Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD8907C216BD11F08243DECA6DB8BCC6.roa
File: CD8907C216BD11F08243DECA6DB8BCC6.roa (raw, json)
Hash identifier: rf8Dp5bDhls1gfixmHsf+21EzOBdPCDT90fw3n70bkA=
Subject key identifier: 20:31:B0:FE:E7:58:1A:2D:5D:72:36:DA:A9:36:AE:12:FC:82:14:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014BB9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD8907C216BD11F08243DECA6DB8BCC6.roa
Signing time: Fri 11 Apr 2025 10:14:50 +0000
ROA not before: Fri 11 Apr 2025 10:14:46 +0000
ROA not after: Wed 21 May 2025 10:14:46 +0000
asID: 57043
IP address blocks: 156.253.6.0/24 maxlen: 24
156.253.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84921 (0x14bb9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 11 10:14:46 2025 GMT
Not After : May 21 10:14:46 2025 GMT
Subject: CN=67f8eb9a-c9fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:29:2c:5b:83:a8:ac:ad:fd:97:df:a9:cf:d2:
53:09:63:3b:31:fa:ab:4a:02:40:63:70:c0:82:fa:
8a:c9:9f:66:6b:aa:d6:ff:9c:a9:bf:7e:3f:72:be:
eb:92:dd:87:11:54:51:93:14:f6:00:1f:e7:26:4a:
b3:6b:6c:33:a2:67:72:c9:6e:f2:58:80:5a:46:a7:
7d:7d:2d:f5:84:7e:06:d0:b7:a7:2e:66:45:39:93:
58:a0:f3:f1:ba:e2:d6:6a:7c:35:4c:23:63:df:6f:
05:72:52:27:61:22:bb:67:e0:8e:e1:dc:99:38:5b:
d5:7f:3e:b5:9a:bf:a8:40:ab:33:d5:33:4f:e5:94:
5e:5a:49:0f:b8:fa:3b:9a:2f:04:74:62:fa:93:89:
53:91:1f:82:58:d9:f0:ad:86:1c:5a:71:99:20:1d:
56:b9:ac:63:03:9a:2f:ac:1d:ce:ce:8a:ac:fb:ab:
40:b0:04:96:33:19:87:98:89:34:2c:4b:c0:c1:2b:
81:3b:d0:97:5f:89:b7:c8:8b:36:8e:35:c6:8d:d9:
6a:db:2c:e1:97:cc:e2:67:b7:93:02:8f:36:6d:89:
cf:09:e3:76:eb:f7:36:81:b3:57:77:b2:6a:d2:b6:
63:66:d9:fa:1d:50:1d:e6:c5:f8:a4:f1:28:59:2d:
7e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:31:B0:FE:E7:58:1A:2D:5D:72:36:DA:A9:36:AE:12:FC:82:14:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CD8907C216BD11F08243DECA6DB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.6.0/23
Signature Algorithm: sha256WithRSAEncryption
11:43:8f:3f:19:03:7d:52:bb:cb:74:13:2d:1e:15:56:36:11:
f0:c9:da:83:23:3e:78:44:3a:66:d0:39:ae:9f:88:4d:df:cc:
dc:7f:38:f2:a4:b0:5a:6d:50:ce:ba:f6:27:4a:ba:63:ab:ac:
fd:f7:69:e4:3c:01:c5:23:2a:d7:48:54:51:fd:8e:e5:88:8e:
0a:a4:87:e6:4c:c5:16:fd:a4:02:0c:bb:9b:10:51:02:c9:9f:
60:91:c9:7f:fb:5b:81:6f:36:5d:71:55:12:c7:0a:74:5c:c6:
e9:f8:ff:61:15:e1:68:81:c3:bf:c4:d8:c5:69:29:c4:60:b8:
67:68:5b:82:97:ff:75:77:bf:d1:a8:d5:1f:32:3c:2f:a8:37:
42:be:bc:b2:b9:f8:3a:fd:de:f7:e8:87:20:2f:ed:2f:12:bd:
68:6c:8e:c4:76:72:54:94:6f:cd:14:4b:e5:a6:27:2d:63:0f:
31:d7:dc:22:6d:71:d2:5b:aa:7c:2c:54:55:43:c9:f3:b6:b4:
fb:6a:89:5c:bf:5b:a1:45:e9:e7:87:9c:20:68:c4:f3:d2:e4:
71:ea:db:88:46:a9:92:a2:da:0d:70:8a:7b:91:b4:82:28:87:
80:a8:2f:24:36:41:d2:e5:f9:a8:1b:16:03:c7:db:1d:0d:df:
bb:fa:f0:d3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUu5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDExMTAxNDQ2WhcNMjUwNTIxMTAxNDQ2WjAYMRYw
FAYDVQQDEw02N2Y4ZWI5YS1jOWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1iksW4OorK39l9+pz9JTCWM7MfqrSgJAY3DAgvqKyZ9ma6rW/5ypv34/
cr7rkt2HEVRRkxT2AB/nJkqza2wzomdyyW7yWIBaRqd9fS31hH4G0LenLmZFOZNY
oPPxuuLWanw1TCNj328FclInYSK7Z+CO4dyZOFvVfz61mr+oQKsz1TNP5ZReWkkP
uPo7mi8EdGL6k4lTkR+CWNnwrYYcWnGZIB1WuaxjA5ovrB3Ozoqs+6tAsASWMxmH
mIk0LEvAwSuBO9CXX4m3yIs2jjXGjdlq2yzhl8ziZ7eTAo82bYnPCeN26/c2gbNX
d7Jq0rZjZtn6HVAd5sX4pPEoWS1+iwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCAx
sP7nWBotXXI22qk2rhL8ghSXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRDg5MDdDMjE2QkQxMUYwODI0M0RFQ0E2REI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP0GMA0GCSqGSIb3DQEBCwUA
A4IBAQARQ48/GQN9UrvLdBMtHhVWNhHwydqDIz54RDpm0Dmun4hN38zcfzjypLBa
bVDOuvYnSrpjq6z992nkPAHFIyrXSFRR/Y7liI4KpIfmTMUW/aQCDLubEFECyZ9g
kcl/+1uBbzZdcVUSxwp0XMbp+P9hFeFogcO/xNjFaSnEYLhnaFuCl/91d7/RqNUf
MjwvqDdCvryyufg6/d736IcgL+0vEr1obI7EdnJUlG/NFEvlpictYw8x19wibXHS
W6p8LFRVQ8nztrT7aolcv1uhRennh5wgaMTz0uRx6tuIRqmSotoNcIp7kbSCKIeA
qC8kNkHS5fmoGxYDx9sdDd+7+vDT
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:07:23 2025 by rpki-client on console.sobornost.net