Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67F8974AC99911EFA9E9B49A762E951A.roa
File: 67F8974AC99911EFA9E9B49A762E951A.roa (raw, json)
Hash identifier: kR8q9/yrOeLaVpAOKI5uUrZXQCKqqzdScxsIU5oRf2w=
Subject key identifier: EF:9B:F5:84:A0:67:C9:6D:9B:FF:A2:66:16:E3:C2:BD:AB:E1:C5:A3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F631
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67F8974AC99911EFA9E9B49A762E951A.roa
Signing time: Fri 03 Jan 2025 06:10:18 +0000
ROA not before: Fri 03 Jan 2025 06:10:15 +0000
ROA not after: Mon 13 Dec 2027 06:10:15 +0000
asID: 17561
IP address blocks: 156.233.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63025 (0xf631)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 06:10:15 2025 GMT
Not After : Dec 13 06:10:15 2027 GMT
Subject: CN=67777f4a-24e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:59:fc:14:ce:46:ef:ab:a6:65:80:98:2e:7a:
0b:31:44:06:b1:bd:35:04:c0:36:ca:e4:d4:cc:6b:
4b:cf:19:ec:69:fa:dd:42:3e:ad:22:ab:08:ff:4a:
06:eb:21:c6:56:ad:e7:53:5e:32:bc:b2:55:d8:47:
10:d7:23:d8:32:62:e2:93:b6:bf:67:4a:cf:34:c0:
d4:92:0b:b0:67:a7:c8:b4:00:81:ac:4c:cf:4b:40:
63:cd:2c:91:24:9a:7b:d5:41:e1:4c:3f:91:fe:ac:
6c:7a:5e:c4:69:c5:47:00:be:56:7d:53:4d:20:a1:
f1:6b:4b:5e:84:da:8f:80:9f:95:95:5c:85:70:c4:
bc:42:e5:c9:34:f1:d9:a5:95:3b:a2:d6:e2:50:6a:
65:67:11:5d:94:f2:e2:60:4c:ce:66:63:d4:54:be:
26:69:11:ab:84:e3:e5:00:33:93:18:2b:f1:da:55:
b7:96:bb:20:89:bf:d2:7b:0e:a1:42:26:55:34:16:
35:c5:da:42:28:77:43:46:4c:31:9f:e6:e8:9d:0f:
fe:cb:38:d0:78:6a:31:da:b2:13:b8:4e:ee:c3:7b:
d5:c9:59:0e:03:06:5d:df:b1:5b:5d:d6:c5:38:fe:
6d:66:71:9c:6d:d7:5b:8a:fa:fe:0c:d2:c6:de:3a:
a0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9B:F5:84:A0:67:C9:6D:9B:FF:A2:66:16:E3:C2:BD:AB:E1:C5:A3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/67F8974AC99911EFA9E9B49A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.157.0/24
Signature Algorithm: sha256WithRSAEncryption
23:76:92:bd:53:70:03:7f:8e:61:75:4c:19:dc:02:99:72:fb:
e1:b2:2d:65:c4:ef:6d:21:6e:d9:0c:e7:73:fa:e6:be:f4:7a:
3d:1e:64:04:89:aa:55:af:70:2b:c0:8b:e3:3d:91:24:22:28:
3c:75:b3:1f:b7:99:76:eb:19:23:de:e4:cd:bd:4c:01:88:91:
90:09:c7:b1:94:e0:0a:0c:15:57:54:e6:1d:90:73:08:d6:f4:
f1:fb:a4:7c:8b:e3:dc:32:9d:2f:f0:aa:26:37:a0:ad:b3:25:
9a:e4:bd:ca:b4:ce:9c:83:b5:e0:19:22:1b:26:b9:ac:c7:35:
de:48:5c:0c:ac:db:d2:d4:62:c4:86:78:e6:ec:d4:0a:30:ce:
ea:b6:cd:be:45:1d:2a:25:0d:47:be:79:35:dc:50:06:79:2c:
bc:92:8f:3e:82:23:5e:1a:c2:87:fc:19:80:0f:7d:7e:14:9d:
50:27:6e:8d:23:9d:e0:48:f0:1e:d5:63:66:8d:1b:59:9b:6e:
5d:21:9e:2c:9b:6b:9c:d6:82:8c:1b:c9:f9:d2:35:73:13:97:
28:d5:07:ab:e9:92:02:22:b6:3f:24:81:23:e3:79:d1:13:ee:
8a:a5:9a:9d:2f:5c:6a:a0:67:32:9a:1d:2e:79:c1:57:9e:ee:
1c:b7:00:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPYxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDYxMDE1WhcNMjcxMjEzMDYxMDE1WjAYMRYw
FAYDVQQDEw02Nzc3N2Y0YS0yNGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzln8FM5G76umZYCYLnoLMUQGsb01BMA2yuTUzGtLzxnsafrdQj6tIqsI
/0oG6yHGVq3nU14yvLJV2EcQ1yPYMmLik7a/Z0rPNMDUkguwZ6fItACBrEzPS0Bj
zSyRJJp71UHhTD+R/qxsel7EacVHAL5WfVNNIKHxa0tehNqPgJ+VlVyFcMS8QuXJ
NPHZpZU7otbiUGplZxFdlPLiYEzOZmPUVL4maRGrhOPlADOTGCvx2lW3lrsgib/S
ew6hQiZVNBY1xdpCKHdDRkwxn+bonQ/+yzjQeGox2rITuE7uw3vVyVkOAwZd37Fb
XdbFOP5tZnGcbddbivr+DNLG3jqgxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO+b
9YSgZ8ltm/+iZhbjwr2r4cWjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82N0Y4OTc0QUM5OTkxMUVGQTlFOUI0OUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmdMA0GCSqGSIb3DQEBCwUA
A4IBAQAjdpK9U3ADf45hdUwZ3AKZcvvhsi1lxO9tIW7ZDOdz+ua+9Ho9HmQEiapV
r3ArwIvjPZEkIig8dbMft5l26xkj3uTNvUwBiJGQCcexlOAKDBVXVOYdkHMI1vTx
+6R8i+PcMp0v8KomN6CtsyWa5L3KtM6cg7XgGSIbJrmsxzXeSFwMrNvS1GLEhnjm
7NQKMM7qts2+RR0qJQ1Hvnk13FAGeSy8ko8+giNeGsKH/BmAD31+FJ1QJ26NI53g
SPAe1WNmjRtZm25dIZ4sm2uc1oKMG8n50jVzE5co1Qer6ZICIrY/JIEj43nRE+6K
pZqdL1xqoGcymh0uecFXnu4ctwCW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:50 2025 by rpki-client