Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DFABFB4F2CC11EF9B787156762E951A.roa
File: 5DFABFB4F2CC11EF9B787156762E951A.roa (raw, json)
Hash identifier: EEjJyuVZxb+iR6OCvnhUtXPiRFa7GvIL/lsd3XbN1UQ=
Subject key identifier: 0A:37:1D:44:5B:85:B1:A4:23:D4:0E:8A:B0:FF:52:78:02:2C:0A:D1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012C5E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DFABFB4F2CC11EF9B787156762E951A.roa
Signing time: Mon 24 Feb 2025 16:28:24 +0000
ROA not before: Mon 24 Feb 2025 16:28:20 +0000
ROA not after: Sat 05 Apr 2025 16:28:20 +0000
asID: 216047
IP address blocks: 156.234.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 16:28:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76894 (0x12c5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 24 16:28:20 2025 GMT
Not After : Apr 5 16:28:20 2025 GMT
Subject: CN=67bc9e27-48c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4f:19:90:cd:09:b8:e0:6d:47:bd:7c:41:b5:
ab:54:e4:72:83:76:36:50:48:a0:9a:34:0a:14:30:
60:52:35:40:20:d3:1a:3f:a7:04:40:25:70:b5:e1:
aa:0c:91:b9:f8:f8:9d:c5:d0:82:e7:2b:61:eb:c1:
ce:fd:a4:ac:10:df:a0:d4:ff:f5:41:21:05:ae:2c:
fc:2d:d1:25:c5:94:1e:e7:e2:5c:6b:f2:d7:b5:6b:
65:56:0b:77:09:78:f9:b3:10:18:5b:5b:ef:99:a5:
18:cd:5b:0e:22:d8:1a:91:c0:da:9c:4f:a0:30:0d:
51:1f:12:9f:c8:4a:b9:6b:24:c2:1b:71:06:f4:90:
fa:a9:47:07:b0:4e:96:a2:57:d3:4f:32:6a:39:ef:
fc:35:bb:31:9f:5d:7c:7b:52:ee:d4:95:b9:81:64:
d1:eb:57:68:59:9a:57:73:3d:a9:2a:c6:fc:24:71:
54:07:d4:64:66:7d:5e:e2:5c:8d:7d:aa:fc:31:ad:
b7:8d:5d:66:7d:7e:17:8a:de:ed:d3:33:63:fc:a6:
b8:a8:bc:05:e0:1e:d5:0e:4a:95:19:fd:b7:65:3e:
dc:c3:aa:74:c5:41:d0:4e:0d:e0:5e:6d:d7:71:ae:
4b:4a:97:2e:86:2b:33:47:48:ad:b3:75:3f:75:9d:
79:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:37:1D:44:5B:85:B1:A4:23:D4:0E:8A:B0:FF:52:78:02:2C:0A:D1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5DFABFB4F2CC11EF9B787156762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.234.123.0/24
Signature Algorithm: sha256WithRSAEncryption
89:ae:b0:db:a1:75:cf:1c:89:ff:a7:13:be:fd:1a:ba:59:5f:
85:57:7a:78:5c:84:2d:77:61:71:56:c9:cd:05:7d:d3:2d:a8:
10:9b:8f:93:9f:33:75:3c:bc:8d:6a:23:fb:1f:c0:5e:eb:80:
24:60:14:30:31:e0:bb:cc:eb:54:d8:93:11:9f:2e:0e:1b:96:
26:17:37:40:5d:fd:8b:51:57:97:0d:7b:fe:d0:81:cf:14:41:
9e:be:42:9b:cb:a8:8e:95:5c:e0:a8:7d:f3:0d:b0:d2:71:a4:
5d:75:07:94:c2:07:a1:48:db:6f:ad:47:69:d0:f4:11:99:42:
da:33:ef:9d:8f:8e:40:d8:33:75:77:2b:9b:5c:de:1b:31:b4:
26:d8:9d:eb:17:8a:79:ac:e7:3a:e8:10:2b:53:1e:46:50:22:
4b:16:38:b3:fd:ee:e8:77:ea:2b:1e:02:36:07:bc:fd:e5:85:
54:a7:5e:d5:ad:30:5b:ed:6b:4a:75:3e:83:14:ad:cc:77:54:
46:2f:25:53:65:a1:67:01:3c:c1:2f:45:36:ee:51:e9:8d:1d:
ee:28:f3:7f:a9:f9:bf:79:4d:56:24:f3:5f:fe:58:96:ec:2d:
25:d2:90:ea:54:3d:6d:c1:17:c6:6d:cd:02:eb:5d:e5:ad:57:
3e:d1:12:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASxeMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI0MTYyODIwWhcNMjUwNDA1MTYyODIwWjAYMRYw
FAYDVQQDEw02N2JjOWUyNy00OGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0U8ZkM0JuOBtR718QbWrVORyg3Y2UEigmjQKFDBgUjVAINMaP6cEQCVw
teGqDJG5+PidxdCC5yth68HO/aSsEN+g1P/1QSEFriz8LdElxZQe5+Jca/LXtWtl
Vgt3CXj5sxAYW1vvmaUYzVsOItgakcDanE+gMA1RHxKfyEq5ayTCG3EG9JD6qUcH
sE6WolfTTzJqOe/8Nbsxn118e1Lu1JW5gWTR61doWZpXcz2pKsb8JHFUB9RkZn1e
4lyNfar8Ma23jV1mfX4Xit7t0zNj/Ka4qLwF4B7VDkqVGf23ZT7cw6p0xUHQTg3g
Xm3Xca5LSpcuhiszR0its3U/dZ15dQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAo3
HURbhbGkI9QOirD/UngCLArRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81REZBQkZCNEYyQ0MxMUVGOUI3ODcxNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOp7MA0GCSqGSIb3DQEBCwUA
A4IBAQCJrrDboXXPHIn/pxO+/Rq6WV+FV3p4XIQtd2FxVsnNBX3TLagQm4+TnzN1
PLyNaiP7H8Be64AkYBQwMeC7zOtU2JMRny4OG5YmFzdAXf2LUVeXDXv+0IHPFEGe
vkKby6iOlVzgqH3zDbDScaRddQeUwgehSNtvrUdp0PQRmULaM++dj45A2DN1dyub
XN4bMbQm2J3rF4p5rOc66BArUx5GUCJLFjiz/e7od+orHgI2B7z95YVUp17VrTBb
7WtKdT6DFK3Md1RGLyVTZaFnATzBL0U27lHpjR3uKPN/qfm/eU1WJPNf/liW7C0l
0pDqVD1twRfGbc0C613lrVc+0RLG
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:07 2025 by rpki-client