Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7361E064CD4511EFAC53CC5D762E951A.roa
File: 7361E064CD4511EFAC53CC5D762E951A.roa (raw, json)
Hash identifier: zVYB/CtEV2MZw8Tv1FVClHJOrjNIu3aOM7DEoW0OvcU=
Subject key identifier: 15:EE:0C:DC:12:3C:04:20:2E:84:4D:B9:A2:85:F3:54:0D:A7:95:AD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE93
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7361E064CD4511EFAC53CC5D762E951A.roa
Signing time: Tue 07 Jan 2025 22:19:24 +0000
ROA not before: Tue 07 Jan 2025 22:19:21 +0000
ROA not after: Sat 13 Dec 2025 22:19:21 +0000
asID: 984
IP address blocks: 156.243.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65171 (0xfe93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:19:21 2025 GMT
Not After : Dec 13 22:19:21 2025 GMT
Subject: CN=677da86c-081b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:7f:91:87:ce:97:b2:2a:9c:d0:5d:6d:92:
06:b8:88:8c:ad:3b:ba:0f:6e:5b:a6:24:6d:d3:48:
5d:1b:40:42:b7:b3:a6:ae:75:ed:e7:d6:f5:82:70:
ee:97:16:f8:7b:fc:6c:ec:18:93:ea:3c:19:1f:27:
18:aa:03:d3:6d:2e:79:f9:fc:dd:42:32:43:4e:b3:
64:b1:82:1d:9c:13:ba:00:e3:8a:d0:c0:91:b2:4a:
fc:c4:21:ab:b1:e5:d5:30:63:ed:7b:9b:9b:0a:da:
b8:c0:f6:3f:4e:58:cf:ae:f2:b7:f7:9a:42:00:14:
53:cf:4d:ed:34:c3:0f:3d:56:78:f5:eb:dd:d9:68:
99:ff:0b:dc:0f:61:93:fd:0b:c6:1b:fe:b6:f3:c2:
fa:f0:e6:e4:a7:ff:41:43:e2:d9:24:65:88:6a:c0:
24:ce:a5:ad:81:43:3c:ae:19:1b:29:c3:ec:df:73:
e3:e2:63:3c:30:de:72:7c:0c:02:74:4b:3c:92:74:
61:24:a6:4e:c1:d9:48:43:e9:5e:79:ba:fb:e7:be:
dd:24:89:d7:23:b2:b5:01:58:bf:d1:c7:c5:16:58:
75:88:6b:e4:88:ed:96:2d:4d:bc:55:d7:9b:c0:a6:
33:4c:0d:9f:27:56:8e:2d:1c:1c:03:09:22:0c:e2:
97:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EE:0C:DC:12:3C:04:20:2E:84:4D:B9:A2:85:F3:54:0D:A7:95:AD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7361E064CD4511EFAC53CC5D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.117.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:48:f2:2f:06:f0:46:1e:9f:17:a1:2c:eb:91:1b:c0:07:0f:
86:66:c2:e3:b3:ec:93:f3:8b:31:7c:50:cd:43:8c:51:d1:36:
a8:6e:53:2d:49:31:96:fb:90:01:a6:1c:84:02:50:c2:5a:88:
e2:1c:01:14:db:c4:79:29:a2:01:29:26:c5:5f:92:8c:a2:9b:
a9:4c:02:51:e0:6d:40:34:aa:6c:92:a0:0d:2a:7f:f0:ac:92:
b4:5f:a3:86:d9:44:ee:43:b5:2d:cb:0c:8e:04:e3:4d:50:af:
c8:c3:d6:e9:a7:27:a1:88:53:40:6a:be:3f:1b:2f:9c:4a:12:
41:42:69:64:21:c9:4a:a1:b0:35:5c:39:4b:30:16:14:77:e1:
32:86:58:9e:0b:f1:03:75:52:15:ea:ef:1f:5b:d4:40:c3:82:
b8:55:86:70:25:bd:48:d0:22:73:4c:ea:81:58:a9:81:b4:91:
03:25:94:3d:40:28:15:ce:23:31:52:24:df:e7:b7:e3:16:96:
88:de:93:e4:f6:95:4c:48:66:30:1a:6a:98:7c:84:63:5c:ce:
7e:3d:b6:54:fd:ae:45:69:e8:5c:4f:e8:4f:95:3e:c2:a1:a3:
d6:2c:48:f0:bd:8a:7c:ef:ec:04:85:d7:f2:04:11:c1:62:34:
86:41:47:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIxOTIxWhcNMjUxMjEzMjIxOTIxWjAYMRYw
FAYDVQQDEw02NzdkYTg2Yy0wODFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqg9/kYfOl7IqnNBdbZIGuIiMrTu6D25bpiRt00hdG0BCt7OmrnXt59b1
gnDulxb4e/xs7BiT6jwZHycYqgPTbS55+fzdQjJDTrNksYIdnBO6AOOK0MCRskr8
xCGrseXVMGPte5ubCtq4wPY/TljPrvK395pCABRTz03tNMMPPVZ49evd2WiZ/wvc
D2GT/QvGG/6288L68Obkp/9BQ+LZJGWIasAkzqWtgUM8rhkbKcPs33Pj4mM8MN5y
fAwCdEs8knRhJKZOwdlIQ+leebr7577dJInXI7K1AVi/0cfFFlh1iGvkiO2WLU28
VdebwKYzTA2fJ1aOLRwcAwkiDOKXbQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBXu
DNwSPAQgLoRNuaKF81QNp5WtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83MzYxRTA2NENENDUxMUVGQUM1M0NDNUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPN1MA0GCSqGSIb3DQEBCwUA
A4IBAQClSPIvBvBGHp8XoSzrkRvABw+GZsLjs+yT84sxfFDNQ4xR0TaoblMtSTGW
+5ABphyEAlDCWojiHAEU28R5KaIBKSbFX5KMopupTAJR4G1ANKpskqANKn/wrJK0
X6OG2UTuQ7UtywyOBONNUK/Iw9bppyehiFNAar4/Gy+cShJBQmlkIclKobA1XDlL
MBYUd+EyhlieC/EDdVIV6u8fW9RAw4K4VYZwJb1I0CJzTOqBWKmBtJEDJZQ9QCgV
ziMxUiTf57fjFpaI3pPk9pVMSGYwGmqYfIRjXM5+PbZU/a5FaehcT+hPlT7CoaPW
LEjwvYp87+wEhdfyBBHBYjSGQUfC
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:21 2025 by rpki-client