Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B7C0DDECC9211EF8E5EDD5E762E951A.roa
File: 5B7C0DDECC9211EF8E5EDD5E762E951A.roa (raw, json)
Hash identifier: rjZf4LIpSVQMRWJ7xSS9T003tr9koApT+v77Nt1ZbXc=
Subject key identifier: E0:B3:2A:FF:08:3A:FA:30:8F:27:1E:25:C7:82:4D:18:6F:FE:CB:7F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F915
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B7C0DDECC9211EF8E5EDD5E762E951A.roa
Signing time: Tue 07 Jan 2025 00:57:24 +0000
ROA not before: Tue 07 Jan 2025 00:00:21 +0000
ROA not after: Sat 13 Dec 2025 00:00:21 +0000
asID: 984
IP address blocks: 156.227.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63765 (0xf915)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 00:00:21 2025 GMT
Not After : Dec 13 00:00:21 2025 GMT
Subject: CN=677c7bf4-0242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f5:24:0f:5b:a7:6f:f9:9b:72:4f:de:2a:3a:
c8:8c:a7:a2:a6:24:ab:ef:66:65:dc:ed:2a:67:35:
21:98:15:e8:55:28:37:71:4a:c2:18:13:f1:f8:0d:
f6:80:e3:05:fa:1c:91:4a:98:fc:55:14:c6:c5:e7:
b3:e4:ae:ca:34:cd:23:f3:ed:bb:6f:94:56:de:75:
52:19:e5:4f:bf:90:ed:8d:35:c7:02:b2:f0:d5:17:
d3:b1:64:6e:22:0e:16:f8:8d:62:76:4b:04:0b:fa:
e6:e8:45:c8:f0:4d:72:22:16:1c:c3:37:2d:6d:d7:
d8:84:60:f3:09:f5:19:84:e5:37:a1:f7:fd:90:f3:
a1:d4:47:b0:41:c7:93:8e:d8:0b:db:da:1e:6c:31:
ad:6d:83:7b:ac:42:c6:b2:9a:ac:bb:b5:1c:5d:b1:
34:17:1b:e9:aa:a3:d8:41:17:c6:78:ae:ec:6c:28:
22:e9:c3:4a:8e:da:b1:dc:8c:31:05:8e:ed:4d:8c:
75:d2:ae:b2:27:5d:91:ac:69:35:22:08:72:10:77:
66:92:39:7c:47:6e:18:2b:4d:97:28:63:13:36:e9:
bf:11:6e:83:e6:12:c4:6d:66:b9:b1:4c:69:23:9b:
4b:20:13:e8:44:5e:fa:99:90:30:57:f7:e6:60:13:
73:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B3:2A:FF:08:3A:FA:30:8F:27:1E:25:C7:82:4D:18:6F:FE:CB:7F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5B7C0DDECC9211EF8E5EDD5E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.10.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:71:54:7f:68:78:ef:ed:1f:9b:1a:67:c6:ac:77:4d:aa:9f:
10:1e:31:11:40:63:6d:36:61:a6:af:1f:6f:1e:01:52:7a:64:
23:be:26:7c:e8:d9:ad:72:77:c7:2f:1d:d7:f6:c4:81:0d:f5:
d6:bb:4c:2a:2c:7d:29:1d:73:bc:f0:cd:84:b4:71:97:f0:45:
01:46:fe:45:ea:80:ac:49:10:dd:7f:97:5b:aa:c2:9a:e3:0d:
71:f9:f0:84:75:8c:7a:a4:fd:c9:ac:bc:49:97:fa:da:b3:97:
a2:15:d4:72:98:df:d2:db:65:15:90:24:29:ba:b4:27:43:2d:
f8:6b:de:20:e6:3a:2f:bc:29:92:17:47:33:7f:c8:d9:2e:19:
20:00:a8:c8:0f:67:9f:8f:16:06:08:24:96:30:5a:ec:bc:9a:
31:70:34:30:64:8d:46:86:20:c4:56:78:1e:91:03:c6:d0:7c:
63:ab:8e:bd:93:2e:e9:61:64:1e:d7:3e:01:55:d3:c8:3e:7b:
48:4f:40:f7:6d:41:45:16:a0:96:54:da:09:98:60:24:f5:d9:
c3:90:2c:43:c0:3c:04:9b:fa:51:d6:2d:8f:46:60:de:f9:f9:
e2:d2:50:f9:3e:94:fe:bc:0b:15:c7:17:27:25:d3:4d:33:ca:
87:eb:66:54
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDAwMDIxWhcNMjUxMjEzMDAwMDIxWjAYMRYw
FAYDVQQDEw02NzdjN2JmNC0wMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4/UkD1unb/mbck/eKjrIjKeipiSr72Zl3O0qZzUhmBXoVSg3cUrCGBPx
+A32gOMF+hyRSpj8VRTGxeez5K7KNM0j8+27b5RW3nVSGeVPv5DtjTXHArLw1RfT
sWRuIg4W+I1idksEC/rm6EXI8E1yIhYcwzctbdfYhGDzCfUZhOU3off9kPOh1Eew
QceTjtgL29oebDGtbYN7rELGspqsu7UcXbE0FxvpqqPYQRfGeK7sbCgi6cNKjtqx
3IwxBY7tTYx10q6yJ12RrGk1IghyEHdmkjl8R24YK02XKGMTNum/EW6D5hLEbWa5
sUxpI5tLIBPoRF76mZAwV/fmYBNzwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOCz
Kv8IOvowjyceJceCTRhv/st/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81QjdDMERERUNDOTIxMUVGOEU1RURENUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOMKMA0GCSqGSIb3DQEBCwUA
A4IBAQCmcVR/aHjv7R+bGmfGrHdNqp8QHjERQGNtNmGmrx9vHgFSemQjviZ86Nmt
cnfHLx3X9sSBDfXWu0wqLH0pHXO88M2EtHGX8EUBRv5F6oCsSRDdf5dbqsKa4w1x
+fCEdYx6pP3JrLxJl/ras5eiFdRymN/S22UVkCQpurQnQy34a94g5jovvCmSF0cz
f8jZLhkgAKjID2efjxYGCCSWMFrsvJoxcDQwZI1GhiDEVngekQPG0Hxjq469ky7p
YWQe1z4BVdPIPntIT0D3bUFFFqCWVNoJmGAk9dnDkCxDwDwEm/pR1i2PRmDe+fni
0lD5PpT+vAsVxxcnJdNNM8qH62ZU
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:33 2025 by rpki-client