Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0BAEDD4AC97C11EFA54D6A5B762E951A.roa
File: 0BAEDD4AC97C11EFA54D6A5B762E951A.roa (raw, json)
Hash identifier: s/G48+VqEpqzb/2qBf+U3un3Z2iR2OsWmiGR1nqKe6U=
Subject key identifier: A3:2E:1A:99:9F:C2:D9:51:88:1E:CC:E3:7F:B9:17:CA:B6:59:DB:18
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F51F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0BAEDD4AC97C11EFA54D6A5B762E951A.roa
Signing time: Fri 03 Jan 2025 02:40:08 +0000
ROA not before: Fri 03 Jan 2025 02:40:04 +0000
ROA not after: Mon 13 Dec 2027 02:40:04 +0000
asID: 17561
IP address blocks: 156.227.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62751 (0xf51f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 02:40:04 2025 GMT
Not After : Dec 13 02:40:04 2027 GMT
Subject: CN=67774e08-3ca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4d:32:61:79:a3:47:4a:0a:db:a4:19:04:21:
68:be:04:1f:c1:95:8a:61:f3:da:31:c2:fd:77:04:
01:76:aa:1b:35:2a:05:b0:d6:2c:be:37:d3:8b:6d:
40:74:6f:89:0c:c1:4a:d9:5f:2d:78:aa:4e:72:b9:
ee:25:31:8b:75:c8:ea:e0:0e:33:be:28:a7:87:d5:
12:fb:3e:c7:c7:73:12:35:5f:b8:8f:16:a9:83:90:
7a:0b:dd:95:ef:27:0d:b2:d2:59:af:2e:70:09:32:
62:a5:d0:7d:71:f7:aa:52:fa:84:c3:7b:b4:94:8b:
38:17:f5:7b:9f:5c:12:82:27:b1:61:fa:66:a7:2a:
f8:12:bd:a6:56:c4:5f:c6:a7:6b:07:6f:15:79:0c:
48:95:a6:73:11:7d:28:a2:d3:97:54:63:84:c2:ed:
f1:2f:50:d9:a7:93:f8:2d:30:44:3c:25:ae:27:da:
c4:28:b2:dc:cc:9e:90:ca:26:f6:cb:69:c5:66:87:
1c:ae:a9:44:84:43:78:9d:0c:da:cf:e4:9e:07:b0:
ad:a9:44:7d:a9:c5:76:e9:e9:5b:07:9b:ee:e4:33:
1a:cf:7d:50:8d:e3:27:7d:a2:cd:b8:17:ea:03:7b:
fc:e4:9d:c3:9e:9b:35:4e:80:6f:1e:e3:2e:18:9e:
2e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:2E:1A:99:9F:C2:D9:51:88:1E:CC:E3:7F:B9:17:CA:B6:59:DB:18
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0BAEDD4AC97C11EFA54D6A5B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.249.0/24
Signature Algorithm: sha256WithRSAEncryption
52:36:56:ab:34:8e:84:36:c0:5c:b6:ff:f6:46:f8:dd:e8:b3:
20:41:67:ef:79:4f:af:00:6d:5f:70:be:72:c3:df:be:93:f8:
84:14:ee:87:66:12:24:0c:65:9c:fb:dc:ed:a6:95:53:00:58:
24:a9:e7:9a:d5:c7:cb:7e:36:60:5b:4b:53:6e:25:2d:3e:92:
30:ce:a7:3f:43:bb:55:16:e2:bb:26:71:59:0b:10:47:d3:48:
13:b9:ae:9c:d3:65:2a:0f:2b:62:5e:e3:ef:1f:ab:45:bf:d0:
e1:85:95:50:27:a9:1a:95:f4:08:11:09:3c:f9:bb:af:dd:07:
f8:f5:48:c0:11:c8:2e:d5:2b:a3:34:54:60:ca:ff:f5:e8:0c:
fe:b1:2a:6d:61:ac:b1:6d:04:48:ad:f7:b2:f1:60:aa:4d:7d:
fe:76:c4:b1:2f:b1:9c:aa:4b:78:a5:68:ca:86:2d:ac:df:54:
c8:e1:89:89:3a:05:49:52:f8:1a:64:e1:11:12:47:4c:a3:10:
04:b6:ed:e8:01:38:3f:b0:b0:a5:88:98:a6:fa:b4:36:6f:13:
3e:1c:1b:19:14:60:83:29:10:b2:83:a9:ab:a3:82:f0:77:b4:
4c:19:60:0e:58:69:7f:a8:08:b9:fd:69:af:aa:74:84:54:03:
94:a5:45:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPUfMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDI0MDA0WhcNMjcxMjEzMDI0MDA0WjAYMRYw
FAYDVQQDEw02Nzc3NGUwOC0zY2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAok0yYXmjR0oK26QZBCFovgQfwZWKYfPaMcL9dwQBdqobNSoFsNYsvjfT
i21AdG+JDMFK2V8teKpOcrnuJTGLdcjq4A4zviinh9US+z7Hx3MSNV+4jxapg5B6
C92V7ycNstJZry5wCTJipdB9cfeqUvqEw3u0lIs4F/V7n1wSgiexYfpmpyr4Er2m
VsRfxqdrB28VeQxIlaZzEX0ootOXVGOEwu3xL1DZp5P4LTBEPCWuJ9rEKLLczJ6Q
yib2y2nFZoccrqlEhEN4nQzaz+SeB7CtqUR9qcV26elbB5vu5DMaz31QjeMnfaLN
uBfqA3v85J3Dnps1ToBvHuMuGJ4uMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKMu
GpmfwtlRiB7M43+5F8q2WdsYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQkFFREQ0QUM5N0MxMUVGQTU0RDZBNUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOP5MA0GCSqGSIb3DQEBCwUA
A4IBAQBSNlarNI6ENsBctv/2Rvjd6LMgQWfveU+vAG1fcL5yw9++k/iEFO6HZhIk
DGWc+9ztppVTAFgkqeea1cfLfjZgW0tTbiUtPpIwzqc/Q7tVFuK7JnFZCxBH00gT
ua6c02UqDytiXuPvH6tFv9DhhZVQJ6kalfQIEQk8+buv3Qf49UjAEcgu1SujNFRg
yv/16Az+sSptYayxbQRIrfey8WCqTX3+dsSxL7Gcqkt4pWjKhi2s31TI4YmJOgVJ
UvgaZOEREkdMoxAEtu3oATg/sLCliJim+rQ2bxM+HBsZFGCDKRCyg6mro4Lwd7RM
GWAOWGl/qAi5/WmvqnSEVAOUpUWL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:26 2025 by rpki-client