Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD3C0258D2F611EFB88BD58F762E951A.roa
File: BD3C0258D2F611EFB88BD58F762E951A.roa (raw, json)
Hash identifier: fVoIiepUevhBDRZWy5x4HlA28vzjIfFXPwTLgd6DhO0=
Subject key identifier: 9E:B9:51:9E:2B:E2:A8:BF:42:85:76:9A:54:58:6A:BF:8E:D5:0F:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107A7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD3C0258D2F611EFB88BD58F762E951A.roa
Signing time: Wed 15 Jan 2025 04:11:05 +0000
ROA not before: Wed 15 Jan 2025 04:11:01 +0000
ROA not after: Mon 03 Jan 2028 04:11:01 +0000
asID: 17561
IP address blocks: 156.252.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67495 (0x107a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 15 04:11:01 2025 GMT
Not After : Jan 3 04:11:01 2028 GMT
Subject: CN=67873559-0f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:de:c8:fd:55:c6:b4:25:85:5c:2e:9b:81:c2:
f4:83:4d:77:4e:38:2e:8e:5e:fb:0b:00:19:55:5f:
81:09:42:c4:a6:5c:dd:df:65:6a:b5:d6:20:57:72:
10:89:78:11:5e:f6:55:c9:af:bd:dd:69:84:5f:43:
ef:4b:7a:e1:e6:a8:1b:33:f2:89:98:e4:c9:d7:89:
10:4d:55:6d:4c:f2:bd:ab:80:2a:bc:41:43:e2:77:
6b:49:bf:5b:74:ce:1b:08:6f:9e:d6:4d:a1:d2:82:
54:1c:77:40:1e:ee:17:fc:b9:0a:19:0e:51:8f:f1:
71:40:05:0b:37:44:43:3e:f1:3d:d7:de:66:8a:b3:
01:6d:fb:9f:ef:69:fa:dc:89:87:60:3a:c5:aa:93:
f9:39:55:47:db:67:3d:cf:bb:98:9e:6a:b1:31:1e:
16:f8:56:63:1a:55:38:69:db:f6:a7:d6:b5:24:e3:
98:35:34:93:ff:d3:9a:7a:c8:b6:9b:ec:91:9b:03:
d2:34:2f:6b:d4:6d:44:62:f7:c7:5c:7e:c4:a1:a5:
01:dc:bd:56:c2:79:eb:0c:88:6a:f6:6f:77:6c:13:
21:1e:9e:c7:f1:bb:05:2a:29:0b:19:c5:94:71:a7:
27:c8:14:c0:8d:c4:28:52:80:10:ff:64:53:8d:d3:
55:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:B9:51:9E:2B:E2:A8:BF:42:85:76:9A:54:58:6A:BF:8E:D5:0F:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD3C0258D2F611EFB88BD58F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.42.0/24
Signature Algorithm: sha256WithRSAEncryption
32:d8:e6:d0:ef:d5:1b:a8:0a:f9:97:60:fa:da:bc:5b:43:ff:
74:62:03:c8:4c:b8:32:e0:19:57:3c:28:f2:d5:91:0d:90:d4:
81:88:99:01:5f:f7:43:3b:18:98:01:12:02:fb:a0:89:99:0a:
f8:bf:ad:9f:ea:46:8c:a0:96:d2:19:f8:da:6b:e4:9a:d8:b1:
e7:9f:c1:47:10:f0:c8:ef:74:dc:c2:08:de:24:bf:87:5a:aa:
11:a5:13:6c:b2:af:ad:f7:cd:af:cf:94:af:59:03:35:95:a8:
e0:25:54:f0:23:ce:ad:f2:39:70:93:40:69:0e:00:ff:e5:b5:
08:b4:3e:33:16:bd:4a:40:08:d8:c6:2a:d4:f9:fa:fb:ef:a7:
ae:9c:6e:4b:5a:2e:1a:0e:cd:f8:24:e7:a5:3d:a5:89:e4:f6:
56:13:e9:d2:7e:b6:46:e0:2f:43:df:ed:73:b3:19:38:06:f0:
69:a3:75:71:c2:84:8f:9c:1f:7a:00:65:36:ac:84:c0:26:2e:
7e:41:03:87:39:0d:8d:e9:7d:72:f6:df:6e:ba:84:57:82:aa:
ab:8d:95:90:4f:da:2e:98:46:34:b7:73:86:98:65:b2:8b:cd:
b6:8a:d2:f3:1c:43:9a:0b:ba:82:90:1f:c3:4e:1b:8a:65:14:
c5:1c:77:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQenMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQxMTAxWhcNMjgwMTAzMDQxMTAxWjAYMRYw
FAYDVQQDEw02Nzg3MzU1OS0wZjA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA897I/VXGtCWFXC6bgcL0g013Tjgujl77CwAZVV+BCULEplzd32VqtdYg
V3IQiXgRXvZVya+93WmEX0PvS3rh5qgbM/KJmOTJ14kQTVVtTPK9q4AqvEFD4ndr
Sb9bdM4bCG+e1k2h0oJUHHdAHu4X/LkKGQ5Rj/FxQAULN0RDPvE9195mirMBbfuf
72n63ImHYDrFqpP5OVVH22c9z7uYnmqxMR4W+FZjGlU4adv2p9a1JOOYNTST/9Oa
esi2m+yRmwPSNC9r1G1EYvfHXH7EoaUB3L1WwnnrDIhq9m93bBMhHp7H8bsFKikL
GcWUcacnyBTAjcQoUoAQ/2RTjdNV1wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ65
UZ4r4qi/QoV2mlRYar+O1Q+jMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRDNDMDI1OEQyRjYxMUVGQjg4QkQ1OEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwqMA0GCSqGSIb3DQEBCwUA
A4IBAQAy2ObQ79UbqAr5l2D62rxbQ/90YgPITLgy4BlXPCjy1ZENkNSBiJkBX/dD
OxiYARIC+6CJmQr4v62f6kaMoJbSGfjaa+Sa2LHnn8FHEPDI73TcwgjeJL+HWqoR
pRNssq+t982vz5SvWQM1lajgJVTwI86t8jlwk0BpDgD/5bUItD4zFr1KQAjYxirU
+fr776eunG5LWi4aDs34JOelPaWJ5PZWE+nSfrZG4C9D3+1zsxk4BvBpo3VxwoSP
nB96AGU2rITAJi5+QQOHOQ2N6X1y9t9uuoRXgqqrjZWQT9oumEY0t3OGmGWyi822
itLzHEOaC7qCkB/DThuKZRTFHHd8
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:42:59 2025 by rpki-client on console.sobornost.net