Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C400FBC6D4AD11EFBA76B595762E951A.roa
File: C400FBC6D4AD11EFBA76B595762E951A.roa (raw, json)
Hash identifier: 2Lcvt2r5ikxjhhCFlJsu9uUipGKjr+HdLuc6UYABgvU=
Subject key identifier: 7E:93:6F:CE:DB:14:BF:00:D1:36:7E:19:80:EA:4E:64:26:1F:95:37
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010937
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C400FBC6D4AD11EFBA76B595762E951A.roa
Signing time: Fri 17 Jan 2025 08:33:45 +0000
ROA not before: Fri 17 Jan 2025 08:33:42 +0000
ROA not after: Thu 17 Jul 2025 08:33:42 +0000
asID: 63199
IP address blocks: 156.225.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67895 (0x10937)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 17 08:33:42 2025 GMT
Not After : Jul 17 08:33:42 2025 GMT
Subject: CN=678a15e9-e314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6d:be:ce:c9:cb:98:dc:25:8d:47:ac:a7:38:
57:2d:3e:f6:45:f6:7e:4a:66:fc:f4:77:98:f3:ad:
c9:54:bc:73:d2:bb:0c:ee:78:a5:5c:f9:a6:96:9b:
87:19:45:31:46:52:e6:c7:c3:63:35:cd:77:63:e8:
4c:e5:42:4e:56:56:0c:7a:60:e6:c0:48:e7:4a:2c:
8f:e4:6a:8d:64:cc:48:40:ad:92:38:66:ff:f3:39:
89:09:88:be:c8:0d:ef:b1:da:9a:d0:1e:2d:a2:eb:
d6:44:6a:c8:97:de:34:ed:14:3d:48:d7:91:7b:18:
33:88:23:dd:ae:54:ed:f5:b4:14:a0:61:b0:f0:85:
42:80:4f:76:96:1a:f6:d3:17:53:b2:ff:00:2e:36:
00:a6:72:ec:7e:89:fc:e2:4d:3f:f4:ad:24:fb:80:
27:d8:3f:3b:eb:19:c1:cd:dd:de:e5:da:f0:19:1c:
7f:6f:31:3b:ec:8f:a2:28:de:e6:6a:11:80:30:9f:
c3:78:a7:c5:94:6f:7f:24:33:32:5c:f0:87:c1:2a:
66:11:6f:2f:f0:6c:50:eb:9f:38:98:c7:9f:86:47:
28:86:cb:26:c7:a4:f5:ff:46:d4:a5:74:ae:0a:7d:
60:a0:47:e0:97:b1:ba:6d:7d:93:1b:08:a3:a6:96:
3f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:93:6F:CE:DB:14:BF:00:D1:36:7E:19:80:EA:4E:64:26:1F:95:37
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C400FBC6D4AD11EFBA76B595762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.5.0/24
Signature Algorithm: sha256WithRSAEncryption
03:fa:b0:6d:b5:38:e4:10:fb:ba:e8:ae:ba:2d:25:75:ff:7d:
72:7c:d8:fe:33:a6:fe:3e:ca:74:fc:f8:b7:bf:aa:5b:0e:db:
b0:22:bd:f1:e9:5c:47:72:0b:f3:e5:22:cc:8b:08:d8:11:8c:
9c:74:96:46:fa:02:8a:27:72:87:fe:76:6e:77:a7:1d:16:07:
cd:54:cf:6d:5b:30:f7:46:33:60:bc:7e:5c:6e:85:ca:b8:9b:
0e:a0:64:0b:a0:46:74:ee:b8:30:47:88:11:3a:05:17:0c:d4:
1c:cf:1e:2f:e9:17:a2:fe:c1:a9:b3:74:45:0b:3c:85:67:9b:
29:a4:34:da:03:5a:6b:71:ae:6f:10:8a:80:e7:e9:46:d4:b3:
d5:b2:df:b1:bc:36:6b:61:ad:26:ac:19:60:93:84:f8:b7:9f:
02:ba:02:39:f0:8f:aa:d6:30:86:0e:b5:0e:b1:f3:86:9d:d2:
a9:8d:b6:88:04:af:29:45:38:f8:9e:bf:b1:57:cb:95:c9:d7:
93:28:79:f2:5b:8d:5a:80:af:d4:86:ab:8d:db:67:08:56:06:
a1:f2:31:ff:f2:69:c4:f8:d7:54:ea:b5:c2:c6:be:88:bf:9c:
9d:80:ad:96:59:ec:be:86:f4:d3:ad:72:93:9f:10:52:35:72:
84:f2:cf:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQk3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE3MDgzMzQyWhcNMjUwNzE3MDgzMzQyWjAYMRYw
FAYDVQQDEw02NzhhMTVlOS1lMzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt22+zsnLmNwljUespzhXLT72RfZ+Smb89HeY863JVLxz0rsM7nilXPmm
lpuHGUUxRlLmx8NjNc13Y+hM5UJOVlYMemDmwEjnSiyP5GqNZMxIQK2SOGb/8zmJ
CYi+yA3vsdqa0B4touvWRGrIl9407RQ9SNeRexgziCPdrlTt9bQUoGGw8IVCgE92
lhr20xdTsv8ALjYApnLsfon84k0/9K0k+4An2D876xnBzd3e5drwGRx/bzE77I+i
KN7mahGAMJ/DeKfFlG9/JDMyXPCHwSpmEW8v8GxQ6584mMefhkcohssmx6T1/0bU
pXSuCn1goEfgl7G6bX2TGwijppY/1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH6T
b87bFL8A0TZ+GYDqTmQmH5U3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNDAwRkJDNkQ0QUQxMUVGQkE3NkI1OTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEFMA0GCSqGSIb3DQEBCwUA
A4IBAQAD+rBttTjkEPu66K66LSV1/31yfNj+M6b+Psp0/Pi3v6pbDtuwIr3x6VxH
cgvz5SLMiwjYEYycdJZG+gKKJ3KH/nZud6cdFgfNVM9tWzD3RjNgvH5cboXKuJsO
oGQLoEZ07rgwR4gROgUXDNQczx4v6Rei/sGps3RFCzyFZ5sppDTaA1prca5vEIqA
5+lG1LPVst+xvDZrYa0mrBlgk4T4t58CugI58I+q1jCGDrUOsfOGndKpjbaIBK8p
RTj4nr+xV8uVydeTKHnyW41agK/UhquN22cIVgah8jH/8mnE+NdU6rXCxr6Iv5yd
gK2WWey+hvTTrXKTnxBSNXKE8s8D
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:13 2025 by rpki-client