Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F969418D31711EFA4CF6B5E762E951A.roa
File: 4F969418D31711EFA4CF6B5E762E951A.roa (raw, json)
Hash identifier: WRB/2a/vvghYCItlqd8rOXt9YYWiFypDqQ6+sPg0+Gs=
Subject key identifier: 6B:E0:89:54:F1:F3:F9:11:59:1E:23:05:9A:C1:78:AC:89:EC:F1:6A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010875
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F969418D31711EFA4CF6B5E762E951A.roa
Signing time: Wed 15 Jan 2025 08:04:15 +0000
ROA not before: Wed 15 Jan 2025 08:04:11 +0000
ROA not after: Mon 03 Jan 2028 08:04:11 +0000
asID: 17561
IP address blocks: 156.254.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67701 (0x10875)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 08:04:11 2025 GMT
Not After : Jan 3 08:04:11 2028 GMT
Subject: CN=67876bfe-204b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9c:d5:7d:e7:6d:0b:bc:23:e8:15:3c:f4:01:
3a:b3:f6:6b:4b:dd:e4:30:46:be:c2:fb:35:a4:4c:
de:78:5a:a8:47:c0:b6:ba:7c:86:f9:63:63:bf:b6:
ae:97:96:35:70:60:ce:56:ff:fc:12:dd:5c:cd:a6:
85:59:b6:fe:2f:2c:11:0b:73:00:5f:a8:97:00:b4:
69:04:a3:e0:8e:34:a0:8a:86:36:04:fb:03:d3:e2:
4b:c7:d7:2d:69:a0:ad:9d:e4:18:c8:16:2e:bb:2f:
f7:e5:2e:fa:2d:20:6b:10:d3:6d:68:41:df:dc:64:
5a:eb:8a:3f:9b:8a:d2:17:8a:ee:3d:82:69:b0:f8:
5f:a2:21:cf:d8:fc:ad:10:0a:db:30:67:d1:d6:11:
0b:0f:ee:dc:58:aa:e5:b6:5e:cd:aa:17:cc:14:1a:
51:a4:16:55:bf:2a:46:de:31:52:9d:70:a2:b7:65:
72:c7:59:da:c0:7c:72:5b:d9:d1:f5:ef:b0:6b:d3:
06:f4:59:fa:ce:38:50:8d:7a:33:6d:94:fb:e5:08:
43:18:34:66:99:22:fe:3b:be:f8:64:d0:05:9a:f1:
e3:f2:6f:23:90:49:e7:ed:48:ad:71:68:a8:a6:ad:
12:7c:2b:8a:f1:27:7b:c9:c0:b4:c9:40:0e:03:a6:
6c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E0:89:54:F1:F3:F9:11:59:1E:23:05:9A:C1:78:AC:89:EC:F1:6A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4F969418D31711EFA4CF6B5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.80.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:43:66:c0:50:87:74:b3:cc:65:0f:da:3e:7d:69:51:b4:0f:
c0:cd:ef:e0:00:4c:d9:a0:2b:a4:12:ea:c4:64:16:c0:0e:38:
1a:cd:d0:d3:6f:fd:bc:9d:34:c9:e4:1a:c3:77:eb:90:8f:d8:
34:ce:21:e7:61:dc:c1:7d:2c:c8:81:ae:50:dc:24:7d:7a:40:
d2:43:1c:4a:49:5e:8c:5f:d6:14:2d:94:8f:a0:11:1e:cf:10:
84:92:e0:21:00:ed:e1:e7:80:52:33:38:51:b9:e8:d5:21:0b:
ef:2d:9d:77:ac:c4:4c:1e:f8:56:4d:27:4f:e3:b2:8e:d4:1e:
17:47:22:76:28:20:9a:ac:7f:d9:a3:c9:59:c9:7f:d6:4e:ad:
82:ac:8f:a5:57:1d:4d:34:59:c9:7f:ec:9f:3d:6f:bf:95:7d:
3f:a4:1e:66:b5:2a:63:fa:d7:e4:e2:3d:99:82:f9:85:9d:6f:
c3:ac:64:1b:f1:3f:be:90:fa:0a:a7:ff:bf:eb:ec:3a:88:9e:
e3:4f:98:31:68:b7:42:26:a8:1e:40:c1:21:95:c3:9b:7a:af:
90:96:2f:86:3b:d8:b3:c0:53:3b:ef:e1:b2:ec:22:f2:16:eb:
48:92:7a:c2:7c:dc:94:f3:ee:98:23:6f:f6:f3:53:e8:bd:3d:
3f:09:b0:a4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQh1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDgwNDExWhcNMjgwMTAzMDgwNDExWjAYMRYw
FAYDVQQDEw02Nzg3NmJmZS0yMDRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuZzVfedtC7wj6BU89AE6s/ZrS93kMEa+wvs1pEzeeFqoR8C2unyG+WNj
v7aul5Y1cGDOVv/8Et1czaaFWbb+LywRC3MAX6iXALRpBKPgjjSgioY2BPsD0+JL
x9ctaaCtneQYyBYuuy/35S76LSBrENNtaEHf3GRa64o/m4rSF4ruPYJpsPhfoiHP
2PytEArbMGfR1hELD+7cWKrltl7NqhfMFBpRpBZVvypG3jFSnXCit2Vyx1nawHxy
W9nR9e+wa9MG9Fn6zjhQjXozbZT75QhDGDRmmSL+O774ZNAFmvHj8m8jkEnn7Uit
cWiopq0SfCuK8Sd7ycC0yUAOA6ZsOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGvg
iVTx8/kRWR4jBZrBeKyJ7PFqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80Rjk2OTQxOEQzMTcxMUVGQTRDRjZCNUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5QMA0GCSqGSIb3DQEBCwUA
A4IBAQC2Q2bAUId0s8xlD9o+fWlRtA/Aze/gAEzZoCukEurEZBbADjgazdDTb/28
nTTJ5BrDd+uQj9g0ziHnYdzBfSzIga5Q3CR9ekDSQxxKSV6MX9YULZSPoBEezxCE
kuAhAO3h54BSMzhRuejVIQvvLZ13rMRMHvhWTSdP47KO1B4XRyJ2KCCarH/Zo8lZ
yX/WTq2CrI+lVx1NNFnJf+yfPW+/lX0/pB5mtSpj+tfk4j2ZgvmFnW/DrGQb8T++
kPoKp/+/6+w6iJ7jT5gxaLdCJqgeQMEhlcObeq+Qli+GO9izwFM77+Gy7CLyFutI
knrCfNyU8+6YI2/281PovT0/CbCk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:37 2025 by rpki-client