Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D15FECF214E811F0843E4E056EB8BCC6.roa
File: D15FECF214E811F0843E4E056EB8BCC6.roa (raw, json)
Hash identifier: I1qGHbU/UnNGKYnjvY3fCCyND0yS0UoM0xQUKoiUrik=
Subject key identifier: 75:AA:7E:BD:2C:40:5B:07:83:D6:CA:3E:8D:87:50:1A:AE:70:84:E7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014AF6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D15FECF214E811F0843E4E056EB8BCC6.roa
Signing time: Wed 09 Apr 2025 02:17:43 +0000
ROA not before: Wed 09 Apr 2025 02:17:39 +0000
ROA not after: Tue 29 Apr 2025 02:17:39 +0000
asID: 152705
IP address blocks: 156.245.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 26 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84726 (0x14af6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 02:17:39 2025 GMT
Not After : Apr 29 02:17:39 2025 GMT
Subject: CN=67f5d8c7-ce2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:85:04:aa:d1:a0:6a:e6:9f:8b:4c:3c:c9:b5:
c2:03:b5:a7:32:d7:4a:a3:9f:f8:7b:90:cb:aa:a2:
de:04:89:54:10:66:89:fa:63:3a:ec:b9:f4:9f:cf:
ef:a7:41:a9:b4:68:ad:96:a1:56:2d:58:45:8b:40:
ce:3f:92:c7:83:20:67:80:57:e0:ff:e3:28:e0:b5:
82:12:1c:b6:91:ed:fa:b4:62:33:62:60:c8:01:1f:
1c:b6:4c:1e:59:7c:34:04:e5:34:94:c7:68:fe:3c:
4f:ac:31:0b:1c:7d:c0:57:63:d1:24:77:bd:7c:de:
3f:be:10:a5:13:93:6d:91:a8:5a:0e:36:02:eb:4c:
48:bf:20:a6:99:ed:32:4e:19:3a:8d:57:65:4d:9f:
08:53:f4:7b:af:a9:1f:b5:f8:61:d2:f3:f5:5c:a0:
00:e0:e9:f4:ae:e6:42:75:5d:c9:ed:60:52:32:3c:
83:c7:1f:23:b6:64:49:00:5b:d3:c1:7d:c9:0e:51:
92:68:fe:af:70:07:92:7b:5a:91:05:ea:24:9b:4f:
54:56:fa:fe:d2:f4:ca:d0:a9:e0:81:29:14:52:89:
eb:69:bd:18:0f:41:e2:b2:19:11:62:15:49:56:5f:
cf:a1:50:e1:a8:d1:c0:a8:e8:d4:f5:c6:91:ff:73:
87:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AA:7E:BD:2C:40:5B:07:83:D6:CA:3E:8D:87:50:1A:AE:70:84:E7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D15FECF214E811F0843E4E056EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.200.0/22
Signature Algorithm: sha256WithRSAEncryption
04:07:dd:1e:de:c5:95:01:fe:05:8d:87:0f:d2:67:04:42:f7:
68:e4:04:d7:92:8b:ba:a2:5b:a0:38:e0:55:ce:29:52:a4:e1:
bc:fd:68:ac:0f:00:0a:32:f9:0c:5d:7f:fc:67:67:5b:64:dc:
1b:dc:00:41:4c:14:2e:a3:8a:54:15:80:e3:41:b5:cf:2e:85:
eb:01:03:55:d5:91:98:b1:99:76:78:61:d6:b5:97:ef:48:b5:
97:5a:f6:7b:08:39:81:6a:f3:0b:ac:d9:51:6b:11:ec:38:e3:
39:b2:0a:62:fa:bb:2c:cd:76:f4:cb:9a:11:37:ca:9e:c5:45:
60:fa:a3:48:9f:c0:cc:4f:39:1a:f8:2f:1a:2d:70:48:f9:5f:
95:a7:77:2b:0b:2d:07:b6:89:3e:51:44:ac:f7:6a:c2:38:e1:
34:e7:d5:b5:6a:33:09:c6:ac:dc:bd:c4:48:d2:7e:1a:ea:3d:
34:56:7c:15:2c:57:8a:a2:bf:85:a3:0a:ca:f0:ba:6e:fe:3e:
1a:d9:55:a7:10:d8:55:4d:19:a5:a6:a5:6b:81:a3:c9:96:44:
a5:18:9e:ac:7d:44:55:5d:c6:00:b6:de:9e:2d:30:a8:7d:27:
a2:b1:25:8b:aa:76:b1:e0:60:a4:bd:77:8b:d4:cb:49:e1:59:
99:e3:81:68
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUr2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA5MDIxNzM5WhcNMjUwNDI5MDIxNzM5WjAYMRYw
FAYDVQQDEw02N2Y1ZDhjNy1jZTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsoUEqtGgauafi0w8ybXCA7WnMtdKo5/4e5DLqqLeBIlUEGaJ+mM67Ln0
n8/vp0GptGitlqFWLVhFi0DOP5LHgyBngFfg/+Mo4LWCEhy2ke36tGIzYmDIAR8c
tkweWXw0BOU0lMdo/jxPrDELHH3AV2PRJHe9fN4/vhClE5NtkahaDjYC60xIvyCm
me0yThk6jVdlTZ8IU/R7r6kftfhh0vP1XKAA4On0ruZCdV3J7WBSMjyDxx8jtmRJ
AFvTwX3JDlGSaP6vcAeSe1qRBeokm09UVvr+0vTK0KnggSkUUonrab0YD0HishkR
YhVJVl/PoVDhqNHAqOjU9caR/3OHAQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHWq
fr0sQFsHg9bKPo2HUBqucITnMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EMTVGRUNGMjE0RTgxMUYwODQzRTRFMDU2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPXIMA0GCSqGSIb3DQEBCwUA
A4IBAQAEB90e3sWVAf4FjYcP0mcEQvdo5ATXkou6olugOOBVzilSpOG8/WisDwAK
MvkMXX/8Z2dbZNwb3ABBTBQuo4pUFYDjQbXPLoXrAQNV1ZGYsZl2eGHWtZfvSLWX
WvZ7CDmBavMLrNlRaxHsOOM5sgpi+rsszXb0y5oRN8qexUVg+qNIn8DMTzka+C8a
LXBI+V+Vp3crCy0Htok+UUSs92rCOOE059W1ajMJxqzcvcRI0n4a6j00VnwVLFeK
or+FowrK8Lpu/j4a2VWnENhVTRmlpqVrgaPJlkSlGJ6sfURVXcYAtt6eLTCofSei
sSWLqnax4GCkvXeL1MtJ4VmZ44Fo
-----END CERTIFICATE-----
Generated at Thu Apr 24 18:07:25 2025 by rpki-client on console.sobornost.net