Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/597D59B40CDB11F0B1555452762E951A.roa
File: 597D59B40CDB11F0B1555452762E951A.roa (raw, json)
Hash identifier: yu6ObLvSDY7pjbVuQfKMc4+HBl4LvXm90rwBaNo9Xg8=
Subject key identifier: 0A:A2:4C:2E:59:E7:FD:DE:32:32:FF:82:40:D3:4E:5D:3D:8B:E0:D7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01491B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/597D59B40CDB11F0B1555452762E951A.roa
Signing time: Sat 29 Mar 2025 20:21:09 +0000
ROA not before: Sat 29 Mar 2025 20:21:05 +0000
ROA not after: Tue 08 Apr 2025 20:21:05 +0000
asID: 134365
IP address blocks: 156.245.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84251 (0x1491b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 29 20:21:05 2025 GMT
Not After : Apr 8 20:21:05 2025 GMT
Subject: CN=67e85635-0964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a4:b2:aa:a7:62:67:6c:a8:c9:1c:e5:0f:30:
1a:2a:98:37:d9:e8:0a:37:3b:e3:a4:5b:45:16:56:
05:90:43:d6:96:98:59:ee:16:0c:22:4e:28:18:c6:
e6:d3:f0:13:82:eb:b8:1d:dd:42:a3:6c:78:1b:14:
74:1b:d7:a2:8c:4d:67:15:1c:bb:35:ef:a9:f8:1e:
89:f1:18:0e:fa:d3:68:e3:56:cf:16:ad:f4:eb:83:
1a:37:c4:ab:83:c0:b0:95:a0:4b:2a:4d:a3:51:ff:
56:06:7a:b6:95:a7:e4:72:1f:c7:8f:43:d7:4a:71:
18:78:76:66:57:42:78:1a:09:d9:cf:92:00:d9:e1:
08:0e:2d:f9:6c:ee:62:0a:ca:18:19:b8:56:d0:a2:
7a:b3:71:a6:ff:2b:6f:aa:1f:ab:2a:b6:54:25:89:
5f:53:1d:3f:1b:de:fa:fe:64:a6:26:68:24:fb:20:
e9:41:81:e8:e5:ab:67:87:a9:f4:8d:5c:25:c5:a7:
2a:f1:2a:b6:0e:9a:16:7d:7a:94:79:1e:25:7e:3b:
90:1c:41:8f:ec:d4:e5:07:09:c6:99:a9:1e:a9:14:
9b:73:54:d6:49:cd:42:77:83:f4:c8:ee:ff:46:93:
4b:ef:46:84:e1:4d:04:55:e0:0d:32:e0:a0:25:a3:
34:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A2:4C:2E:59:E7:FD:DE:32:32:FF:82:40:D3:4E:5D:3D:8B:E0:D7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/597D59B40CDB11F0B1555452762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.200.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:5a:13:fd:7c:8d:b6:0e:24:e9:64:65:42:dc:cb:b6:d1:d4:
c5:4e:a8:0e:db:3c:49:e1:e8:17:94:ab:64:8a:b3:f0:c5:80:
3d:6a:ce:e5:3f:73:1e:ae:b5:c1:a4:bf:2b:8c:00:d5:7a:70:
d2:2d:45:30:70:0f:99:b8:bf:95:d3:bc:cb:50:a5:a9:56:f6:
1e:1b:20:c4:fe:ac:a5:7a:47:d2:0b:2d:94:8e:4d:4a:df:92:
6c:da:4b:86:a3:88:c6:94:42:53:dd:8f:89:27:28:33:b6:75:
ae:bb:6a:46:1e:17:8f:bd:e6:55:f0:0c:1d:de:8a:e8:f3:d6:
11:d0:e4:1b:71:fe:2a:ea:ab:4f:ce:e0:05:84:6f:37:aa:73:
5b:94:cd:d0:cb:3d:88:31:b8:d9:71:b1:04:c4:1d:ea:e2:79:
43:a9:95:8e:27:42:2b:7e:01:78:ad:f7:f4:85:25:f4:b9:6d:
e4:0e:98:cd:4b:54:ed:bc:6f:40:4a:9a:55:43:8e:54:cb:d9:
84:79:5e:b2:06:78:0d:90:69:c5:ba:8d:49:fa:da:d2:e1:bb:
09:97:ac:7d:94:94:60:e1:ea:63:aa:da:67:fe:38:91:95:44:
3c:3e:56:10:cc:d3:b8:0c:8f:11:51:e8:83:47:1e:a2:20:29:
a3:3b:ed:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUkbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzI5MjAyMTA1WhcNMjUwNDA4MjAyMTA1WjAYMRYw
FAYDVQQDEw02N2U4NTYzNS0wOTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8qSyqqdiZ2yoyRzlDzAaKpg32egKNzvjpFtFFlYFkEPWlphZ7hYMIk4o
GMbm0/ATguu4Hd1Co2x4GxR0G9eijE1nFRy7Ne+p+B6J8RgO+tNo41bPFq3064Ma
N8Srg8CwlaBLKk2jUf9WBnq2lafkch/Hj0PXSnEYeHZmV0J4GgnZz5IA2eEIDi35
bO5iCsoYGbhW0KJ6s3Gm/ytvqh+rKrZUJYlfUx0/G976/mSmJmgk+yDpQYHo5atn
h6n0jVwlxacq8Sq2DpoWfXqUeR4lfjuQHEGP7NTlBwnGmakeqRSbc1TWSc1Cd4P0
yO7/RpNL70aE4U0EVeANMuCgJaM0yQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAqi
TC5Z5/3eMjL/gkDTTl09i+DXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81OTdENTlCNDBDREIxMUYwQjE1NTU0NTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPXIMA0GCSqGSIb3DQEBCwUA
A4IBAQCuWhP9fI22DiTpZGVC3Mu20dTFTqgO2zxJ4egXlKtkirPwxYA9as7lP3Me
rrXBpL8rjADVenDSLUUwcA+ZuL+V07zLUKWpVvYeGyDE/qylekfSCy2Ujk1K35Js
2kuGo4jGlEJT3Y+JJygztnWuu2pGHhePveZV8Awd3oro89YR0OQbcf4q6qtPzuAF
hG83qnNblM3Qyz2IMbjZcbEExB3q4nlDqZWOJ0IrfgF4rff0hSX0uW3kDpjNS1Tt
vG9ASppVQ45Uy9mEeV6yBngNkGnFuo1J+trS4bsJl6x9lJRg4epjqtpn/jiRlUQ8
PlYQzNO4DI8RUeiDRx6iICmjO+3N
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:29 2025 by rpki-client