Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6FA7E52187111F09123C8276EB8BCC6.roa
File: D6FA7E52187111F09123C8276EB8BCC6.roa (raw, json)
Hash identifier: zag7PgWhrwp5XrIjxF6eU9Mbav2DA0Aqxu2UC3ZetDI=
Subject key identifier: 73:39:77:76:DF:37:53:6A:2B:FC:E8:3B:11:CC:A1:18:21:13:87:64
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014BEF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6FA7E52187111F09123C8276EB8BCC6.roa
Signing time: Sun 13 Apr 2025 14:16:09 +0000
ROA not before: Sun 13 Apr 2025 14:15:46 +0000
ROA not after: Thu 05 Jun 2025 14:15:46 +0000
asID: 54600
IP address blocks: 156.227.160.0/20 maxlen: 24
156.227.176.0/20 maxlen: 24
156.252.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84975 (0x14bef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 13 14:15:46 2025 GMT
Not After : Jun 5 14:15:46 2025 GMT
Subject: CN=67fbc729-5bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3e:77:00:7c:4f:0b:c5:78:0d:36:64:dc:38:
68:8a:66:0e:3c:23:fb:ae:7b:88:30:97:01:e2:3f:
d7:c2:c9:0e:2d:c6:f7:60:59:b8:bf:3e:34:4c:6a:
8c:d7:13:c0:cc:ea:2c:d1:54:da:87:33:99:72:a2:
1d:36:e9:b0:e9:1b:ef:84:52:74:87:a2:4a:76:f0:
43:56:7c:40:25:9d:a5:ee:62:ea:8a:04:f5:0b:ea:
53:c9:70:5c:48:5f:f6:9f:aa:ac:fe:26:2d:d1:29:
6d:6a:22:5d:26:6e:06:f5:0b:ed:5a:ff:f2:b4:1a:
2f:7d:70:68:18:22:3f:62:2a:7a:ea:c6:76:31:a6:
b3:26:56:4a:69:4b:1b:3b:38:ac:32:b1:81:39:a5:
15:4d:e2:a5:43:06:37:4e:a8:56:02:db:fe:8b:f2:
1b:0b:34:39:d6:91:b1:02:4c:67:72:01:35:a9:1b:
d8:a4:cb:74:4f:2f:8e:e0:49:e7:6a:c9:0d:c1:c7:
bb:a1:e3:af:3f:21:0a:4a:4c:38:8e:6e:a1:ba:c5:
50:89:1d:cd:2b:09:26:a7:35:2f:33:ca:ef:eb:ec:
a9:dd:c8:97:52:27:6c:64:93:fc:55:a7:12:cd:8e:
aa:29:92:bb:84:ed:bb:b2:cc:d0:01:5c:e7:f8:cb:
c1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:39:77:76:DF:37:53:6A:2B:FC:E8:3B:11:CC:A1:18:21:13:87:64
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6FA7E52187111F09123C8276EB8BCC6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.160.0/19
156.252.96.0/19
Signature Algorithm: sha256WithRSAEncryption
0c:88:30:c4:34:7a:7a:6c:23:31:f6:57:07:9c:35:e7:a9:aa:
ac:ae:1a:54:4e:83:db:92:94:92:3a:70:3f:ea:e8:ad:0c:16:
47:45:c2:09:03:1b:30:51:e6:b4:7c:d0:e0:46:0b:a5:89:51:
24:fc:2e:ce:6d:86:5a:ea:50:ca:89:de:c8:df:32:4a:2a:a9:
eb:9c:05:b1:77:2b:c7:aa:b4:3d:8f:ec:2d:cf:08:38:31:9b:
48:08:3c:1d:b7:89:03:dd:3a:b1:88:47:39:0b:9b:8e:1d:b1:
b8:9f:38:4a:95:a3:fb:cb:9e:ce:33:2a:9f:cf:ae:03:7d:19:
3c:0f:3f:ef:af:24:d2:26:67:bc:7b:f9:20:25:eb:24:1c:c1:
85:19:41:a1:cf:b4:0a:b5:d2:54:ba:5e:d8:5e:c2:78:a1:03:
93:3a:4d:7e:1a:1e:21:7d:c3:3e:b8:d3:81:8b:18:62:94:ff:
84:9b:53:46:14:45:78:c9:4b:02:16:04:0f:34:ff:5c:df:8a:
03:79:03:f9:d0:d9:7e:07:24:bf:60:28:7e:94:f8:7c:f4:c6:
d5:ce:05:3c:16:4c:70:17:90:d3:f7:44:41:c3:de:5a:4b:04:
e7:59:4e:28:76:91:e5:d3:b6:4d:8c:15:52:1f:39:1d:d2:cd:
73:a7:ba:7a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUvvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDEzMTQxNTQ2WhcNMjUwNjA1MTQxNTQ2WjAYMRYw
FAYDVQQDEw02N2ZiYzcyOS01YmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyT53AHxPC8V4DTZk3DhoimYOPCP7rnuIMJcB4j/XwskOLcb3YFm4vz40
TGqM1xPAzOos0VTahzOZcqIdNumw6RvvhFJ0h6JKdvBDVnxAJZ2l7mLqigT1C+pT
yXBcSF/2n6qs/iYt0SltaiJdJm4G9QvtWv/ytBovfXBoGCI/Yip66sZ2MaazJlZK
aUsbOzisMrGBOaUVTeKlQwY3TqhWAtv+i/IbCzQ51pGxAkxncgE1qRvYpMt0Ty+O
4EnnaskNwce7oeOvPyEKSkw4jm6husVQiR3NKwkmpzUvM8rv6+yp3ciXUidsZJP8
VacSzY6qKZK7hO27sszQAVzn+MvBJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHM5
d3bfN1NqK/zoOxHMoRghE4dkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENkZBN0U1MjE4NzExMUYwOTEyM0M4Mjc2RUI4QkNDNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFnOOgAwQFnPxgMA0GCSqGSIb3
DQEBCwUAA4IBAQAMiDDENHp6bCMx9lcHnDXnqaqsrhpUToPbkpSSOnA/6uitDBZH
RcIJAxswUea0fNDgRguliVEk/C7ObYZa6lDKid7I3zJKKqnrnAWxdyvHqrQ9j+wt
zwg4MZtICDwdt4kD3TqxiEc5C5uOHbG4nzhKlaP7y57OMyqfz64DfRk8Dz/vryTS
Jme8e/kgJeskHMGFGUGhz7QKtdJUul7YXsJ4oQOTOk1+Gh4hfcM+uNOBixhilP+E
m1NGFEV4yUsCFgQPNP9c34oDeQP50Nl+ByS/YCh+lPh89MbVzgU8FkxwF5DT90RB
w95aSwTnWU4odpHl07ZNjBVSHzkd0s1zp7p6
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:43:08 2025 by rpki-client on console.sobornost.net