Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2EB3A56AD5911EFAA6F6EAE762E951A.roa
File: C2EB3A56AD5911EFAA6F6EAE762E951A.roa (raw, json)
Hash identifier: ORxGk8ox34tMQ+ei3e6abG+Ul2vJ+77M/tPTywdAyOw=
Subject key identifier: 01:D5:1D:45:BA:00:88:3E:C1:0B:68:0B:02:91:AF:5D:F5:CE:57:E4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC45
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2EB3A56AD5911EFAA6F6EAE762E951A.roa
Signing time: Thu 28 Nov 2024 07:24:11 +0000
ROA not before: Thu 28 Nov 2024 07:24:07 +0000
ROA not after: Tue 11 Feb 2025 07:24:07 +0000
asID: 207023
IP address blocks: 156.255.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56389 (0xdc45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Nov 28 07:24:07 2024 GMT
Not After : Feb 11 07:24:07 2025 GMT
Subject: CN=67481a9a-facd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2c:ba:c7:4d:96:48:f7:ef:37:16:69:8e:fc:
6b:57:19:77:36:f2:e6:37:f6:e1:68:c5:be:53:2b:
7a:de:b5:4c:61:5d:fb:03:63:84:1c:ce:70:64:51:
78:f2:05:09:1d:be:a8:62:c2:9d:c7:18:a6:19:92:
e2:34:b0:ba:38:06:3e:a7:d2:d2:0a:fc:50:5b:55:
ee:ce:5a:6c:e4:a1:1e:32:0c:6f:25:28:a3:79:42:
ce:f2:a1:90:db:4e:56:68:60:28:a0:7c:80:6e:52:
8e:f8:fb:44:61:fa:69:30:b0:14:6e:63:20:79:5d:
1c:6c:14:1c:41:bc:ad:1e:c7:29:73:9d:bf:f3:7c:
4a:f9:de:31:6d:be:d9:4f:0e:c4:b4:1f:48:7a:13:
a3:70:06:90:42:99:96:42:d8:ba:44:50:39:7d:d7:
70:af:84:26:8c:74:0f:5c:18:1a:8e:82:29:15:0b:
b5:62:4f:96:ea:05:e7:44:96:08:53:bc:5c:74:6b:
cd:bd:86:e8:5e:d4:e4:96:55:2c:1e:07:ef:d6:05:
91:e6:9e:df:7f:07:22:94:76:9a:9f:4a:61:6e:c0:
c6:a7:8f:db:0b:74:1e:51:34:20:be:25:fc:b0:9f:
3c:0c:fe:76:76:1d:30:03:04:92:06:19:f6:a1:c0:
0f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D5:1D:45:BA:00:88:3E:C1:0B:68:0B:02:91:AF:5D:F5:CE:57:E4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2EB3A56AD5911EFAA6F6EAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.24.0/22
Signature Algorithm: sha256WithRSAEncryption
af:2d:52:ba:6f:21:62:67:8c:44:e5:b4:79:30:1e:65:e9:01:
ca:05:d4:a7:97:5f:7d:00:df:c0:b4:e4:35:c3:44:87:fa:69:
3b:f2:dd:a4:66:e0:b3:f6:cb:ea:0e:5f:9e:6c:4e:af:e0:fe:
c0:66:43:72:69:db:bd:56:4c:88:d4:24:11:e5:ca:2b:e2:fb:
9f:e5:04:a1:84:eb:d4:d8:34:08:86:63:9a:c1:af:7c:c5:26:
a2:9f:32:39:fb:c2:ad:c3:bd:2a:6b:39:a7:2d:ff:2b:cf:52:
2e:ea:aa:10:bf:e3:4b:cd:6b:a9:a6:35:f8:15:b4:c8:ec:c4:
81:e7:9b:63:d5:c0:1b:0d:c6:1b:53:0b:76:4f:c7:07:b9:7f:
96:76:1f:19:1b:47:7c:84:9c:24:40:7a:29:41:4b:be:8a:85:
7c:b5:00:a9:ad:d6:81:76:55:05:91:6a:7a:71:ad:d7:a2:83:
e5:8d:ab:56:fd:db:5a:d6:15:d5:25:b5:aa:d1:41:a9:b8:29:
79:9b:af:8d:eb:16:33:2b:77:65:cc:17:a8:cb:8b:66:e4:6d:
73:26:8b:1c:f3:f2:cf:fe:8c:b6:15:5b:dc:e2:d3:74:6d:35:
f1:0d:1a:0e:e7:b0:08:76:c8:7a:b1:0c:c3:85:97:2b:84:b9:
06:11:ce:ca
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANxFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDcyNDA3WhcNMjUwMjExMDcyNDA3WjAYMRYw
FAYDVQQDEw02NzQ4MWE5YS1mYWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Sy6x02WSPfvNxZpjvxrVxl3NvLmN/bhaMW+Uyt63rVMYV37A2OEHM5w
ZFF48gUJHb6oYsKdxximGZLiNLC6OAY+p9LSCvxQW1Xuzlps5KEeMgxvJSijeULO
8qGQ205WaGAooHyAblKO+PtEYfppMLAUbmMgeV0cbBQcQbytHscpc52/83xK+d4x
bb7ZTw7EtB9IehOjcAaQQpmWQti6RFA5fddwr4QmjHQPXBgajoIpFQu1Yk+W6gXn
RJYIU7xcdGvNvYboXtTkllUsHgfv1gWR5p7ffwcilHaan0phbsDGp4/bC3QeUTQg
viX8sJ88DP52dh0wAwSSBhn2ocAPVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAHV
HUW6AIg+wQtoCwKRr131zlfkMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMkVCM0E1NkFENTkxMUVGQUE2RjZFQUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnP8YMA0GCSqGSIb3DQEBCwUA
A4IBAQCvLVK6byFiZ4xE5bR5MB5l6QHKBdSnl199AN/AtOQ1w0SH+mk78t2kZuCz
9svqDl+ebE6v4P7AZkNyadu9VkyI1CQR5cor4vuf5QShhOvU2DQIhmOawa98xSai
nzI5+8Ktw70qazmnLf8rz1Iu6qoQv+NLzWuppjX4FbTI7MSB55tj1cAbDcYbUwt2
T8cHuX+Wdh8ZG0d8hJwkQHopQUu+ioV8tQCprdaBdlUFkWp6ca3XooPljatW/dta
1hXVJbWq0UGpuCl5m6+N6xYzK3dlzBeoy4tm5G1zJosc8/LP/oy2FVvc4tN0bTXx
DRoO57AIdsh6sQzDhZcrhLkGEc7K
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:19 2025 by rpki-client