Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2994F3B2CCCE11EFA210316F762E951A.roa
File: 2994F3B2CCCE11EFA210316F762E951A.roa (raw, json)
Hash identifier: Zv11433sQ5JD6UAnjBZfn9fVT975P8WRn7K8srJGIx0=
Subject key identifier: 52:5A:A5:F7:E8:6D:A4:5C:A1:0C:3F:D4:AF:9E:09:64:80:F2:6C:96
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA98
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2994F3B2CCCE11EFA210316F762E951A.roa
Signing time: Tue 07 Jan 2025 08:05:30 +0000
ROA not before: Tue 07 Jan 2025 08:05:27 +0000
ROA not after: Mon 13 Dec 2027 08:05:27 +0000
asID: 17561
IP address blocks: 156.233.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64152 (0xfa98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:05:27 2025 GMT
Not After : Dec 13 08:05:27 2027 GMT
Subject: CN=677ce04a-3a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7a:52:24:5b:9e:d3:40:0a:29:65:b0:82:a0:
ac:9a:4f:74:ad:5f:27:96:d7:b7:26:e7:2a:55:9b:
e1:e9:7e:4c:b2:f6:46:9c:ce:ff:d5:f9:76:10:9f:
51:79:49:e8:87:a3:ff:ba:89:f0:9e:45:09:22:62:
5a:08:3e:16:ea:81:76:ff:bc:13:32:cd:a7:c0:a9:
42:9d:f5:74:6b:f0:60:39:fd:71:d5:3c:c7:71:23:
4a:45:9f:55:96:87:c5:1e:2c:5d:c7:8f:c6:1f:29:
84:c4:61:29:ed:8e:00:ae:a1:e0:a8:06:ad:a7:57:
94:67:43:70:c8:e2:23:e5:74:58:fd:6d:4a:15:3d:
c1:3a:40:30:7c:5d:5b:fc:ae:fb:55:0c:16:20:1e:
0a:6f:14:96:f2:ed:ee:db:3c:7e:0c:18:d4:6b:bc:
77:d1:25:19:fd:3f:80:b4:d9:db:07:00:9c:d9:c3:
07:c7:d3:36:0e:77:c7:02:a6:8b:61:34:ee:3d:f9:
ae:5c:6e:57:9a:92:d9:0f:ae:a2:9e:b4:86:30:96:
f2:a1:95:2b:9b:f6:c8:70:45:87:9a:06:97:7f:f9:
3f:bf:4f:52:c2:a3:b7:2c:30:da:7d:2e:3a:ef:28:
69:e0:49:8c:44:71:95:72:cd:2d:77:de:33:d9:bd:
40:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5A:A5:F7:E8:6D:A4:5C:A1:0C:3F:D4:AF:9E:09:64:80:F2:6C:96
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2994F3B2CCCE11EFA210316F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.137.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:8a:7c:c2:18:ec:6e:fc:f3:75:c2:85:59:2f:e1:26:45:d3:
24:22:5b:c9:2d:13:4e:e8:67:2d:16:5c:51:40:09:1a:61:63:
72:92:e6:8a:63:3a:d6:9d:78:b1:1f:6b:4f:98:a3:98:92:f3:
45:e0:2a:b6:b6:f2:3e:b6:e2:c8:62:03:85:79:d6:ef:4f:a5:
ef:b7:4d:70:cd:70:da:02:6f:30:b9:69:34:8d:fd:f4:15:89:
05:08:46:c2:11:c3:9c:9a:b9:fb:c3:48:ac:f9:76:c3:61:b2:
cd:ee:2b:67:0f:9b:59:78:90:ca:0e:3d:1c:d6:6e:f4:5d:39:
df:7c:2b:f6:64:92:02:40:27:60:57:f8:56:7b:46:91:7f:4f:
d6:06:9c:98:c1:c1:47:db:63:8d:e5:5d:58:e0:3b:7e:e2:cd:
b4:85:80:2c:98:49:9e:27:34:d7:be:b3:90:9f:d3:58:34:1e:
16:51:90:75:d0:fb:73:13:fe:ca:3f:c0:59:32:bb:e0:7b:cc:
18:ed:a3:42:6d:bd:d1:2f:e4:df:e7:b1:de:d9:46:e1:aa:49:
aa:ca:4e:5f:6c:a0:ec:fc:fd:12:6e:f8:be:c7:af:f9:15:fe:
fa:b0:a9:00:7f:4a:56:81:9b:f1:b0:dd:d4:55:65:e4:e7:fb:
da:93:4c:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPqYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDgwNTI3WhcNMjcxMjEzMDgwNTI3WjAYMRYw
FAYDVQQDEw02NzdjZTA0YS0zYTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA23pSJFue00AKKWWwgqCsmk90rV8nlte3JucqVZvh6X5MsvZGnM7/1fl2
EJ9ReUnoh6P/uonwnkUJImJaCD4W6oF2/7wTMs2nwKlCnfV0a/BgOf1x1TzHcSNK
RZ9VlofFHixdx4/GHymExGEp7Y4ArqHgqAatp1eUZ0NwyOIj5XRY/W1KFT3BOkAw
fF1b/K77VQwWIB4KbxSW8u3u2zx+DBjUa7x30SUZ/T+AtNnbBwCc2cMHx9M2DnfH
AqaLYTTuPfmuXG5XmpLZD66inrSGMJbyoZUrm/bIcEWHmgaXf/k/v09SwqO3LDDa
fS467yhp4EmMRHGVcs0td94z2b1ANQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFJa
pffobaRcoQw/1K+eCWSA8myWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOTk0RjNCMkNDQ0UxMUVGQTIxMDMxNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmJMA0GCSqGSIb3DQEBCwUA
A4IBAQC1inzCGOxu/PN1woVZL+EmRdMkIlvJLRNO6GctFlxRQAkaYWNykuaKYzrW
nXixH2tPmKOYkvNF4Cq2tvI+tuLIYgOFedbvT6Xvt01wzXDaAm8wuWk0jf30FYkF
CEbCEcOcmrn7w0is+XbDYbLN7itnD5tZeJDKDj0c1m70XTnffCv2ZJICQCdgV/hW
e0aRf0/WBpyYwcFH22ON5V1Y4Dt+4s20hYAsmEmeJzTXvrOQn9NYNB4WUZB10Ptz
E/7KP8BZMrvge8wY7aNCbb3RL+Tf57He2Ubhqkmqyk5fbKDs/P0Sbvi+x6/5Ff76
sKkAf0pWgZvxsN3UVWXk5/vak0yK
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:59 2025 by rpki-client