Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CA450D0F47011EFA9E2C096762E951A.roa
File: 5CA450D0F47011EFA9E2C096762E951A.roa (raw, json)
Hash identifier: 7bf/mmpq4zgibmqQZHX21UA+jgQuNAekKEXg8eaNrL0=
Subject key identifier: 55:B6:F8:7C:8E:E0:10:2D:35:AC:82:81:05:F4:B1:94:A7:40:4E:DD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013677
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CA450D0F47011EFA9E2C096762E951A.roa
Signing time: Wed 26 Feb 2025 18:34:50 +0000
ROA not before: Wed 26 Feb 2025 18:34:46 +0000
ROA not after: Sat 19 Feb 2028 18:34:46 +0000
asID: 17561
IP address blocks: 156.233.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79479 (0x13677)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 18:34:46 2025 GMT
Not After : Feb 19 18:34:46 2028 GMT
Subject: CN=67bf5eca-0b8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:da:75:52:97:ea:09:0d:4b:39:b2:02:28:f5:
28:f0:ff:6e:e5:a3:c9:d5:97:ed:f7:e0:88:a6:b5:
95:ae:f4:b0:f2:b2:62:33:c1:57:64:2f:fc:40:0b:
0b:49:d5:09:10:23:ff:ba:13:31:f0:0f:27:17:eb:
9c:2b:72:64:89:f4:58:e8:79:d9:04:e8:39:0e:34:
bc:67:96:3c:20:65:72:9c:ed:07:1c:04:4f:88:94:
95:75:c4:3d:94:86:96:b8:3c:b6:36:0d:a7:6c:26:
36:7a:21:79:f1:51:fb:85:ac:fb:2a:7d:7e:aa:58:
94:62:eb:4d:8e:bf:a0:77:8f:d3:a5:34:49:20:be:
92:3c:74:f3:4e:af:d8:73:5b:7d:25:88:07:f1:e2:
c5:88:5e:91:4c:77:54:34:59:9b:cb:56:c7:47:17:
0a:89:bd:07:f2:ed:61:06:4f:7d:b5:ce:68:ab:62:
70:c2:7a:b0:ee:28:77:6b:d6:13:f7:1e:45:83:67:
1d:12:71:a0:57:d5:52:53:51:ff:ab:e9:bd:7c:14:
0c:07:cc:b2:f4:be:a6:e2:d3:85:56:04:ff:c8:5d:
45:6d:29:93:5a:03:f1:f9:52:0d:46:9f:2c:f5:3f:
79:1d:b9:a2:36:9a:38:70:3b:ec:1e:44:f7:35:46:
cb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:B6:F8:7C:8E:E0:10:2D:35:AC:82:81:05:F4:B1:94:A7:40:4E:DD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CA450D0F47011EFA9E2C096762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.223.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:4a:f9:74:df:ff:15:f8:b6:17:4b:ec:30:55:f3:7d:6f:4e:
b2:59:5d:a3:2f:13:dc:90:e4:87:44:ee:ab:b9:5a:a5:e9:69:
56:40:53:b8:e9:27:84:2f:9e:d8:eb:5f:7c:5b:08:af:6d:1f:
7e:2f:77:32:3b:4b:c1:cc:bd:50:86:8a:63:73:bc:2d:45:00:
f7:72:1e:06:13:59:7f:18:e7:26:74:72:8c:1a:57:b7:0b:65:
9c:8b:d6:33:3c:60:89:c8:a4:25:6f:a1:42:e5:07:f4:ae:67:
5d:a4:e8:bd:4a:09:58:96:9a:64:f4:44:d6:46:5f:14:fa:68:
8e:ba:e1:23:58:47:d0:b4:79:84:ce:fa:0b:3e:cd:36:e7:b3:
4a:dc:6f:19:a8:60:59:ac:9f:81:6c:b3:99:7d:d6:ce:54:40:
0e:c5:dd:f8:0f:16:df:f5:a4:2f:86:fb:43:e2:e1:9d:a7:44:
a9:3a:de:93:66:25:b6:55:fb:12:e3:3a:a5:f7:ba:7b:f9:3f:
8d:f4:ab:4c:8e:cc:04:5b:6c:4e:af:e1:1e:0b:96:50:6a:a1:
df:4d:5d:92:ae:1c:38:40:0b:69:19:42:f0:ec:a7:e2:53:27:
44:b8:f6:9c:9a:2e:4f:2d:de:8e:21:9d:39:f7:49:68:1e:05:
ab:16:9b:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATZ3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTgzNDQ2WhcNMjgwMjE5MTgzNDQ2WjAYMRYw
FAYDVQQDEw02N2JmNWVjYS0wYjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5tp1UpfqCQ1LObICKPUo8P9u5aPJ1Zft9+CIprWVrvSw8rJiM8FXZC/8
QAsLSdUJECP/uhMx8A8nF+ucK3JkifRY6HnZBOg5DjS8Z5Y8IGVynO0HHARPiJSV
dcQ9lIaWuDy2Ng2nbCY2eiF58VH7haz7Kn1+qliUYutNjr+gd4/TpTRJIL6SPHTz
Tq/Yc1t9JYgH8eLFiF6RTHdUNFmby1bHRxcKib0H8u1hBk99tc5oq2Jwwnqw7ih3
a9YT9x5Fg2cdEnGgV9VSU1H/q+m9fBQMB8yy9L6m4tOFVgT/yF1FbSmTWgPx+VIN
Rp8s9T95HbmiNpo4cDvsHkT3NUbLKQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFW2
+HyO4BAtNayCgQX0sZSnQE7dMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81Q0E0NTBEMEY0NzAxMUVGQTlFMkMwOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnfMA0GCSqGSIb3DQEBCwUA
A4IBAQC7Svl03/8V+LYXS+wwVfN9b06yWV2jLxPckOSHRO6ruVql6WlWQFO46SeE
L57Y6198WwivbR9+L3cyO0vBzL1Qhopjc7wtRQD3ch4GE1l/GOcmdHKMGle3C2Wc
i9YzPGCJyKQlb6FC5Qf0rmddpOi9SglYlppk9ETWRl8U+miOuuEjWEfQtHmEzvoL
Ps0257NK3G8ZqGBZrJ+BbLOZfdbOVEAOxd34Dxbf9aQvhvtD4uGdp0SpOt6TZiW2
VfsS4zql97p7+T+N9KtMjswEW2xOr+EeC5ZQaqHfTV2Srhw4QAtpGULw7KfiUydE
uPacmi5PLd6OIZ0590loHgWrFpsM
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:30:46 2025 by rpki-client