7f:20:e0:c6:a1:80:20:a1:bd:a7:4c:d9:
78:66:86:d3:8f:df:5c:de:38:72:ed:cf:69:ad:ce:
17:ad:5d:c1:23:88:29:15:1e:5b:23:65:b6:76:36:
fa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2E:70:2D:76:08:B0:28:FB:56:6B:78:F1:75:54:E7:D6:37:93:34
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B4024B0A1F4711F09D9C47BFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.202.111.0-45.202.112.255
Signature Algorithm: sha256WithRSAEncryption
5b:cf:f5:43:37:fd:e4:26:cf:53:4a:2f:e4:96:f9:cb:27:de:
46:8d:bb:e5:55:f7:d5:a2:af:fa:5f:59:4c:a8:59:00:05:73:
7e:90:79:14:6f:db:5f:29:4d:44:ed:7e:55:ee:66:f7:90:1b:
08:ae:4f:3f:1e:fc:65:8f:2b:1e:2e:87:79:24:3a:38:8c:ea:
d4:bd:07:7e:0f:80:05:14:b3:c9:03:78:ad:57:ab:5f:87:ed:
2c:7c:4e:9b:7a:c5:cc:6d:a1:1c:57:27:58:32:2f:0c:26:d2:
fa:cd:8d:4b:ef:c7:2b:0e:34:8b:96:00:bf:89:c2:13:d8:21:
6d:bf:c9:f3:61:38:1a:d7:4d:73:7c:b7:47:c0:de:43:2d:5e:
06:db:0f:b1:51:9e:83:93:33:24:91:32:da:0f:c4:45:b3:b9:
3c:fe:aa:f9:68:d2:c6:da:bb:d0:78:1c:66:fc:d6:7d:20:37:
56:37:11:22:b4:dc:70:56:7c:92:4c:c6:d4:f8:26:8d:03:25:
b8:e4:f9:d9:97:78:d4:12:14:a1:e2:d2:ee:a0:7f:3b:47:43:
7a:10:9d:d5:bc:20:f0:b8:81:e0:43:5b:15:55:2c:25:f1:e3:
f1:b0:a0:e0:f4:a6:91:70:24:8e:f5:c3:57:d7:32:ee:a4:56:
56:73:a2:a3
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAU3WMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIyMDcwMjAzWhcNMjUwNTI2MDcwMjAzWjAYMRYw
FAYDVQQDEw02ODA3M2VlZi1hZTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArTmKWWC32nIzven7FP4twoe8e10dKGBXCxrFyk+GrAit/tA9nmw5n7sm
7/r542EmuTgimAYEDXMnwT906S3Rgdln+utVbyGMmv2xsONdrDB/6coeZ2NAiO7T
ldDuzcH7kjifz9fiqi0qxt0OtIbJ1wmpNytb0K9QxwCHRYDHD4Y10UnvD6oAMXor
H81DTt4LKk08qkYSa4CkIWus+WgATNX5/wetSuhvQY9NpPt8FDIAvINS65wZuaRz
LLGPfyiUTHKZGnr+pST8pEK039B2OOQ/fS1/IODGoYAgob2nTNl4ZobTj99c3jhy
7c9prc4XrV3BI4gpFR5bI2W2djb6eQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFE0u
cC12CLAo+1ZrePF1VOfWN5M0MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNDAyNEIwQTFGNDcxMUYwOUQ5QzQ3QkZEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtym8DBAAtynAwDQYJKoZI
hvcNAQELBQADggEBAFvP9UM3/eQmz1NKL+SW+csn3kaNu+VV99Wir/pfWUyoWQAF
c36QeRRv218pTUTtflXuZveQGwiuTz8e/GWPKx4uh3kkOjiM6tS9B34PgAUUs8kD
eK1Xq1+H7Sx8Tpt6xcxtoRxXJ1gyLwwm0vrNjUvvxysONIuWAL+JwhPYIW2/yfNh
OBrXTXN8t0fA3kMtXgbbD7FRnoOTMySRMtoPxEWzuTz+qvlo0sbau9B4HGb81n0g
N1Y3ESK03HBWfJJMxtT4Jo0DJbjk+dmXeNQSFKHi0u6gfztHQ3oQndW8IPC4geBD
WxVVLCXx4/GwoOD0ppFwJI71w1fXMu6kVlZzoqM=
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:07:05 2025 by rpki-client on console.sobornost.net