Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDC4E1A8115011F0BC64A663762E951A.roa
File: FDC4E1A8115011F0BC64A663762E951A.roa (raw, json)
Hash identifier: fAbsM71pHFP/KOreagEX8RreL5LuklNN01nNbbkZ99E=
Subject key identifier: 50:39:DC:D4:F0:1F:B6:AB:4E:E6:86:3D:4C:8A:78:59:0C:56:0E:AC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A39
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDC4E1A8115011F0BC64A663762E951A.roa
Signing time: Fri 04 Apr 2025 12:33:20 +0000
ROA not before: Fri 04 Apr 2025 12:33:16 +0000
ROA not after: Tue 24 Jun 2025 12:33:16 +0000
asID: 142286
IP address blocks: 156.225.132.0/22 maxlen: 24
156.225.136.0/21 maxlen: 24
156.225.144.0/20 maxlen: 24
156.226.24.0/21 maxlen: 24
156.244.64.0/18 maxlen: 24
156.250.4.0/22 maxlen: 24
156.250.8.0/21 maxlen: 24
156.250.16.0/20 maxlen: 24
156.250.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84537 (0x14a39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 4 12:33:16 2025 GMT
Not After : Jun 24 12:33:16 2025 GMT
Subject: CN=67efd190-e36b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:96:61:0d:83:fe:f8:f2:0f:fc:5d:5c:3e:36:
b0:7e:88:77:85:37:a5:57:34:bb:8d:2a:66:88:03:
d6:76:4f:38:15:05:ee:76:63:48:d8:41:6f:aa:84:
46:55:92:07:d7:5b:27:b5:95:f5:31:5d:52:02:73:
03:b0:60:31:17:7f:27:9c:b9:46:2e:90:cf:74:d9:
d6:9d:96:68:90:33:c7:ed:c2:c2:1b:1a:8d:d1:32:
21:f5:be:f2:4a:85:44:4b:e1:fd:9b:d9:0d:21:eb:
76:71:1e:fc:02:cf:12:8e:a1:d7:b1:c7:8d:2d:69:
05:ce:f6:68:bf:6f:2f:17:3a:f8:a8:77:6f:04:73:
de:7d:3f:ce:2e:a2:2b:1c:1b:c7:2d:cc:09:fc:35:
92:56:a2:20:40:c7:c3:2d:3e:90:8d:ec:0b:e4:40:
82:7f:64:5c:f2:72:e5:aa:39:75:e2:8c:48:22:89:
8c:82:c8:d6:48:76:c4:40:8c:6c:cf:e6:a9:2b:01:
b4:f8:3d:51:0a:d7:4a:8a:36:e9:37:40:d9:82:5b:
4c:f9:64:36:7a:a7:60:b9:dc:18:79:34:63:ee:91:
3a:d9:48:27:6d:c0:4c:18:0a:f6:fe:17:f1:cd:57:
b0:68:3d:0b:c6:d0:4e:a8:5c:e5:da:c1:cc:ef:7b:
91:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:39:DC:D4:F0:1F:B6:AB:4E:E6:86:3D:4C:8A:78:59:0C:56:0E:AC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FDC4E1A8115011F0BC64A663762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.132.0-156.225.159.255
156.226.24.0/21
156.244.64.0/18
156.250.4.0-156.250.31.255
156.250.64.0/18
Signature Algorithm: sha256WithRSAEncryption
6a:10:c1:94:e3:a9:f4:1c:44:de:23:ad:9e:8b:9a:0a:a9:a6:
54:9d:2e:4c:8a:6c:1d:a8:1d:c6:cf:46:6d:af:66:f8:12:08:
ec:17:b0:64:0d:8b:fa:46:82:5f:af:dd:96:f9:c0:73:52:d6:
9b:80:0e:76:7d:f2:29:71:76:51:43:f2:3a:7c:e7:d8:0a:49:
b8:02:7d:c7:b1:20:7b:3d:17:d0:bb:45:20:30:8a:37:29:13:
ef:28:65:b0:de:0e:b7:70:d6:ca:48:21:eb:31:ba:59:53:dc:
27:c5:0a:57:81:75:72:86:7f:c4:b1:1b:70:fd:30:64:1c:23:
63:53:5b:c7:c3:30:ff:84:f4:ba:1b:74:63:50:b3:b1:a8:53:
67:80:63:11:41:50:52:36:ef:23:97:22:24:5c:36:7d:e8:a5:
19:10:54:dc:cb:ee:6b:36:a8:bb:c8:8d:6b:4b:d6:54:2a:cf:
17:15:09:50:f8:38:5c:9e:95:a4:34:a2:d1:66:59:dc:46:5b:
a3:8b:32:77:bf:ee:ec:4d:c9:45:8c:7e:a6:2c:58:4f:fd:55:
8f:b1:97:02:43:18:10:fb:33:b9:d6:42:d4:eb:8a:41:01:26:
e0:b1:0c:58:2e:f7:ba:f0:1f:39:1c:fa:51:5e:f4:6a:09:8f:
9e:59:3d:21
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgIDAUo5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA0MTIzMzE2WhcNMjUwNjI0MTIzMzE2WjAYMRYw
FAYDVQQDEw02N2VmZDE5MC1lMzZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo5ZhDYP++PIP/F1cPjawfoh3hTelVzS7jSpmiAPWdk84FQXudmNI2EFv
qoRGVZIH11sntZX1MV1SAnMDsGAxF38nnLlGLpDPdNnWnZZokDPH7cLCGxqN0TIh
9b7ySoVES+H9m9kNIet2cR78As8SjqHXsceNLWkFzvZov28vFzr4qHdvBHPefT/O
LqIrHBvHLcwJ/DWSVqIgQMfDLT6QjewL5ECCf2Rc8nLlqjl14oxIIomMgsjWSHbE
QIxsz+apKwG0+D1RCtdKijbpN0DZgltM+WQ2eqdgudwYeTRj7pE62UgnbcBMGAr2
/hfxzVewaD0LxtBOqFzl2sHM73uRqQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFFA5
3NTwH7arTuaGPUyKeFkMVg6sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GREM0RTFBODExNTAxMUYwQkM2NEE2NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAKc4YQDBAWc4YADBAOc4hgD
BAac9EAwDAMEApz6BAMEBZz6AAMEBpz6QDANBgkqhkiG9w0BAQsFAAOCAQEAahDB
lOOp9BxE3iOtnouaCqmmVJ0uTIpsHagdxs9Gba9m+BII7BewZA2L+kaCX6/dlvnA
c1LWm4AOdn3yKXF2UUPyOnzn2ApJuAJ9x7Egez0X0LtFIDCKNykT7yhlsN4Ot3DW
ykgh6zG6WVPcJ8UKV4F1coZ/xLEbcP0wZBwjY1Nbx8Mw/4T0uht0Y1CzsahTZ4Bj
EUFQUjbvI5ciJFw2feilGRBU3Mvuazaou8iNa0vWVCrPFxUJUPg4XJ6VpDSi0WZZ
3EZbo4syd7/u7E3JRYx+pixYT/1Vj7GXAkMYEPszudZC1OuKQQEm4LEMWC73uvAf
ORz6UV70agmPnlk9IQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:56:25 2025 by rpki-client on console.sobornost.net