Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A758D488CD4D11EFA25D3F92762E951A.roa
File: A758D488CD4D11EFA25D3F92762E951A.roa (raw, json)
Hash identifier: iVfApb3aW7cN0duWBk+YoS/HROCg8TfQMaOYOpKDPCQ=
Subject key identifier: C0:BE:89:59:55:C6:D9:A7:FA:11:4E:94:45:33:DC:11:2D:E8:45:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FED3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A758D488CD4D11EFA25D3F92762E951A.roa
Signing time: Tue 07 Jan 2025 23:18:08 +0000
ROA not before: Tue 07 Jan 2025 23:18:04 +0000
ROA not after: Mon 13 Dec 2027 23:18:04 +0000
asID: 17561
IP address blocks: 156.247.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65235 (0xfed3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 23:18:04 2025 GMT
Not After : Dec 13 23:18:04 2027 GMT
Subject: CN=677db62f-950e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:69:40:31:d6:ee:9e:08:39:d6:3b:58:5b:d6:
20:b7:e6:2f:79:2f:72:bd:04:27:af:08:6f:d9:4f:
38:2e:b0:4d:46:e7:0d:2e:bf:a0:6b:c4:19:83:d0:
a6:dd:72:35:0d:38:db:05:e1:50:8d:94:e5:3a:8b:
cf:ce:8b:5c:0d:02:07:8e:99:09:4d:eb:3e:40:38:
70:58:32:21:fa:d6:c9:84:45:e5:18:aa:a8:f5:a2:
23:8b:18:f7:ee:c5:96:54:3d:d6:31:f6:de:1c:1e:
8b:2e:11:f3:ae:6f:6e:ed:89:a4:06:70:c2:a5:50:
45:a8:2c:c2:81:27:05:68:16:ba:11:77:e1:e5:86:
39:97:55:39:cd:71:80:b2:82:28:4a:5c:c2:5e:6a:
02:dd:a9:97:08:54:d3:a1:5b:8a:8e:cc:3e:f5:ad:
71:34:d6:39:c5:3a:fa:71:bf:6b:b0:ad:62:73:03:
4a:f3:1f:57:51:c7:98:0b:36:73:7e:1e:77:ff:7d:
1e:fc:ff:f0:94:b0:9c:a2:ea:60:f7:84:fb:5b:85:
4d:c3:96:12:04:9b:db:b3:93:55:0c:47:d1:55:9a:
a8:47:e0:5a:9a:bb:89:e9:7e:8b:e5:27:1e:bc:6e:
23:44:b2:ac:55:b3:4d:f0:60:b3:53:f5:5e:25:e8:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BE:89:59:55:C6:D9:A7:FA:11:4E:94:45:33:DC:11:2D:E8:45:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A758D488CD4D11EFA25D3F92762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.7.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:fd:56:c2:fd:8b:fc:2e:51:8e:44:23:d6:9c:26:33:08:16:
5f:99:5c:7f:4b:e5:d2:f8:5d:d5:45:4c:f9:1c:ab:7b:30:1c:
ae:83:33:b9:e4:f9:cf:0d:cc:2d:fe:4a:a4:4a:be:7e:13:90:
17:93:89:af:ce:8f:59:ce:d4:3f:5d:34:c6:ad:c9:a3:11:b3:
03:1e:57:fd:8d:a1:ee:67:2c:6f:8e:df:0d:cf:47:cb:2c:05:
1b:0d:e8:9f:78:e9:cb:00:02:80:43:65:1f:78:d1:47:6c:68:
45:2c:4c:09:8c:b9:f0:71:af:80:c0:24:aa:33:1f:a4:75:bc:
98:24:bf:a8:06:8e:dd:07:e5:37:e7:2c:3e:3f:54:48:bc:f9:
9a:28:bf:df:af:6a:85:3a:cd:c3:a1:dc:d6:d6:88:a8:32:b5:
4d:38:79:68:d7:35:d7:64:59:d6:12:ff:6e:46:1a:77:67:25:
7a:26:38:6c:29:12:55:13:d6:6c:c1:b6:2f:b3:6c:83:86:8d:
c3:a0:cc:bb:d6:50:f2:7b:47:6d:99:83:41:aa:a1:e6:1a:13:
c8:2f:24:3e:84:e9:26:d2:f6:12:33:ff:2d:1e:cd:cc:0a:1a:
96:8b:52:f2:b3:b6:63:cc:25:ab:06:89:26:ab:ed:e7:36:d6:
4d:0f:5e:a3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP7TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjMxODA0WhcNMjcxMjEzMjMxODA0WjAYMRYw
FAYDVQQDEw02NzdkYjYyZi05NTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA22lAMdbungg51jtYW9Ygt+YveS9yvQQnrwhv2U84LrBNRucNLr+ga8QZ
g9Cm3XI1DTjbBeFQjZTlOovPzotcDQIHjpkJTes+QDhwWDIh+tbJhEXlGKqo9aIj
ixj37sWWVD3WMfbeHB6LLhHzrm9u7YmkBnDCpVBFqCzCgScFaBa6EXfh5YY5l1U5
zXGAsoIoSlzCXmoC3amXCFTToVuKjsw+9a1xNNY5xTr6cb9rsK1icwNK8x9XUceY
CzZzfh53/30e/P/wlLCcoupg94T7W4VNw5YSBJvbs5NVDEfRVZqoR+BamruJ6X6L
5ScevG4jRLKsVbNN8GCzU/VeJegL2QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMC+
iVlVxtmn+hFOlEUz3BEt6EVUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BNzU4RDQ4OENENEQxMUVGQTI1RDNGOTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPcHMA0GCSqGSIb3DQEBCwUA
A4IBAQCN/VbC/Yv8LlGORCPWnCYzCBZfmVx/S+XS+F3VRUz5HKt7MByugzO55PnP
Dcwt/kqkSr5+E5AXk4mvzo9ZztQ/XTTGrcmjEbMDHlf9jaHuZyxvjt8Nz0fLLAUb
DeifeOnLAAKAQ2UfeNFHbGhFLEwJjLnwca+AwCSqMx+kdbyYJL+oBo7dB+U35yw+
P1RIvPmaKL/fr2qFOs3DodzW1oioMrVNOHlo1zXXZFnWEv9uRhp3ZyV6JjhsKRJV
E9ZswbYvs2yDho3DoMy71lDye0dtmYNBqqHmGhPILyQ+hOkm0vYSM/8tHs3MChqW
i1Lys7ZjzCWrBokmq+3nNtZND16j
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:40 2025 by rpki-client