Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4A5FE06CD3111EFB54A8662762E951A.roa
File: C4A5FE06CD3111EFB54A8662762E951A.roa (raw, json)
Hash identifier: L48UhqPn2kam+n3CjMQGFWggUbbYoRHnmH8g9pruBwo=
Subject key identifier: CA:FF:82:AC:62:44:B8:DA:E5:6B:A1:F9:EC:53:CC:B3:42:4E:0C:D8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FDF7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4A5FE06CD3111EFB54A8662762E951A.roa
Signing time: Tue 07 Jan 2025 19:58:31 +0000
ROA not before: Tue 07 Jan 2025 19:58:27 +0000
ROA not after: Sat 13 Dec 2025 19:58:27 +0000
asID: 984
IP address blocks: 156.243.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65015 (0xfdf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 19:58:27 2025 GMT
Not After : Dec 13 19:58:27 2025 GMT
Subject: CN=677d8767-04e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:07:90:27:f4:b7:73:be:2a:f1:d0:a1:02:a0:
3b:b3:3a:3e:3d:bd:a3:4c:b6:ac:ba:8b:b8:31:55:
31:48:86:25:6e:55:cd:e5:1c:a0:5a:01:c2:c5:1b:
37:99:8e:b3:53:9c:6b:24:0c:65:5c:4d:c4:db:20:
19:fd:77:5e:f7:fa:c5:df:23:15:b8:58:4e:df:20:
04:93:2a:bf:23:e2:cb:f4:7d:dd:6b:e8:dc:e0:6b:
d5:99:79:08:ed:40:36:b5:f7:80:08:f5:ce:53:91:
3b:df:6b:44:65:c4:35:35:d9:a9:00:db:73:9b:92:
0c:b9:01:2e:d8:43:53:3b:4c:0f:26:92:f0:a7:54:
49:da:55:38:0c:16:ae:f0:ce:36:6f:c8:c4:ef:08:
77:5d:a5:62:bb:cf:9b:f0:86:17:94:f0:09:7f:91:
48:fc:c1:fd:f2:76:5e:83:cd:62:9a:63:2c:b8:fe:
9e:d2:b6:de:ea:41:c0:1f:d0:7d:f6:0b:54:84:a8:
87:b1:d8:2e:2b:5c:32:1a:c1:99:8b:5e:aa:1f:d3:
fc:08:0d:03:21:45:27:24:7e:20:08:de:d4:82:d0:
a1:0d:1b:85:b2:4a:0e:b7:d3:fa:5e:57:d3:db:2c:
82:95:7c:93:7d:d6:8e:cd:e9:21:0a:28:88:6a:71:
79:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FF:82:AC:62:44:B8:DA:E5:6B:A1:F9:EC:53:CC:B3:42:4E:0C:D8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C4A5FE06CD3111EFB54A8662762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.36.0/24
Signature Algorithm: sha256WithRSAEncryption
98:cd:7f:a7:bc:04:b6:60:cc:28:6d:db:72:04:d9:74:7e:98:
63:93:b6:e7:9d:28:97:d0:96:70:2a:16:d2:e8:93:ec:b1:34:
24:95:d6:5c:aa:fe:4c:85:95:a9:23:5c:c1:26:40:4f:6d:97:
70:dd:af:6f:5d:b5:b4:50:fb:ac:c5:fc:fc:73:46:1f:4e:49:
7c:5f:50:94:79:cb:5e:be:f9:de:8f:d4:30:a5:79:04:98:de:
e0:88:ca:e9:93:5f:c9:26:7e:22:62:46:39:5a:7c:53:1e:9f:
15:98:81:d5:0c:01:cb:2e:dd:e5:af:f3:0d:f2:d8:41:57:b0:
39:54:59:86:63:8e:c9:1f:9a:29:b5:37:57:29:14:a1:72:a7:
ca:7d:27:0a:1c:0b:a0:eb:77:31:92:8d:dc:08:b6:57:7a:c7:
c9:ca:63:c6:00:13:c9:9d:e8:01:32:dc:39:63:7e:6b:ef:f9:
5a:0e:a7:48:3f:ee:ee:a5:4e:2a:cd:f1:4f:88:2a:fe:6f:78:
41:e7:19:0c:20:61:9c:7b:47:f7:5f:f3:48:09:61:9f:3c:d5:
99:61:11:5e:34:46:0c:d6:fb:12:25:74:0f:db:e7:34:e8:04:
95:9a:64:ed:2b:43:83:58:ef:16:3f:7e:7a:2d:c9:fb:39:e2:
e3:02:86:e9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP33MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTk1ODI3WhcNMjUxMjEzMTk1ODI3WjAYMRYw
FAYDVQQDEw02NzdkODc2Ny0wNGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxQeQJ/S3c74q8dChAqA7szo+Pb2jTLasuou4MVUxSIYlblXN5RygWgHC
xRs3mY6zU5xrJAxlXE3E2yAZ/Xde9/rF3yMVuFhO3yAEkyq/I+LL9H3da+jc4GvV
mXkI7UA2tfeACPXOU5E732tEZcQ1NdmpANtzm5IMuQEu2ENTO0wPJpLwp1RJ2lU4
DBau8M42b8jE7wh3XaViu8+b8IYXlPAJf5FI/MH98nZeg81immMsuP6e0rbe6kHA
H9B99gtUhKiHsdguK1wyGsGZi16qH9P8CA0DIUUnJH4gCN7UgtChDRuFskoOt9P6
XlfT2yyClXyTfdaOzekhCiiIanF50wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMr/
gqxiRLja5Wuh+exTzLNCTgzYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNEE1RkUwNkNEMzExMUVGQjU0QTg2NjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPMkMA0GCSqGSIb3DQEBCwUA
A4IBAQCYzX+nvAS2YMwobdtyBNl0fphjk7bnnSiX0JZwKhbS6JPssTQkldZcqv5M
hZWpI1zBJkBPbZdw3a9vXbW0UPusxfz8c0YfTkl8X1CUectevvnej9QwpXkEmN7g
iMrpk1/JJn4iYkY5WnxTHp8VmIHVDAHLLt3lr/MN8thBV7A5VFmGY47JH5optTdX
KRShcqfKfScKHAug63cxko3cCLZXesfJymPGABPJnegBMtw5Y35r7/laDqdIP+7u
pU4qzfFPiCr+b3hB5xkMIGGce0f3X/NICWGfPNWZYRFeNEYM1vsSJXQP2+c06ASV
mmTtK0ODWO8WP356Lcn7OeLjAobp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:40 2025 by rpki-client