Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/828F6FF8D2FD11EFBEB67FBA762E951A.roa
File: 828F6FF8D2FD11EFBEB67FBA762E951A.roa (raw, json)
Hash identifier: o7ZtB4KsIj4O+LnfNLErUVTKcwJWcWF3sGLLFkRv/pY=
Subject key identifier: BC:A7:9D:FD:A4:D4:F6:84:D1:90:B5:08:67:86:2A:21:D9:A2:22:8B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107D5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/828F6FF8D2FD11EFBEB67FBA762E951A.roa
Signing time: Wed 15 Jan 2025 04:59:33 +0000
ROA not before: Wed 15 Jan 2025 04:59:29 +0000
ROA not after: Mon 03 Jan 2028 04:59:29 +0000
asID: 17561
IP address blocks: 156.254.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67541 (0x107d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:59:29 2025 GMT
Not After : Jan 3 04:59:29 2028 GMT
Subject: CN=678740b5-6f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cc:f4:6d:78:6e:e9:83:e2:73:32:5f:cd:40:
9b:bd:6d:de:a9:ad:37:6e:5f:3f:f7:c9:4e:7b:1d:
e2:6d:b4:2d:94:db:46:f7:ea:e8:35:27:4a:fd:61:
86:55:bf:64:b0:bc:0f:96:cc:5d:a1:6f:2d:31:c9:
5d:52:6b:01:bd:96:f9:7c:26:f5:a4:39:03:b1:cb:
46:d8:bb:ce:b4:32:28:89:8f:32:90:65:33:86:f1:
02:01:f6:29:e5:60:e7:cf:d3:ad:14:98:ee:57:41:
58:1b:52:dc:24:63:30:c3:e2:15:d7:53:f7:4d:83:
91:00:77:14:07:7b:d7:a8:3f:de:b6:e0:c0:f4:c4:
75:6a:39:23:82:5a:0d:31:c3:9e:36:de:95:53:dc:
49:67:54:c3:4d:2b:a6:06:f1:89:ce:c5:86:64:7f:
2f:c7:db:56:d1:4b:52:96:de:cb:82:5a:d5:81:10:
3c:42:f4:a8:f9:6a:35:cd:8f:16:cc:25:df:d1:b8:
aa:e5:34:8c:71:22:05:a0:f6:e4:7c:eb:61:1c:80:
db:ea:55:1a:fe:fb:87:31:46:09:d8:ae:d6:dc:63:
bb:72:3d:5b:ee:6f:31:2b:32:14:76:bb:ad:4a:6f:
8c:d6:b4:aa:9a:3a:f6:63:2e:49:21:83:8d:96:34:
f4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A7:9D:FD:A4:D4:F6:84:D1:90:B5:08:67:86:2A:21:D9:A2:22:8B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/828F6FF8D2FD11EFBEB67FBA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.21.0/24
Signature Algorithm: sha256WithRSAEncryption
12:87:6d:e7:ce:de:12:0f:ba:57:81:1a:88:0b:76:54:0c:a6:
4e:5c:31:7f:3a:f0:d4:a2:2d:bd:01:cb:20:57:48:ae:17:a5:
ec:79:8f:a4:83:ad:0e:18:d7:3a:bc:e7:48:1c:b5:5d:d0:fb:
e2:9f:88:c2:ac:4a:2f:ed:6e:02:03:16:c2:9f:b4:4f:8e:bd:
47:f6:cc:cc:9a:52:e4:64:29:c4:8b:1a:ee:d5:14:8a:29:0e:
ef:a1:27:df:eb:e8:77:2b:db:d9:24:94:6f:b4:00:76:6b:19:
21:6e:7a:82:e6:2c:ef:4d:24:25:67:84:1b:4d:89:3f:a6:17:
8a:95:68:af:79:2d:d3:6f:d1:11:e0:8c:4b:98:29:33:0f:fd:
b3:9f:68:4e:57:99:b2:d4:7f:15:63:ed:69:c6:72:5b:90:f8:
f8:c3:72:4f:db:53:3f:94:54:71:9f:5b:e1:25:b6:8b:5b:c4:
86:80:7d:40:7e:6c:54:f8:15:49:f0:68:f2:fa:b8:f3:af:70:
84:1a:c3:0a:e0:f7:31:83:03:24:aa:bf:56:77:14:79:33:d0:
9b:cb:a4:94:25:7d:eb:4a:ec:6e:43:d9:cf:80:4f:fb:e6:43:
71:e1:20:df:57:9e:08:f8:8e:9e:1a:ca:09:9d:3a:01:43:22:
a7:85:6c:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQfVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQ1OTI5WhcNMjgwMTAzMDQ1OTI5WjAYMRYw
FAYDVQQDEw02Nzg3NDBiNS02ZjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArMz0bXhu6YPiczJfzUCbvW3eqa03bl8/98lOex3ibbQtlNtG9+roNSdK
/WGGVb9ksLwPlsxdoW8tMcldUmsBvZb5fCb1pDkDsctG2LvOtDIoiY8ykGUzhvEC
AfYp5WDnz9OtFJjuV0FYG1LcJGMww+IV11P3TYORAHcUB3vXqD/etuDA9MR1ajkj
gloNMcOeNt6VU9xJZ1TDTSumBvGJzsWGZH8vx9tW0UtSlt7LglrVgRA8QvSo+Wo1
zY8WzCXf0biq5TSMcSIFoPbkfOthHIDb6lUa/vuHMUYJ2K7W3GO7cj1b7m8xKzIU
drutSm+M1rSqmjr2Yy5JIYONljT0WwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLyn
nf2k1PaE0ZC1CGeGKiHZoiKLMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84MjhGNkZGOEQyRkQxMUVGQkVCNjdGQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4VMA0GCSqGSIb3DQEBCwUA
A4IBAQASh23nzt4SD7pXgRqIC3ZUDKZOXDF/OvDUoi29AcsgV0iuF6XseY+kg60O
GNc6vOdIHLVd0Pvin4jCrEov7W4CAxbCn7RPjr1H9szMmlLkZCnEixru1RSKKQ7v
oSff6+h3K9vZJJRvtAB2axkhbnqC5izvTSQlZ4QbTYk/pheKlWiveS3Tb9ER4IxL
mCkzD/2zn2hOV5my1H8VY+1pxnJbkPj4w3JP21M/lFRxn1vhJbaLW8SGgH1AfmxU
+BVJ8Gjy+rjzr3CEGsMK4PcxgwMkqr9WdxR5M9Cby6SUJX3rSuxuQ9nPgE/75kNx
4SDfV54I+I6eGsoJnToBQyKnhWzA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:22 2025 by rpki-client