Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11CD965CF47511EF84D9E4B7762E951A.roa
File: 11CD965CF47511EF84D9E4B7762E951A.roa (raw, json)
Hash identifier: v2HUWhbSzHx8iXJf+GMmUeWYOAUBKc2NsNI0qN3VBTc=
Subject key identifier: 70:64:A1:DE:5E:33:7F:03:17:C5:9C:0C:D4:24:BF:90:8A:8F:B5:E1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0136DD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11CD965CF47511EF84D9E4B7762E951A.roa
Signing time: Wed 26 Feb 2025 19:08:32 +0000
ROA not before: Wed 26 Feb 2025 19:08:28 +0000
ROA not after: Sat 19 Feb 2028 19:08:28 +0000
asID: 17561
IP address blocks: 156.241.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79581 (0x136dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 19:08:28 2025 GMT
Not After : Feb 19 19:08:28 2028 GMT
Subject: CN=67bf66b0-fa42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f1:bb:24:ec:89:f6:ee:9e:19:fe:9a:26:cf:
89:8f:56:2e:65:98:eb:e0:f2:55:e9:a6:82:cd:ad:
31:e1:9b:b8:94:db:15:62:1f:ad:16:2a:e5:8f:1a:
7f:39:ed:e2:9f:ff:14:ed:fe:77:4c:6a:cb:df:a9:
6d:08:d8:4a:b7:d1:23:99:ec:d7:f9:40:d3:a2:6d:
78:28:66:81:92:42:bd:b3:09:8e:cd:6f:e2:18:14:
15:9e:2d:98:8b:0a:18:7f:43:09:96:dd:e1:c9:6d:
10:08:fe:67:14:2d:d8:ef:4e:c2:e2:88:b8:ad:8e:
38:ce:1f:96:97:f9:ee:4c:2c:44:cd:91:54:6d:db:
e5:d5:de:02:7e:9a:86:c9:fe:2b:39:c4:c7:33:af:
96:f4:70:71:9e:29:44:7c:95:3b:a9:7d:bf:53:49:
3e:f4:87:a8:d1:bf:93:74:d3:2a:37:90:dc:46:e3:
69:84:2f:21:ed:bf:d8:15:99:ad:20:ff:5d:d7:4e:
62:50:d6:b6:02:ab:ed:f4:e2:b4:48:32:8d:0b:2e:
7c:39:f1:8f:d1:8e:81:7c:90:8c:92:e0:40:ac:76:
8a:e8:cd:8f:d1:9f:07:86:ae:a7:20:bd:09:d8:c1:
52:86:31:a0:18:69:4d:28:21:ff:f5:41:a8:d9:e0:
56:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:64:A1:DE:5E:33:7F:03:17:C5:9C:0C:D4:24:BF:90:8A:8F:B5:E1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11CD965CF47511EF84D9E4B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.56.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c5:71:50:1e:04:65:49:61:ee:63:f1:d3:25:81:a6:70:16:
a8:18:df:92:2d:dc:e5:83:ce:c6:d3:13:c0:6f:e0:59:12:8a:
37:cc:97:7e:97:84:20:6e:a2:d6:38:3e:f0:b1:8d:c2:0b:60:
6e:58:d8:4d:b0:1b:cc:3f:fd:3b:c0:a6:6c:f4:3f:0d:5c:99:
1a:b0:83:c6:ae:84:9b:09:9d:07:43:55:6d:3e:8b:58:f2:f8:
83:5f:22:95:4b:c6:66:49:44:b9:47:23:a2:81:c3:f6:60:6d:
f0:ed:ef:0d:33:1a:f0:06:d5:3c:4f:38:b3:02:e7:d5:f3:46:
7d:48:8b:cf:11:94:7d:17:3d:85:f3:e4:4c:c9:bc:9b:b2:1c:
84:db:61:e2:54:87:42:37:01:f0:d7:96:f4:5e:f7:9d:3e:20:
ec:e1:68:62:d0:c4:07:4c:6e:fe:49:43:f9:07:fe:72:da:0c:
a0:2b:5d:f8:d8:48:d8:d1:b2:a1:3c:3b:23:e3:a6:a9:0a:8d:
af:c1:4a:a3:62:5d:5d:57:75:a8:fd:ba:67:5b:6f:42:d5:a7:
76:ef:60:d2:94:83:25:a5:9a:3d:04:e9:c7:58:5b:f4:52:ac:
e7:a0:b6:ed:0f:45:d7:eb:5d:11:9a:09:90:be:75:cd:00:28:
fd:b5:a3:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATbdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTkwODI4WhcNMjgwMjE5MTkwODI4WjAYMRYw
FAYDVQQDEw02N2JmNjZiMC1mYTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzvG7JOyJ9u6eGf6aJs+Jj1YuZZjr4PJV6aaCza0x4Zu4lNsVYh+tFirl
jxp/Oe3in/8U7f53TGrL36ltCNhKt9EjmezX+UDTom14KGaBkkK9swmOzW/iGBQV
ni2YiwoYf0MJlt3hyW0QCP5nFC3Y707C4oi4rY44zh+Wl/nuTCxEzZFUbdvl1d4C
fpqGyf4rOcTHM6+W9HBxnilEfJU7qX2/U0k+9Ieo0b+TdNMqN5DcRuNphC8h7b/Y
FZmtIP9d105iUNa2Aqvt9OK0SDKNCy58OfGP0Y6BfJCMkuBArHaK6M2P0Z8Hhq6n
IL0J2MFShjGgGGlNKCH/9UGo2eBWzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHBk
od5eM38DF8WcDNQkv5CKj7XhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMUNEOTY1Q0Y0NzUxMUVGODREOUU0Qjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPE4MA0GCSqGSIb3DQEBCwUA
A4IBAQCIxXFQHgRlSWHuY/HTJYGmcBaoGN+SLdzlg87G0xPAb+BZEoo3zJd+l4Qg
bqLWOD7wsY3CC2BuWNhNsBvMP/07wKZs9D8NXJkasIPGroSbCZ0HQ1VtPotY8viD
XyKVS8ZmSUS5RyOigcP2YG3w7e8NMxrwBtU8TzizAufV80Z9SIvPEZR9Fz2F8+RM
ybybshyE22HiVIdCNwHw15b0XvedPiDs4Whi0MQHTG7+SUP5B/5y2gygK1342EjY
0bKhPDsj46apCo2vwUqjYl1dV3Wo/bpnW29C1ad272DSlIMlpZo9BOnHWFv0Uqzn
oLbtD0XX610RmgmQvnXNACj9taNS
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:56 2025 by rpki-client