Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15F7FFF0CD8411EFAEB6FD7F762E951A.roa
File: 15F7FFF0CD8411EFAEB6FD7F762E951A.roa (raw, json)
Hash identifier: yDGQw5y8VI7FimGbKCLP15VahHCelhRwTKcAuqydbok=
Subject key identifier: 85:5D:45:39:06:FA:9E:27:54:92:B9:7A:C2:78:E0:8F:9C:D7:AB:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01001B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15F7FFF0CD8411EFAEB6FD7F762E951A.roa
Signing time: Wed 08 Jan 2025 05:47:46 +0000
ROA not before: Wed 08 Jan 2025 05:47:42 +0000
ROA not after: Mon 13 Dec 2027 05:47:42 +0000
asID: 17561
IP address blocks: 156.252.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65563 (0x1001b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 05:47:42 2025 GMT
Not After : Dec 13 05:47:42 2027 GMT
Subject: CN=677e1182-1c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:79:89:e0:40:ce:19:91:c8:17:de:00:7b:c0:
4e:95:eb:ea:f0:86:05:dd:35:87:fc:45:03:bf:0c:
3a:4a:cc:5f:65:bd:9d:2e:4e:47:7a:9d:2e:c0:3b:
12:15:55:49:bb:9e:b3:59:92:e0:bc:73:9a:bc:e0:
e1:5c:7a:bb:fc:ac:35:93:0f:c5:a2:70:16:fc:5a:
ca:ce:0f:7b:05:a4:39:e4:d0:a0:6a:20:9b:99:2a:
6b:4a:24:7e:d5:10:b3:1e:2b:38:8e:c7:80:3e:6b:
8e:de:84:1e:58:7a:57:60:a6:6f:5b:73:72:05:0e:
b7:81:00:13:1a:42:75:48:da:83:d4:e0:3b:b0:5b:
d9:35:62:b1:90:f4:e4:cf:09:46:28:b4:18:30:e8:
1c:bd:47:23:44:fb:56:15:58:f6:49:2e:81:4b:bf:
11:6d:67:61:f2:5b:95:ce:6c:7b:21:4a:28:45:f6:
81:5d:50:9d:86:53:1b:b8:b8:e5:fc:a8:1f:cb:18:
36:6f:01:f4:ad:6f:73:44:de:a6:3b:3a:f8:cb:42:
6c:33:82:00:90:c8:21:d1:c3:d1:fa:88:f6:d9:7b:
09:00:b7:35:86:81:b8:d8:d7:1e:1e:3b:0d:b5:dc:
b0:27:e4:49:cb:e7:af:27:2c:3f:d6:54:b4:da:78:
70:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5D:45:39:06:FA:9E:27:54:92:B9:7A:C2:78:E0:8F:9C:D7:AB:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15F7FFF0CD8411EFAEB6FD7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.25.0/24
Signature Algorithm: sha256WithRSAEncryption
04:ea:a4:ff:12:3c:68:43:69:df:e3:1c:1e:bc:e8:88:81:ab:
8f:a7:e3:60:da:0a:36:2c:1b:32:d9:b7:1f:b4:48:43:bc:d5:
1f:55:2b:1a:bb:bc:21:97:d6:42:9c:6a:cc:2b:d5:54:c9:c8:
c0:a8:59:00:0d:d6:54:9c:ae:03:0a:b8:aa:24:e0:72:18:fa:
b7:97:6c:b5:31:8d:29:c0:94:95:17:1d:04:b5:40:56:db:b5:
71:cf:1c:fb:f2:be:f1:24:c4:35:ff:2f:64:15:2f:c1:6c:80:
ed:c1:ac:ac:44:9c:ed:57:9a:eb:44:68:6f:56:a7:90:5e:2e:
03:f4:c3:4a:a8:27:a3:35:8b:36:44:1b:1c:8c:51:c2:d8:b4:
d3:c5:2f:d7:3b:16:6a:83:b5:6e:da:14:09:cc:c0:59:74:e1:
45:2f:52:a8:01:5a:e7:37:b9:0c:ea:e9:91:d4:f3:15:c1:6f:
41:96:e9:94:99:d1:14:c0:b4:dc:e3:3b:d5:91:10:6e:91:4c:
12:99:06:ce:82:f2:4e:1e:8d:85:54:2b:47:54:c4:3a:d9:7f:
b3:48:fd:51:a3:1d:79:25:80:f4:09:af:05:9d:85:11:0e:73:
76:59:21:e1:c5:3f:b9:96:75:6f:15:3e:49:79:1e:12:c1:23:
12:45:67:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQAbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDU0NzQyWhcNMjcxMjEzMDU0NzQyWjAYMRYw
FAYDVQQDEw02NzdlMTE4Mi0xYzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp3mJ4EDOGZHIF94Ae8BOlevq8IYF3TWH/EUDvww6SsxfZb2dLk5Hep0u
wDsSFVVJu56zWZLgvHOavODhXHq7/Kw1kw/FonAW/FrKzg97BaQ55NCgaiCbmSpr
SiR+1RCzHis4jseAPmuO3oQeWHpXYKZvW3NyBQ63gQATGkJ1SNqD1OA7sFvZNWKx
kPTkzwlGKLQYMOgcvUcjRPtWFVj2SS6BS78RbWdh8luVzmx7IUooRfaBXVCdhlMb
uLjl/Kgfyxg2bwH0rW9zRN6mOzr4y0JsM4IAkMgh0cPR+oj22XsJALc1hoG42Nce
HjsNtdywJ+RJy+evJyw/1lS02nhwiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIVd
RTkG+p4nVJK5esJ44I+c16tMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNUY3RkZGMENEODQxMUVGQUVCNkZEN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwZMA0GCSqGSIb3DQEBCwUA
A4IBAQAE6qT/EjxoQ2nf4xwevOiIgauPp+Ng2go2LBsy2bcftEhDvNUfVSsau7wh
l9ZCnGrMK9VUycjAqFkADdZUnK4DCriqJOByGPq3l2y1MY0pwJSVFx0EtUBW27Vx
zxz78r7xJMQ1/y9kFS/BbIDtwaysRJztV5rrRGhvVqeQXi4D9MNKqCejNYs2RBsc
jFHC2LTTxS/XOxZqg7Vu2hQJzMBZdOFFL1KoAVrnN7kM6umR1PMVwW9BlumUmdEU
wLTc4zvVkRBukUwSmQbOgvJOHo2FVCtHVMQ62X+zSP1Rox15JYD0Ca8FnYURDnN2
WSHhxT+5lnVvFT5JeR4SwSMSRWew
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:27 2025 by rpki-client