Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C66D9EF4CD1A11EF9DADEF51762E951A.roa
File: C66D9EF4CD1A11EF9DADEF51762E951A.roa (raw, json)
Hash identifier: F/U0AMmp4VZfg4b8UA7bz+YjPz+FDMR0l4mdjy6JgKc=
Subject key identifier: 34:01:A9:A5:76:FF:0F:C1:52:8B:9A:77:87:3A:A8:45:1E:11:23:C7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD41
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C66D9EF4CD1A11EF9DADEF51762E951A.roa
Signing time: Tue 07 Jan 2025 17:13:55 +0000
ROA not before: Tue 07 Jan 2025 17:13:52 +0000
ROA not after: Mon 13 Dec 2027 17:13:52 +0000
asID: 17561
IP address blocks: 156.241.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64833 (0xfd41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:13:52 2025 GMT
Not After : Dec 13 17:13:52 2027 GMT
Subject: CN=677d60d3-f149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:af:c7:5c:28:99:9f:01:7b:e8:36:27:26:14:
8f:e6:cf:32:14:8c:05:71:10:90:05:bc:62:c0:39:
c9:32:68:b4:5f:ac:a3:2a:f7:11:0b:4e:1b:80:92:
47:bb:0b:6a:d6:ce:82:88:33:1f:63:72:9e:db:40:
15:f3:15:44:df:e9:f7:cf:30:62:41:ff:26:cf:f2:
89:00:d9:37:32:93:41:bc:69:c8:e8:1d:bf:66:e6:
7c:1c:8c:b8:0f:06:11:6e:d9:50:87:01:bc:7d:39:
e8:2a:e5:75:3f:55:74:ae:21:3a:87:21:5f:40:78:
77:ca:db:c2:74:f5:15:f0:ac:90:af:05:6e:9b:f0:
ee:ee:1a:0a:c0:b3:42:f6:14:e4:fb:3c:12:2d:b5:
09:d1:4f:6f:4b:dd:85:00:ce:58:e3:18:82:a8:6d:
55:b0:14:53:90:c8:02:28:9e:fe:06:ae:49:45:26:
d6:1f:a7:4b:94:bc:6e:12:80:2d:6e:cd:46:0f:d5:
9c:3f:4c:5d:56:3b:1f:22:c6:46:60:a0:2f:cd:de:
d2:8b:74:f2:c5:56:9b:f3:86:e8:69:1d:9e:0b:62:
e1:92:7e:eb:e2:a9:4e:a9:ed:2e:03:86:83:49:43:
31:49:71:1e:5b:d0:f2:b7:eb:63:7b:11:5d:6f:9c:
c6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:01:A9:A5:76:FF:0F:C1:52:8B:9A:77:87:3A:A8:45:1E:11:23:C7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C66D9EF4CD1A11EF9DADEF51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.37.0/24
Signature Algorithm: sha256WithRSAEncryption
72:22:6d:56:c6:4c:98:26:99:af:77:a1:d1:64:ef:c0:96:ad:
a7:c8:b2:a0:51:89:b2:de:dc:46:bb:78:9a:23:5b:01:58:41:
67:97:32:16:7d:0e:5a:94:b1:0d:8b:05:f4:7d:e4:32:7a:03:
d7:6e:72:df:da:ef:4a:e3:55:85:dc:c7:11:1d:af:5f:22:fd:
2b:72:02:58:e0:13:3d:78:a6:d7:95:88:01:3e:9a:91:0d:04:
de:42:a0:7e:80:1e:62:7a:ba:25:d0:33:73:dd:f0:01:8d:70:
cd:91:d6:f5:55:fe:c8:4d:02:40:46:10:aa:29:2b:f2:b0:4b:
6b:d9:69:c8:1e:54:7d:4d:68:25:72:94:d6:3d:b6:0e:8d:43:
ea:57:a6:c6:10:39:29:db:b6:0e:bf:97:95:ad:9d:70:d7:a3:
50:f0:0d:b4:0f:a8:c2:c7:61:7d:c4:fa:fb:35:70:1e:c6:17:
e9:49:0f:b4:2a:73:82:54:d5:e2:6c:f0:17:f9:fa:b5:62:9f:
f3:50:e2:a9:92:5c:2d:1e:96:96:a8:2e:09:e5:6e:77:08:43:
14:d7:6a:a4:0c:09:94:57:89:a6:24:df:26:c8:46:c6:a2:c9:
66:60:36:34:4e:15:bd:ad:88:f5:67:f1:75:68:41:ca:ca:ad:
82:4a:b4:18
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1BMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcxMzUyWhcNMjcxMjEzMTcxMzUyWjAYMRYw
FAYDVQQDEw02NzdkNjBkMy1mMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3q/HXCiZnwF76DYnJhSP5s8yFIwFcRCQBbxiwDnJMmi0X6yjKvcRC04b
gJJHuwtq1s6CiDMfY3Ke20AV8xVE3+n3zzBiQf8mz/KJANk3MpNBvGnI6B2/ZuZ8
HIy4DwYRbtlQhwG8fTnoKuV1P1V0riE6hyFfQHh3ytvCdPUV8KyQrwVum/Du7hoK
wLNC9hTk+zwSLbUJ0U9vS92FAM5Y4xiCqG1VsBRTkMgCKJ7+Bq5JRSbWH6dLlLxu
EoAtbs1GD9WcP0xdVjsfIsZGYKAvzd7Si3TyxVab84boaR2eC2Lhkn7r4qlOqe0u
A4aDSUMxSXEeW9Dyt+tjexFdb5zGywIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDQB
qaV2/w/BUouad4c6qEUeESPHMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjZEOUVGNENEMUExMUVGOURBREVGNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPElMA0GCSqGSIb3DQEBCwUA
A4IBAQByIm1WxkyYJpmvd6HRZO/Alq2nyLKgUYmy3txGu3iaI1sBWEFnlzIWfQ5a
lLENiwX0feQyegPXbnLf2u9K41WF3McRHa9fIv0rcgJY4BM9eKbXlYgBPpqRDQTe
QqB+gB5ierol0DNz3fABjXDNkdb1Vf7ITQJARhCqKSvysEtr2WnIHlR9TWglcpTW
PbYOjUPqV6bGEDkp27YOv5eVrZ1w16NQ8A20D6jCx2F9xPr7NXAexhfpSQ+0KnOC
VNXibPAX+fq1Yp/zUOKpklwtHpaWqC4J5W53CEMU12qkDAmUV4mmJN8myEbGoslm
YDY0ThW9rYj1Z/F1aEHKyq2CSrQY
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:34 2025 by rpki-client