Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3EB63801F5411F08623F495DAE4EC9C.roa
File: E3EB63801F5411F08623F495DAE4EC9C.roa (raw, json)
Hash identifier: ytjycrnkK8kPDRd2l9pefBtSsBQw+4LxRisBzlhGVNM=
Subject key identifier: 2D:42:94:77:89:7B:CC:0A:D7:AF:E4:6F:6D:E6:34:B0:9A:11:E4:B6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014DF2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3EB63801F5411F08623F495DAE4EC9C.roa
Signing time: Tue 22 Apr 2025 08:36:31 +0000
ROA not before: Tue 22 Apr 2025 08:36:27 +0000
ROA not after: Thu 01 May 2025 08:36:27 +0000
asID: 39600
IP address blocks: 156.237.118.0/24 maxlen: 24
156.237.119.0/24 maxlen: 24
156.237.120.0/24 maxlen: 24
156.237.121.0/24 maxlen: 24
156.237.124.0/24 maxlen: 24
156.237.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85490 (0x14df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 22 08:36:27 2025 GMT
Not After : May 1 08:36:27 2025 GMT
Subject: CN=6807550f-f58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:df:35:ca:ce:b4:0f:0b:cd:0d:38:69:c1:
76:58:5b:57:2c:70:be:d3:72:69:0d:12:7d:bd:81:
ca:04:36:53:08:7c:7c:fa:b2:3f:10:b9:8a:74:6b:
bf:e1:08:d3:52:50:9c:c5:34:66:be:14:cd:fb:bb:
29:76:9c:6f:fd:92:85:85:ad:53:4f:5f:06:63:4d:
2a:a4:fe:db:5f:4e:9c:86:35:62:da:b2:e2:44:f6:
e8:ae:a4:22:00:96:17:a3:e4:68:af:6f:d0:93:84:
03:97:16:24:95:49:82:51:47:39:ce:b2:60:43:51:
14:33:3f:3d:7e:ca:e5:35:e5:92:83:fa:bf:7a:6c:
4f:e5:76:aa:91:5d:7f:0a:a9:26:0c:1e:4a:f2:1a:
8e:99:02:83:bf:c3:6a:8b:b9:a4:b1:34:e3:f7:59:
bd:f9:06:79:93:af:18:63:79:50:0a:b4:fe:4c:46:
26:7a:91:c9:a4:ef:92:f8:8f:a1:4e:72:d9:56:01:
a5:e8:56:60:7e:af:1a:04:69:b9:56:3e:ab:00:31:
87:96:df:45:1c:a6:25:f8:88:ad:9f:6b:86:d2:c0:
f9:89:f3:21:ff:4f:08:47:a8:75:8b:78:a9:4b:63:
3c:a5:d7:82:fb:aa:1d:0f:3e:a8:ea:f1:59:46:1a:
34:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:42:94:77:89:7B:CC:0A:D7:AF:E4:6F:6D:E6:34:B0:9A:11:E4:B6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E3EB63801F5411F08623F495DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.118.0-156.237.121.255
156.237.124.0/23
Signature Algorithm: sha256WithRSAEncryption
83:1f:79:52:86:4b:3e:1e:86:a6:b7:46:3d:c9:52:5c:a8:0f:
de:cb:47:2c:0b:3c:11:89:34:8d:2c:45:e6:92:63:c2:54:6a:
a2:e9:31:29:34:cf:8c:a5:a9:7d:10:b6:e4:29:3a:09:44:fe:
d1:70:48:20:e6:a5:c3:53:5e:e8:b3:74:c9:e8:4f:40:a8:f9:
0d:8b:08:fb:79:77:61:9c:22:6a:5a:41:b2:64:67:0a:6c:1e:
fc:01:e5:8f:ee:6b:c2:10:85:e3:1c:1f:5c:e5:47:95:a0:72:
eb:f2:03:bb:f2:63:9b:58:07:df:96:be:9b:ca:5b:bf:d1:d5:
b3:f0:72:6d:d1:61:0e:57:27:f9:b1:88:a7:50:fa:91:f5:b6:
45:7a:4c:2a:d3:2e:2f:32:61:ef:95:ae:58:cb:f8:8f:02:c1:
66:20:54:26:92:ce:3e:55:23:f3:23:d3:d0:a0:48:5d:b1:37:
c7:26:09:0f:87:1b:28:cb:7c:47:21:fc:c0:41:11:1d:94:9a:
f7:b1:44:c3:93:49:37:84:9f:9e:8f:66:48:2e:c7:18:80:ee:
5d:82:e8:fd:ee:e2:0e:1d:4a:e6:e4:80:6b:d0:45:a0:76:24:
d9:df:5c:d6:f5:4e:ef:a2:df:7a:39:65:a9:a4:f7:14:02:b1:
2b:c2:de:ed
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAU3yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDIyMDgzNjI3WhcNMjUwNTAxMDgzNjI3WjAYMRYw
FAYDVQQDEw02ODA3NTUwZi1mNThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuVLfNcrOtA8LzQ04acF2WFtXLHC+03JpDRJ9vYHKBDZTCHx8+rI/ELmK
dGu/4QjTUlCcxTRmvhTN+7spdpxv/ZKFha1TT18GY00qpP7bX06chjVi2rLiRPbo
rqQiAJYXo+Ror2/Qk4QDlxYklUmCUUc5zrJgQ1EUMz89fsrlNeWSg/q/emxP5Xaq
kV1/CqkmDB5K8hqOmQKDv8Nqi7mksTTj91m9+QZ5k68YY3lQCrT+TEYmepHJpO+S
+I+hTnLZVgGl6FZgfq8aBGm5Vj6rADGHlt9FHKYl+Iitn2uG0sD5ifMh/08IR6h1
i3ipS2M8pdeC+6odDz6o6vFZRho0YQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFC1C
lHeJe8wK16/kb23mNLCaEeS2MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FM0VCNjM4MDFGNTQxMUYwODYyM0Y0OTVEQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGc7XYDBAGc7XgDBAGc7Xww
DQYJKoZIhvcNAQELBQADggEBAIMfeVKGSz4ehqa3Rj3JUlyoD97LRywLPBGJNI0s
ReaSY8JUaqLpMSk0z4ylqX0QtuQpOglE/tFwSCDmpcNTXuizdMnoT0Co+Q2LCPt5
d2GcImpaQbJkZwpsHvwB5Y/ua8IQheMcH1zlR5WgcuvyA7vyY5tYB9+WvpvKW7/R
1bPwcm3RYQ5XJ/mxiKdQ+pH1tkV6TCrTLi8yYe+VrljL+I8CwWYgVCaSzj5VI/Mj
09CgSF2xN8cmCQ+HGyjLfEch/MBBER2UmvexRMOTSTeEn56PZkguxxiA7l2C6P3u
4g4dSubkgGvQRaB2JNnfXNb1Tu+i33o5Zamk9xQCsSvC3u0=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:07:47 2025 by rpki-client on console.sobornost.net