Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C256EDA0C28611EFA6674E9D762E951A.roa
File: C256EDA0C28611EFA6674E9D762E951A.roa (raw, json)
Hash identifier: Ogkldcp/nmLBKhtBJJV4uAC3WG+pLLWzsda5E3AHuAQ=
Subject key identifier: 83:A0:F4:73:7A:9E:C2:0D:A0:9A:D9:E7:C2:88:79:AE:6B:94:FA:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E92F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C256EDA0C28611EFA6674E9D762E951A.roa
Signing time: Wed 25 Dec 2024 06:09:11 +0000
ROA not before: Wed 25 Dec 2024 06:09:08 +0000
ROA not after: Wed 10 Dec 2025 06:09:08 +0000
asID: 984
IP address blocks: 156.228.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59695 (0xe92f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:09:08 2024 GMT
Not After : Dec 10 06:09:08 2025 GMT
Subject: CN=676ba187-5684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9a:b4:17:66:d3:1d:57:b9:b8:8f:62:54:1d:
3e:37:94:d9:03:06:0e:0d:98:1e:6c:a7:74:f0:b8:
35:ce:79:d0:5d:8d:1f:3f:5d:c5:49:79:6f:da:69:
c3:4d:fb:00:ea:bf:77:f3:b1:61:dd:53:4b:8a:2b:
cd:c9:29:a9:6b:0e:ab:19:bd:c0:63:7a:58:d2:04:
ae:02:e6:6e:a9:0e:c1:b7:88:bf:43:20:af:e5:b1:
ad:c6:41:ce:96:7a:65:e7:2d:6d:08:7c:86:9f:fd:
b1:52:87:0c:16:28:06:8e:f6:8f:04:c2:90:28:30:
1c:6c:16:9c:e6:cc:27:81:f8:3a:9f:26:eb:b4:9a:
3b:11:21:45:79:49:84:56:75:d5:62:fa:be:82:57:
0c:78:54:08:62:2e:a1:70:55:66:49:45:44:56:5e:
15:7f:a6:e0:ae:3c:6e:98:5f:f5:c9:be:95:ce:18:
73:61:4b:96:00:06:6c:ec:e9:21:f7:da:fc:cf:d8:
c6:8c:81:c3:60:e5:65:5a:1d:c7:0f:52:97:76:f6:
62:49:8f:7f:95:ee:49:52:3f:bb:56:42:a6:35:14:
fb:c8:17:a4:18:86:24:8b:37:12:5a:09:5d:01:30:
f3:7a:55:ad:93:d9:e6:f0:b4:13:93:b3:3f:24:d6:
fe:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A0:F4:73:7A:9E:C2:0D:A0:9A:D9:E7:C2:88:79:AE:6B:94:FA:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C256EDA0C28611EFA6674E9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.55.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c1:5f:70:63:2a:fd:d5:20:1a:4b:c7:09:ea:e2:d8:0d:ea:
f4:4b:63:fa:53:7f:bf:52:e1:d0:c7:12:59:5f:4b:8c:af:d7:
01:8d:a2:8f:49:a4:8b:5d:84:4a:04:89:9f:57:54:f5:7d:06:
12:34:3a:bd:2d:b3:75:a9:54:e1:9d:e9:d3:11:32:6f:39:8d:
e6:64:65:b2:6f:37:69:03:f8:c1:6e:f4:e0:7e:a3:bd:ab:21:
28:bf:02:52:38:7b:7e:15:10:ce:31:53:47:94:36:de:99:cc:
b1:81:b5:a7:ad:fc:7d:77:c2:d6:55:ca:08:4c:4c:d9:28:ce:
1f:da:af:6c:26:a8:18:93:51:6e:9e:dd:b0:3b:f2:a5:49:b4:
03:af:f2:23:d9:51:28:c0:5e:5b:52:86:40:c5:e9:27:07:ac:
f9:ab:83:c9:d7:36:c9:bd:fa:24:6a:c4:2a:94:43:0a:dc:4e:
bb:27:60:fc:9c:3e:b5:9c:12:80:dc:dc:b9:9d:0f:89:d1:2f:
7a:b4:e5:f4:c2:f0:f7:9a:91:ce:e3:4a:b8:9b:64:ef:3d:09:
c3:43:33:6f:73:16:d0:78:d9:e1:ae:0b:12:f3:b7:b3:d3:49:
4c:14:24:fd:48:66:99:7b:53:8b:67:17:33:f9:c6:d7:55:75:
0d:d9:30:d6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOkvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYwOTA4WhcNMjUxMjEwMDYwOTA4WjAYMRYw
FAYDVQQDEw02NzZiYTE4Ny01Njg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAupq0F2bTHVe5uI9iVB0+N5TZAwYODZgebKd08Lg1znnQXY0fP13FSXlv
2mnDTfsA6r9387Fh3VNLiivNySmpaw6rGb3AY3pY0gSuAuZuqQ7Bt4i/QyCv5bGt
xkHOlnpl5y1tCHyGn/2xUocMFigGjvaPBMKQKDAcbBac5swngfg6nybrtJo7ESFF
eUmEVnXVYvq+glcMeFQIYi6hcFVmSUVEVl4Vf6bgrjxumF/1yb6VzhhzYUuWAAZs
7Okh99r8z9jGjIHDYOVlWh3HD1KXdvZiSY9/le5JUj+7VkKmNRT7yBekGIYkizcS
WgldATDzelWtk9nm8LQTk7M/JNb+JQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIOg
9HN6nsINoJrZ58KIea5rlPpPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMjU2RURBMEMyODYxMUVGQTY2NzRFOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQ3MA0GCSqGSIb3DQEBCwUA
A4IBAQA+wV9wYyr91SAaS8cJ6uLYDer0S2P6U3+/UuHQxxJZX0uMr9cBjaKPSaSL
XYRKBImfV1T1fQYSNDq9LbN1qVThnenTETJvOY3mZGWybzdpA/jBbvTgfqO9qyEo
vwJSOHt+FRDOMVNHlDbemcyxgbWnrfx9d8LWVcoITEzZKM4f2q9sJqgYk1Funt2w
O/KlSbQDr/Ij2VEowF5bUoZAxeknB6z5q4PJ1zbJvfokasQqlEMK3E67J2D8nD61
nBKA3Ny5nQ+J0S96tOX0wvD3mpHO40q4m2TvPQnDQzNvcxbQeNnhrgsS87ez00lM
FCT9SGaZe1OLZxcz+cbXVXUN2TDW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:46 2025 by rpki-client