Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF3C8BEF34F11EFBBB24555762E951A.roa
File: 4BF3C8BEF34F11EFBBB24555762E951A.roa (raw, json)
Hash identifier: G+wPYS0L9/Yl87M//82GJ+F1u56YDlQjUOed7XG/kTs=
Subject key identifier: 1C:1C:7D:F4:CF:29:31:8E:28:9B:F4:5C:AA:D2:66:ED:58:2D:65:9F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012DE0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF3C8BEF34F11EFBBB24555762E951A.roa
Signing time: Tue 25 Feb 2025 08:05:37 +0000
ROA not before: Tue 25 Feb 2025 08:05:34 +0000
ROA not after: Sat 19 Feb 2028 08:05:34 +0000
asID: 17561
IP address blocks: 156.249.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77280 (0x12de0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 08:05:34 2025 GMT
Not After : Feb 19 08:05:34 2028 GMT
Subject: CN=67bd79d1-426e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ce:59:43:da:f5:fc:a8:af:96:d2:8d:6f:3a:
e2:5f:10:61:8d:aa:84:6a:8b:7c:65:d9:30:84:5d:
b1:3e:cf:f9:99:10:65:a5:18:d6:ae:c4:19:c7:10:
d7:ed:65:a1:d1:a2:07:9d:a2:1d:5a:2b:49:30:70:
45:1c:05:68:ec:73:b1:99:0e:ce:d3:19:2c:d0:d9:
15:38:ce:53:6d:e5:fe:d1:5a:20:e5:4b:33:3b:ba:
80:ea:e5:88:e7:d9:99:f5:a7:e8:37:6d:63:e5:70:
60:55:c9:a4:5e:a5:a8:4b:36:dd:e8:0b:d4:04:67:
71:4f:74:e6:06:1c:ef:16:28:b5:92:05:da:09:df:
62:b3:fb:f2:dc:fb:4a:cd:29:b9:d8:69:29:ec:07:
71:8d:51:d5:37:97:cd:8f:10:d0:a6:c3:85:4a:89:
5f:19:e7:32:f6:aa:33:61:b7:7a:24:8c:22:c2:4e:
30:f1:0f:6d:e1:1f:48:08:21:1b:51:2f:9b:0c:2c:
a5:19:c2:ce:db:82:c5:b6:2e:1c:fd:49:1e:66:10:
fa:2c:fa:cf:23:12:be:5c:85:4a:06:7b:da:60:fd:
85:a6:8b:b7:98:b5:c7:67:3c:3f:a1:7c:0a:15:fe:
ff:bc:d2:a4:f4:e2:7e:27:10:64:b0:7a:92:df:71:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:1C:7D:F4:CF:29:31:8E:28:9B:F4:5C:AA:D2:66:ED:58:2D:65:9F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BF3C8BEF34F11EFBBB24555762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.242.0/24
Signature Algorithm: sha256WithRSAEncryption
09:87:45:02:1a:5f:b1:3c:e6:73:5e:13:c5:99:a3:6c:66:32:
90:cc:3a:9a:5d:71:9b:6c:f4:b7:10:c1:31:47:a1:3d:aa:7d:
ce:09:24:40:99:d7:f5:a4:e7:3e:a0:93:30:7b:42:4e:eb:8a:
2d:73:b2:f0:07:a1:d5:71:53:4e:4a:3c:c9:1b:8d:cb:b2:fc:
e0:40:86:7e:fc:39:49:a6:a1:69:fd:35:32:f0:66:ce:11:4e:
fb:87:66:4b:67:27:b1:9a:93:fa:f4:23:a3:eb:39:2e:08:96:
62:bd:f7:49:1d:eb:f7:54:e7:5d:02:f7:12:42:6a:0c:6f:67:
ac:45:63:3e:7e:ea:7f:3f:78:d1:29:6d:94:e5:c5:81:46:15:
0e:62:04:e0:fa:39:c0:f9:ab:01:55:20:bd:39:d4:14:2e:0e:
b3:ef:9d:02:01:db:32:80:75:dd:6e:5c:34:45:45:74:b4:47:
bc:29:d3:b4:d0:ca:cd:5b:fa:d0:a0:b5:51:9d:e6:5b:50:e9:
71:0f:91:ae:6f:ab:5a:3a:37:a2:f3:2a:42:4d:16:c6:40:89:
e5:e7:8d:9d:e0:c9:cf:86:5e:02:f4:2c:05:35:71:77:95:dd:
dc:cd:67:dd:51:31:28:6a:cb:a2:c3:3f:55:c0:49:a3:3d:ea:
ff:9e:53:e8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS3gMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDgwNTM0WhcNMjgwMjE5MDgwNTM0WjAYMRYw
FAYDVQQDEw02N2JkNzlkMS00MjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw85ZQ9r1/KivltKNbzriXxBhjaqEaot8ZdkwhF2xPs/5mRBlpRjWrsQZ
xxDX7WWh0aIHnaIdWitJMHBFHAVo7HOxmQ7O0xks0NkVOM5TbeX+0Vog5UszO7qA
6uWI59mZ9afoN21j5XBgVcmkXqWoSzbd6AvUBGdxT3TmBhzvFii1kgXaCd9is/vy
3PtKzSm52Gkp7AdxjVHVN5fNjxDQpsOFSolfGecy9qozYbd6JIwiwk4w8Q9t4R9I
CCEbUS+bDCylGcLO24LFti4c/UkeZhD6LPrPIxK+XIVKBnvaYP2Fpou3mLXHZzw/
oXwKFf7/vNKk9OJ+JxBksHqS33GCOwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBwc
ffTPKTGOKJv0XKrSZu1YLWWfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QkYzQzhCRUYzNEYxMUVGQkJCMjQ1NTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPnyMA0GCSqGSIb3DQEBCwUA
A4IBAQAJh0UCGl+xPOZzXhPFmaNsZjKQzDqaXXGbbPS3EMExR6E9qn3OCSRAmdf1
pOc+oJMwe0JO64otc7LwB6HVcVNOSjzJG43LsvzgQIZ+/DlJpqFp/TUy8GbOEU77
h2ZLZyexmpP69COj6zkuCJZivfdJHev3VOddAvcSQmoMb2esRWM+fup/P3jRKW2U
5cWBRhUOYgTg+jnA+asBVSC9OdQULg6z750CAdsygHXdblw0RUV0tEe8KdO00MrN
W/rQoLVRneZbUOlxD5Gub6taOjei8ypCTRbGQInl542d4MnPhl4C9CwFNXF3ld3c
zWfdUTEoasuiwz9VwEmjPer/nlPo
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:00 2025 by rpki-client