Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75EF70D0CD0E11EFB313CE83762E951A.roa
File: 75EF70D0CD0E11EFB313CE83762E951A.roa (raw, json)
Hash identifier: ihPiza4Gsb/3vICBmcyrWYVhkyp5UzHVIQ5G2HOWrPU=
Subject key identifier: F0:55:89:3D:AA:FA:58:B2:E5:82:DE:24:D4:D0:7F:06:B3:49:F4:4A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCDD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75EF70D0CD0E11EFB313CE83762E951A.roa
Signing time: Tue 07 Jan 2025 15:45:46 +0000
ROA not before: Tue 07 Jan 2025 15:45:43 +0000
ROA not after: Mon 13 Dec 2027 15:45:43 +0000
asID: 17561
IP address blocks: 156.239.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64733 (0xfcdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:45:43 2025 GMT
Not After : Dec 13 15:45:43 2027 GMT
Subject: CN=677d4c2a-c969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:de:07:6b:56:dd:66:80:a8:be:34:7a:c5:d7:
00:65:9c:57:1f:71:7a:fd:db:6e:61:8a:8b:0b:e5:
70:91:71:85:2f:29:52:16:e6:ff:cb:a3:de:9d:0b:
e5:44:ce:f3:08:29:67:7e:94:02:73:52:3c:c5:57:
8f:d0:f6:6d:2c:be:27:19:a1:37:37:4b:ec:96:03:
14:0a:ea:d9:f5:40:0f:54:4c:0f:26:85:27:dc:78:
c8:e5:1c:73:40:eb:04:f0:a9:81:48:02:b9:65:1c:
b3:5e:4d:bf:41:a2:d7:8e:f8:b7:99:b5:3f:86:52:
87:41:68:03:aa:ef:ec:a1:35:6e:53:a1:a8:5c:0a:
2c:f0:48:50:da:93:8e:ff:30:46:db:d8:68:b8:86:
fe:99:94:df:89:e1:15:e4:49:75:ba:f5:0b:8e:8c:
f1:52:da:6c:7c:94:13:cd:84:5e:fd:8a:5b:49:46:
30:90:53:5f:6d:5d:ed:ed:61:a5:cf:c2:49:0b:0f:
89:c5:18:36:f1:47:7e:b6:13:21:3c:37:71:3b:82:
06:f8:1e:f6:69:32:26:47:a4:cf:a3:fc:5d:2c:32:
d8:b8:97:1c:cd:c1:d4:b6:c2:7a:f9:73:5e:ea:f0:
b3:de:ef:81:ad:26:e9:83:e1:ff:8e:82:4d:a1:e1:
76:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:55:89:3D:AA:FA:58:B2:E5:82:DE:24:D4:D0:7F:06:B3:49:F4:4A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/75EF70D0CD0E11EFB313CE83762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.145.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:16:a9:0d:44:fc:c4:44:f5:00:81:57:74:e4:49:1a:09:26:
b3:6a:1f:7c:b4:44:73:c4:06:97:21:7a:3d:50:c8:39:3f:d1:
68:1a:e6:03:58:4f:d1:f9:fa:80:44:9c:21:8c:8d:e7:a1:14:
d3:27:68:58:b2:50:22:41:1a:b0:20:26:f6:df:69:af:f7:36:
71:ec:e5:01:42:b7:cd:3f:3c:3c:c7:f2:5d:80:09:a0:4a:3d:
00:08:4d:8b:5d:65:aa:c2:bd:a2:b4:11:ee:44:a8:82:ca:aa:
74:47:a8:1c:b0:8d:4a:bd:a4:17:bc:fa:29:11:e1:47:1c:39:
4a:06:91:2c:60:b2:8b:7a:53:8f:53:27:6e:89:44:d7:ec:9c:
de:c2:10:fe:cd:08:a2:12:d4:4b:89:ae:cb:d8:fa:9b:73:e6:
a2:b8:f4:b6:0e:fd:51:44:b3:25:4c:b7:56:95:77:df:6c:b6:
37:89:87:b4:23:8e:f3:f5:43:a8:61:72:bb:22:f2:91:a5:ec:
d9:ac:78:0c:83:ad:db:d6:43:74:5c:15:b3:6c:08:53:b0:33:
3b:2a:4c:fe:40:18:be:cd:85:f6:14:6f:2e:57:43:7c:88:aa:
46:91:48:7b:36:35:67:22:97:1a:29:36:58:df:30:17:44:52:
34:ef:a5:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTU0NTQzWhcNMjcxMjEzMTU0NTQzWjAYMRYw
FAYDVQQDEw02NzdkNGMyYS1jOTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzN4Ha1bdZoCovjR6xdcAZZxXH3F6/dtuYYqLC+VwkXGFLylSFub/y6Pe
nQvlRM7zCClnfpQCc1I8xVeP0PZtLL4nGaE3N0vslgMUCurZ9UAPVEwPJoUn3HjI
5RxzQOsE8KmBSAK5ZRyzXk2/QaLXjvi3mbU/hlKHQWgDqu/soTVuU6GoXAos8EhQ
2pOO/zBG29houIb+mZTfieEV5El1uvULjozxUtpsfJQTzYRe/YpbSUYwkFNfbV3t
7WGlz8JJCw+JxRg28Ud+thMhPDdxO4IG+B72aTImR6TPo/xdLDLYuJcczcHUtsJ6
+XNe6vCz3u+BrSbpg+H/joJNoeF2cwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPBV
iT2q+liy5YLeJNTQfwazSfRKMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NUVGNzBEMENEMEUxMUVGQjMxM0NFODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO+RMA0GCSqGSIb3DQEBCwUA
A4IBAQC4FqkNRPzERPUAgVd05EkaCSazah98tERzxAaXIXo9UMg5P9FoGuYDWE/R
+fqARJwhjI3noRTTJ2hYslAiQRqwICb232mv9zZx7OUBQrfNPzw8x/JdgAmgSj0A
CE2LXWWqwr2itBHuRKiCyqp0R6gcsI1KvaQXvPopEeFHHDlKBpEsYLKLelOPUydu
iUTX7JzewhD+zQiiEtRLia7L2Pqbc+aiuPS2Dv1RRLMlTLdWlXffbLY3iYe0I47z
9UOoYXK7IvKRpezZrHgMg63b1kN0XBWzbAhTsDM7Kkz+QBi+zYX2FG8uV0N8iKpG
kUh7NjVnIpcaKTZY3zAXRFI076VV
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:25 2025 by rpki-client