Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6DF9DEEDFEE11EF974F82BA762E951A.roa
File: A6DF9DEEDFEE11EF974F82BA762E951A.roa (raw, json)
Hash identifier: yGI4maK9QD9nTAlcJcvD5SHo4pxZtjH8RBuOBcvkRV4=
Subject key identifier: 24:07:9D:59:90:2E:D7:BD:6A:98:A9:D3:81:C2:47:D1:CA:90:62:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01164F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6DF9DEEDFEE11EF974F82BA762E951A.roa
Signing time: Fri 31 Jan 2025 16:15:57 +0000
ROA not before: Fri 31 Jan 2025 16:15:53 +0000
ROA not after: Sat 03 Jan 2026 16:15:53 +0000
asID: 40065
IP address blocks: 156.235.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71247 (0x1164f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 31 16:15:53 2025 GMT
Not After : Jan 3 16:15:53 2026 GMT
Subject: CN=679cf73d-3ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:50:fc:fb:37:ee:35:f2:9d:4b:81:c3:b0:e6:
f6:67:cf:b5:41:f4:24:f0:f1:31:ac:37:89:9d:9c:
82:5b:a5:d7:99:0a:9a:65:f6:fd:65:18:e8:5c:55:
48:bd:58:b0:cd:a5:a1:dc:a4:d2:01:e2:82:c3:1e:
8c:4a:08:f6:ba:ca:ac:8d:08:f7:2f:84:86:f6:af:
76:10:6b:ce:9f:c8:c9:62:f8:75:3a:fa:d5:ea:91:
05:1c:90:fc:e8:8f:88:dd:37:00:4f:48:28:fd:26:
61:1a:f4:00:a0:bf:02:a1:58:2a:fc:2e:12:bf:d9:
ba:e1:b2:46:04:ba:24:17:16:e5:4f:6d:64:9f:74:
f2:1d:cd:c0:72:61:77:6c:cb:25:db:25:5e:77:3f:
a5:1a:b8:a8:5c:6a:77:d5:7a:06:e9:82:bf:ce:d5:
8a:16:ce:ab:a9:54:5c:3d:15:91:bf:86:f3:cf:e6:
e7:bb:6e:1c:ff:82:d2:5e:59:2c:51:be:f2:70:9a:
bc:0e:30:5f:47:3b:b9:40:d3:2b:2f:2b:02:04:e8:
99:ff:3a:5a:dd:e2:a8:38:ea:4d:31:3a:73:0f:85:
d7:7f:7e:19:39:6f:0f:1d:a7:aa:a0:12:2e:29:ca:
cb:cd:43:a7:63:9e:77:eb:2d:66:05:96:3d:c8:29:
d5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:07:9D:59:90:2E:D7:BD:6A:98:A9:D3:81:C2:47:D1:CA:90:62:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A6DF9DEEDFEE11EF974F82BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.8.0/21
Signature Algorithm: sha256WithRSAEncryption
04:17:80:69:29:f4:0b:08:a8:fc:79:0b:87:83:e6:54:43:51:
24:42:01:d9:6f:7d:06:ac:82:7f:cb:40:07:30:97:9d:b7:24:
fc:36:10:d6:99:d1:7b:cb:7c:70:fb:0d:b5:ae:28:77:41:44:
98:32:3d:67:97:53:28:14:25:f2:12:0b:4f:63:fb:31:f8:42:
03:1d:0f:b4:40:47:5a:fa:41:d3:e1:18:c9:76:d4:a7:f8:cb:
ee:e3:53:c7:c8:32:03:af:1a:2d:0b:c2:69:be:ae:f6:58:d6:
bc:39:da:a0:54:1c:7a:58:94:a8:c0:a7:61:8d:bc:d8:56:76:
46:14:f1:77:d8:3a:41:53:3d:73:c1:3a:46:52:1b:e1:11:80:
03:af:d3:71:ed:8c:eb:68:05:7a:4a:38:e2:a8:ec:15:87:4c:
22:82:69:89:aa:b8:9a:e5:fe:ed:a9:fe:12:a9:69:0c:46:e8:
c8:df:96:2c:d5:e9:30:32:48:72:c6:b9:77:ad:c0:9a:f2:72:
45:7b:e0:a4:08:da:c1:6b:92:31:3e:5d:f5:4c:25:ba:29:cb:
26:3a:af:79:74:1e:75:e6:56:0a:e3:66:d3:cc:69:2f:66:a4:
9e:61:86:5c:ff:32:8b:61:61:10:0d:02:07:85:87:a5:db:74:
90:8e:1e:94
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARZPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTYxNTUzWhcNMjYwMTAzMTYxNTUzWjAYMRYw
FAYDVQQDEw02NzljZjczZC0zYWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzFD8+zfuNfKdS4HDsOb2Z8+1QfQk8PExrDeJnZyCW6XXmQqaZfb9ZRjo
XFVIvViwzaWh3KTSAeKCwx6MSgj2usqsjQj3L4SG9q92EGvOn8jJYvh1OvrV6pEF
HJD86I+I3TcAT0go/SZhGvQAoL8CoVgq/C4Sv9m64bJGBLokFxblT21kn3TyHc3A
cmF3bMsl2yVedz+lGrioXGp31XoG6YK/ztWKFs6rqVRcPRWRv4bzz+bnu24c/4LS
XlksUb7ycJq8DjBfRzu5QNMrLysCBOiZ/zpa3eKoOOpNMTpzD4XXf34ZOW8PHaeq
oBIuKcrLzUOnY5536y1mBZY9yCnVsQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCQH
nVmQLte9apip04HCR9HKkGKqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNkRGOURFRURGRUUxMUVGOTc0RjgyQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnOsIMA0GCSqGSIb3DQEBCwUA
A4IBAQAEF4BpKfQLCKj8eQuHg+ZUQ1EkQgHZb30GrIJ/y0AHMJedtyT8NhDWmdF7
y3xw+w21rih3QUSYMj1nl1MoFCXyEgtPY/sx+EIDHQ+0QEda+kHT4RjJdtSn+Mvu
41PHyDIDrxotC8Jpvq72WNa8OdqgVBx6WJSowKdhjbzYVnZGFPF32DpBUz1zwTpG
UhvhEYADr9Nx7YzraAV6SjjiqOwVh0wigmmJqria5f7tqf4SqWkMRujI35Ys1ekw
Mkhyxrl3rcCa8nJFe+CkCNrBa5IxPl31TCW6KcsmOq95dB515lYK42bTzGkvZqSe
YYZc/zKLYWEQDQIHhYel23SQjh6U
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:38 2025 by rpki-client