Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49049AE4CD8811EFB6DFD79A762E951A.roa
File: 49049AE4CD8811EFB6DFD79A762E951A.roa (raw, json)
Hash identifier: gu5imW2K+YE+xOa5rSa6ttxKyz384YeVGXf5O3i/MLs=
Subject key identifier: A4:21:DF:62:7F:75:0D:06:D9:76:1A:91:71:9E:7C:D0:D3:C1:E9:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01003B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49049AE4CD8811EFB6DFD79A762E951A.roa
Signing time: Wed 08 Jan 2025 06:17:50 +0000
ROA not before: Wed 08 Jan 2025 06:17:46 +0000
ROA not after: Sat 13 Dec 2025 06:17:46 +0000
asID: 984
IP address blocks: 156.252.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65595 (0x1003b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 06:17:46 2025 GMT
Not After : Dec 13 06:17:46 2025 GMT
Subject: CN=677e188d-8842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1c:d6:bd:36:1c:81:97:c8:af:05:33:a1:ca:
f0:9c:8c:82:92:0d:14:ed:98:b5:4f:f1:d4:b6:90:
d2:cf:90:32:42:39:c6:0a:7e:0a:e8:73:3d:a2:20:
4a:55:9f:95:f0:0c:f0:64:89:a3:5a:55:a1:5b:1e:
ee:03:6b:5f:60:f3:1c:64:a3:5d:bf:23:35:1d:6b:
2f:f4:4f:c7:2b:7c:f2:dc:90:1c:b2:95:b8:96:5b:
aa:17:53:ad:be:11:60:66:3d:f9:35:74:2b:c2:bc:
b3:10:20:d6:07:a0:7b:81:56:a6:f3:ed:1c:22:65:
7c:15:44:7f:d8:af:9e:7d:cd:5c:92:ab:b4:1f:13:
69:89:01:39:e9:d0:47:db:08:f7:a8:97:c1:6d:39:
6c:22:13:ad:c0:ce:6b:08:31:f5:42:c0:e3:1a:44:
5f:b9:98:15:51:8e:07:1b:f8:77:b2:ee:db:a1:68:
16:db:f9:a7:76:c2:02:34:46:b6:e3:1b:08:73:a4:
c9:bd:e3:83:fb:e9:85:e7:ad:1b:e3:4a:0a:a4:72:
65:70:b4:19:e7:68:47:14:a4:79:73:d5:95:fa:1d:
d2:51:15:25:57:9c:88:ac:21:4e:53:f8:3f:44:fd:
79:a2:d0:89:74:4e:02:4a:b5:60:b7:fe:58:24:4a:
da:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:21:DF:62:7F:75:0D:06:D9:76:1A:91:71:9E:7C:D0:D3:C1:E9:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/49049AE4CD8811EFB6DFD79A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.43.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:cb:d4:d2:40:fa:7f:d8:fb:d8:ef:e4:61:65:d5:8f:86:5e:
8b:62:ac:fa:44:36:c1:84:b7:c4:64:af:f3:7c:5e:3a:1d:31:
77:52:7c:38:99:0a:04:9f:43:b0:31:e7:df:9f:24:78:f8:36:
b4:d3:f1:44:9e:a7:37:22:cd:b9:0f:94:16:9a:97:c5:b8:bc:
de:23:31:f6:2b:82:34:16:0e:b5:d7:9c:e3:7a:50:1d:a3:25:
dc:f4:4c:8c:9a:96:14:d4:3f:42:b9:03:ea:c0:30:2b:b7:37:
f1:ae:31:5d:b2:76:40:6e:39:44:31:1a:ac:c3:c3:25:32:c6:
62:2f:9c:b9:0f:1f:d6:76:ed:90:cb:a4:e2:ef:7f:d5:16:cd:
cc:3c:ed:ab:0f:6b:c9:9d:ce:91:b3:64:cb:df:5c:c6:29:50:
28:53:36:b5:54:1a:ca:39:e2:6c:92:3a:d5:c3:97:f9:ac:2b:
25:32:a1:ca:ea:26:e0:69:28:2f:ea:42:d7:ab:16:6b:d7:8f:
da:83:4e:42:88:b7:7a:18:89:9d:be:ce:e7:e2:62:d8:9f:5a:
3a:20:cf:cf:bc:9a:88:22:07:59:47:8c:3c:2c:bd:b1:3b:78:
01:19:7d:7c:40:cd:c9:ce:15:b7:43:3b:7a:b7:a7:f3:76:6d:
a6:70:d3:b6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQA7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDYxNzQ2WhcNMjUxMjEzMDYxNzQ2WjAYMRYw
FAYDVQQDEw02NzdlMTg4ZC04ODQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5xzWvTYcgZfIrwUzocrwnIyCkg0U7Zi1T/HUtpDSz5AyQjnGCn4K6HM9
oiBKVZ+V8AzwZImjWlWhWx7uA2tfYPMcZKNdvyM1HWsv9E/HK3zy3JAcspW4lluq
F1OtvhFgZj35NXQrwryzECDWB6B7gVam8+0cImV8FUR/2K+efc1ckqu0HxNpiQE5
6dBH2wj3qJfBbTlsIhOtwM5rCDH1QsDjGkRfuZgVUY4HG/h3su7boWgW2/mndsIC
NEa24xsIc6TJveOD++mF560b40oKpHJlcLQZ52hHFKR5c9WV+h3SURUlV5yIrCFO
U/g/RP15otCJdE4CSrVgt/5YJEragwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKQh
32J/dQ0G2XYakXGefNDTwelsMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80OTA0OUFFNENEODgxMUVGQjZERkQ3OUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwrMA0GCSqGSIb3DQEBCwUA
A4IBAQCny9TSQPp/2PvY7+RhZdWPhl6LYqz6RDbBhLfEZK/zfF46HTF3Unw4mQoE
n0OwMeffnyR4+Da00/FEnqc3Is25D5QWmpfFuLzeIzH2K4I0Fg6115zjelAdoyXc
9EyMmpYU1D9CuQPqwDArtzfxrjFdsnZAbjlEMRqsw8MlMsZiL5y5Dx/Wdu2Qy6Ti
73/VFs3MPO2rD2vJnc6Rs2TL31zGKVAoUza1VBrKOeJskjrVw5f5rCslMqHK6ibg
aSgv6kLXqxZr14/ag05CiLd6GImdvs7n4mLYn1o6IM/PvJqIIgdZR4w8LL2xO3gB
GX18QM3JzhW3Qzt6t6fzdm2mcNO2
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:23 2025 by rpki-client