Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/031DA842C97B11EFB1F2BE53762E951A.roa
File: 031DA842C97B11EFB1F2BE53762E951A.roa (raw, json)
Hash identifier: aWJempqHyEKn+3LPAn/6CU/DQCLRkgr0oEAAXDZ54Pc=
Subject key identifier: CC:CC:93:FE:B9:88:54:45:A5:6D:1D:49:D2:A3:8C:1B:0A:8A:9F:9A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F515
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/031DA842C97B11EFB1F2BE53762E951A.roa
Signing time: Fri 03 Jan 2025 02:32:44 +0000
ROA not before: Fri 03 Jan 2025 02:32:40 +0000
ROA not after: Mon 13 Dec 2027 02:32:40 +0000
asID: 17561
IP address blocks: 156.227.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62741 (0xf515)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:32:40 2025 GMT
Not After : Dec 13 02:32:40 2027 GMT
Subject: CN=67774c4c-7447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e0:a7:f0:24:06:1a:52:12:0f:01:88:cc:42:
86:18:17:0f:da:85:b3:da:b7:1f:6a:f6:cd:a3:2f:
6f:39:3f:28:6d:37:02:2f:0c:7b:94:97:71:b3:ae:
bf:ac:52:d8:34:4e:d1:31:89:b3:94:4b:31:34:18:
96:d9:29:4b:fa:bd:00:48:98:eb:8f:4f:94:58:28:
86:3b:af:47:fc:53:f9:65:4d:19:40:62:59:d4:62:
53:b9:cc:13:c5:d4:35:3a:76:76:9f:fc:78:ab:db:
f4:ec:87:29:76:dc:04:4d:45:36:65:46:af:ed:70:
00:88:33:3f:e1:5d:3e:93:9a:74:9e:65:cf:16:cd:
12:2b:6a:f7:b6:c4:80:65:e2:04:0e:54:1a:e0:aa:
73:7d:aa:85:35:00:45:bd:7b:8c:95:b9:4f:b3:54:
f5:5d:cc:36:4b:75:58:6d:5e:50:22:d5:5b:3a:7d:
fa:4d:78:d9:80:f8:f0:3f:33:b3:b5:10:af:d8:75:
2f:9f:d9:ee:16:a1:d0:ec:88:be:d5:37:0b:1d:04:
ed:5c:b4:ee:18:c2:70:94:98:d4:50:c3:e4:41:f0:
ed:cd:ca:fd:41:bf:27:d9:81:97:3d:91:80:e9:04:
1b:53:85:4e:c7:64:83:7b:b7:64:43:11:6d:ba:b4:
90:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:CC:93:FE:B9:88:54:45:A5:6D:1D:49:D2:A3:8C:1B:0A:8A:9F:9A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/031DA842C97B11EFB1F2BE53762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.124.0/24
Signature Algorithm: sha256WithRSAEncryption
89:4e:52:5f:1c:58:5d:dc:b0:f6:a7:a9:2c:b5:99:6e:f6:77:
54:90:8c:34:b4:bf:85:7e:ac:35:57:8b:5b:33:91:fc:5f:a7:
dc:ef:9c:24:dc:45:50:64:17:78:3e:1e:a0:a8:21:5d:23:fb:
af:57:95:98:b1:1a:ad:09:1a:fd:35:2e:90:4d:c4:18:e0:75:
95:d6:96:86:26:0e:af:e4:d9:b9:d5:9c:fd:7f:26:a0:cd:95:
37:b0:78:9d:68:e5:08:89:4c:ca:64:42:9c:6e:67:13:7f:96:
58:1e:28:95:78:73:61:9d:d3:58:b4:68:0b:7d:56:f9:8d:b1:
4d:2d:81:8f:9a:80:3c:df:b8:1f:35:a9:ef:c9:51:b8:7e:5e:
4f:2e:cb:5e:33:84:a6:6d:80:73:b3:c1:5b:86:b2:59:84:28:
c1:1e:e4:60:ea:a8:38:6a:3d:6d:ac:9e:3d:0d:ae:6c:60:10:
76:d1:4f:03:4f:b3:86:bd:93:2a:ae:1a:3a:26:fb:5d:f2:7a:
d0:a4:88:09:56:98:39:09:00:00:90:3a:06:2f:0b:e7:2e:ba:
86:71:c2:61:af:c8:07:b6:b7:fd:a3:0e:8a:cd:d8:96:85:62:
1b:44:fd:84:96:08:d3:99:92:4a:de:f5:42:48:7a:3f:7d:c4:
4c:48:9f:7a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPUVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDIzMjQwWhcNMjcxMjEzMDIzMjQwWjAYMRYw
FAYDVQQDEw02Nzc3NGM0Yy03NDQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp+Cn8CQGGlISDwGIzEKGGBcP2oWz2rcfavbNoy9vOT8obTcCLwx7lJdx
s66/rFLYNE7RMYmzlEsxNBiW2SlL+r0ASJjrj0+UWCiGO69H/FP5ZU0ZQGJZ1GJT
ucwTxdQ1OnZ2n/x4q9v07IcpdtwETUU2ZUav7XAAiDM/4V0+k5p0nmXPFs0SK2r3
tsSAZeIEDlQa4KpzfaqFNQBFvXuMlblPs1T1Xcw2S3VYbV5QItVbOn36TXjZgPjw
PzOztRCv2HUvn9nuFqHQ7Ii+1TcLHQTtXLTuGMJwlJjUUMPkQfDtzcr9Qb8n2YGX
PZGA6QQbU4VOx2SDe7dkQxFturSQdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMzM
k/65iFRFpW0dSdKjjBsKip+aMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wMzFEQTg0MkM5N0IxMUVGQjFGMkJFNTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnON8MA0GCSqGSIb3DQEBCwUA
A4IBAQCJTlJfHFhd3LD2p6kstZlu9ndUkIw0tL+Ffqw1V4tbM5H8X6fc75wk3EVQ
ZBd4Ph6gqCFdI/uvV5WYsRqtCRr9NS6QTcQY4HWV1paGJg6v5Nm51Zz9fyagzZU3
sHidaOUIiUzKZEKcbmcTf5ZYHiiVeHNhndNYtGgLfVb5jbFNLYGPmoA837gfNanv
yVG4fl5PLsteM4SmbYBzs8FbhrJZhCjBHuRg6qg4aj1trJ49Da5sYBB20U8DT7OG
vZMqrho6Jvtd8nrQpIgJVpg5CQAAkDoGLwvnLrqGccJhr8gHtrf9ow6KzdiWhWIb
RP2ElgjTmZJK3vVCSHo/fcRMSJ96
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:34 2025 by rpki-client