Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F12B81CCC9C11EFB58D92A8762E951A.roa
File: 5F12B81CCC9C11EFB58D92A8762E951A.roa (raw, json)
Hash identifier: 1ELro6L6GSSnvEiLZrFhntFlUEHWhkXBdiuyYK7tqfI=
Subject key identifier: 65:AB:80:52:05:68:25:10:01:13:63:10:DA:EF:8C:91:A7:7E:86:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F96A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F12B81CCC9C11EFB58D92A8762E951A.roa
Signing time: Tue 07 Jan 2025 02:09:05 +0000
ROA not before: Tue 07 Jan 2025 02:09:02 +0000
ROA not after: Mon 13 Dec 2027 02:09:02 +0000
asID: 17561
IP address blocks: 156.227.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63850 (0xf96a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 02:09:02 2025 GMT
Not After : Dec 13 02:09:02 2027 GMT
Subject: CN=677c8cc1-3bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4f:63:99:82:59:e5:4e:bc:6b:b6:e0:59:ae:
31:af:af:88:a5:5f:ef:13:6b:da:ea:0d:8b:f7:d8:
07:8f:19:46:20:23:d7:1b:ca:0f:84:81:7b:99:19:
6c:8e:63:46:d6:04:a3:8a:dc:a1:ab:76:2e:6d:9d:
c8:12:d3:c9:94:67:82:e6:f0:d2:10:f3:9b:7d:8e:
d4:68:5b:5e:f5:e2:05:b3:51:6c:06:e3:61:42:6b:
f6:1a:90:9a:0a:d8:37:19:ae:d2:3c:7f:8d:aa:47:
87:9c:1a:8b:54:31:4d:c2:02:1d:da:a0:49:fd:bf:
b2:25:60:52:02:58:81:a4:46:40:94:32:b9:08:23:
96:4a:98:0d:05:f5:05:4f:cd:2e:22:84:1f:5c:7c:
4c:ab:7b:e4:37:cc:96:82:7f:d8:82:c8:48:eb:12:
21:1e:39:49:e6:60:2d:8b:42:67:de:76:a6:b6:57:
05:cb:e2:9d:6f:18:05:02:b3:dc:60:2e:2b:56:9b:
bb:eb:19:ec:13:3b:5b:7c:67:79:f9:c2:fd:98:31:
3c:75:20:bb:39:66:16:3a:76:aa:66:ba:6d:75:40:
08:9a:16:c7:1c:97:a1:65:44:0c:8d:95:81:6f:ec:
7b:00:82:51:c2:6f:26:fb:11:cc:36:49:23:e9:19:
8c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AB:80:52:05:68:25:10:01:13:63:10:DA:EF:8C:91:A7:7E:86:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5F12B81CCC9C11EFB58D92A8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.107.0/24
Signature Algorithm: sha256WithRSAEncryption
49:2a:ff:b0:58:f5:45:ed:d6:66:98:3a:ec:08:7d:44:7a:f3:
00:04:75:45:d1:35:dd:c0:62:05:01:ef:67:d3:5a:c4:8b:42:
90:ac:4f:a1:2a:7d:96:9d:f5:2e:a4:a3:f2:7b:17:46:1e:87:
4d:c1:d8:07:1b:84:a4:87:17:33:a3:d8:aa:da:c8:7f:d5:da:
ac:68:a7:b1:ec:24:2a:df:0e:dc:e4:57:fe:71:98:c6:9b:5a:
95:f0:00:c7:30:a7:97:2a:e5:3f:c5:4a:a1:a3:7a:dd:68:df:
94:91:a9:93:da:2c:1b:7a:8b:0a:19:45:21:e5:82:e1:31:b1:
96:74:63:0e:84:08:50:b3:a3:00:8f:4e:51:34:92:60:c7:4a:
6d:bb:04:c6:1b:36:0b:ac:fb:52:1d:9b:ec:9b:bc:80:33:0b:
d8:40:77:d7:36:c1:22:af:41:19:1a:f7:d5:ba:6d:34:76:21:
1f:f2:2a:a3:d9:3b:b6:a7:ec:4c:0a:33:90:01:47:8e:52:67:
e1:a9:fa:ff:17:b9:87:fd:eb:79:9c:6f:64:b9:70:eb:57:65:
f0:50:52:e1:58:03:b2:d6:05:e4:07:ae:0d:f8:eb:db:15:df:
75:05:c9:7e:6a:d4:a1:15:ef:9e:df:75:2f:a0:b4:cd:7f:ab:
07:f7:1a:e0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPlqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDIwOTAyWhcNMjcxMjEzMDIwOTAyWjAYMRYw
FAYDVQQDEw02NzdjOGNjMS0zYmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4U9jmYJZ5U68a7bgWa4xr6+IpV/vE2va6g2L99gHjxlGICPXG8oPhIF7
mRlsjmNG1gSjityhq3YubZ3IEtPJlGeC5vDSEPObfY7UaFte9eIFs1FsBuNhQmv2
GpCaCtg3Ga7SPH+NqkeHnBqLVDFNwgId2qBJ/b+yJWBSAliBpEZAlDK5CCOWSpgN
BfUFT80uIoQfXHxMq3vkN8yWgn/YgshI6xIhHjlJ5mAti0Jn3namtlcFy+KdbxgF
ArPcYC4rVpu76xnsEztbfGd5+cL9mDE8dSC7OWYWOnaqZrptdUAImhbHHJehZUQM
jZWBb+x7AIJRwm8m+xHMNkkj6RmMoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGWr
gFIFaCUQARNjENrvjJGnfoaLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81RjEyQjgxQ0NDOUMxMUVGQjU4RDkyQTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONrMA0GCSqGSIb3DQEBCwUA
A4IBAQBJKv+wWPVF7dZmmDrsCH1EevMABHVF0TXdwGIFAe9n01rEi0KQrE+hKn2W
nfUupKPyexdGHodNwdgHG4Skhxczo9iq2sh/1dqsaKex7CQq3w7c5Ff+cZjGm1qV
8ADHMKeXKuU/xUqho3rdaN+UkamT2iwbeosKGUUh5YLhMbGWdGMOhAhQs6MAj05R
NJJgx0ptuwTGGzYLrPtSHZvsm7yAMwvYQHfXNsEir0EZGvfVum00diEf8iqj2Tu2
p+xMCjOQAUeOUmfhqfr/F7mH/et5nG9kuXDrV2XwUFLhWAOy1gXkB64N+OvbFd91
Bcl+atShFe+e33UvoLTNf6sH9xrg
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:09 2025 by rpki-client