Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6C27136CD4711EFB403BD6C762E951A.roa
File: C6C27136CD4711EFB403BD6C762E951A.roa (raw, json)
Hash identifier: Z0i5DcU1Rc+wY9oi0ga4hVbSZ4VDM6hL+XVYEM0+hiA=
Subject key identifier: EF:D9:99:98:EE:C7:C5:F4:FF:C6:35:96:C9:B7:9A:3C:EA:61:85:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEA5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6C27136CD4711EFB403BD6C762E951A.roa
Signing time: Tue 07 Jan 2025 22:36:03 +0000
ROA not before: Tue 07 Jan 2025 22:36:00 +0000
ROA not after: Sat 13 Dec 2025 22:36:00 +0000
asID: 984
IP address blocks: 156.245.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65189 (0xfea5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:36:00 2025 GMT
Not After : Dec 13 22:36:00 2025 GMT
Subject: CN=677dac53-7beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3d:1b:fb:11:96:85:14:76:b9:b1:3b:31:3b:
52:0c:d4:e0:62:95:87:6d:86:a9:98:df:15:6d:f1:
62:60:9a:aa:80:5e:a8:a5:c9:b1:d9:f9:c9:9d:ec:
6c:f3:35:03:d9:31:bf:0c:e7:bb:41:32:85:99:03:
51:b6:52:0b:c7:09:56:fd:6c:0f:ea:17:5a:11:83:
5e:6e:d4:60:ed:ea:68:93:d9:4c:57:98:36:85:9e:
40:a4:91:8d:e5:6e:8f:61:c4:ad:6e:92:4a:8c:a5:
07:ed:bd:83:ee:19:98:54:2c:d3:70:8f:27:49:6e:
bf:fd:6b:43:1c:e4:13:2d:f3:2e:16:84:d3:11:e0:
e8:7d:87:d9:f3:8b:fb:13:41:a5:86:3f:f7:24:3b:
3c:d5:ff:45:43:23:de:c2:b0:aa:2e:62:e4:bc:57:
2b:fb:d8:01:45:6f:8f:0d:c6:4f:ad:8c:1c:97:f5:
e5:6d:f4:f5:7a:75:cd:45:08:12:46:1f:22:fa:fb:
7f:95:db:f7:65:18:28:ca:fc:e4:1a:52:38:89:fd:
c9:94:c6:12:83:dd:be:fc:c2:75:0a:3d:51:39:ae:
8d:84:dd:18:2f:08:82:4f:f3:d6:9f:60:63:f6:d9:
8f:a2:5c:bc:c7:2a:05:b7:43:1a:89:99:84:cf:00:
ea:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D9:99:98:EE:C7:C5:F4:FF:C6:35:96:C9:B7:9A:3C:EA:61:85:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C6C27136CD4711EFB403BD6C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.0.0/24
Signature Algorithm: sha256WithRSAEncryption
92:96:23:92:8f:19:4f:a9:ad:53:99:c0:25:7c:00:57:33:15:
76:d0:01:bd:a3:09:f9:4a:f9:38:bf:c7:94:30:e9:95:f3:10:
46:38:4d:39:f5:87:e3:1b:bb:bb:8a:e8:18:b7:31:48:33:d3:
bc:79:d9:0b:85:7c:b1:02:d5:34:f9:89:28:8e:db:3a:85:bf:
23:df:79:f5:58:df:c2:35:0f:1d:f1:f5:42:9e:4e:a9:43:9e:
53:e5:e7:0c:62:3b:9e:7b:b0:11:c7:bc:4c:e2:d3:19:05:cb:
3d:db:2a:25:ef:25:3b:84:46:64:9d:c7:94:88:6d:bf:2f:60:
2e:a1:58:2c:b8:7f:42:d8:f6:14:31:fb:0f:49:ec:4e:bf:31:
79:e2:d3:b7:4d:07:68:f2:11:72:1b:f7:6c:d2:06:6e:cb:74:
4b:eb:11:ae:97:09:87:53:3d:eb:4b:04:fc:56:41:cf:24:54:
a2:50:c4:ae:1f:c3:21:53:bb:c8:df:cb:fa:57:94:2e:c8:55:
70:ee:90:07:3a:7a:65:2d:95:48:85:90:c6:18:4f:a1:19:39:
ab:0d:d5:16:ba:6f:3d:28:c3:e8:a1:f0:00:d6:4a:8f:1e:07:
75:8c:ce:15:fc:71:b8:a6:d0:94:b6:e4:95:a8:7c:8b:dc:25:
b6:cc:d3:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjIzNjAwWhcNMjUxMjEzMjIzNjAwWjAYMRYw
FAYDVQQDEw02NzdkYWM1My03YmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4j0b+xGWhRR2ubE7MTtSDNTgYpWHbYapmN8VbfFiYJqqgF6opcmx2fnJ
nexs8zUD2TG/DOe7QTKFmQNRtlILxwlW/WwP6hdaEYNebtRg7epok9lMV5g2hZ5A
pJGN5W6PYcStbpJKjKUH7b2D7hmYVCzTcI8nSW6//WtDHOQTLfMuFoTTEeDofYfZ
84v7E0Glhj/3JDs81f9FQyPewrCqLmLkvFcr+9gBRW+PDcZPrYwcl/XlbfT1enXN
RQgSRh8i+vt/ldv3ZRgoyvzkGlI4if3JlMYSg92+/MJ1Cj1ROa6NhN0YLwiCT/PW
n2Bj9tmPoly8xyoFt0MaiZmEzwDqEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO/Z
mZjux8X0/8Y1lsm3mjzqYYWwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNkMyNzEzNkNENDcxMUVGQjQwM0JENkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCSliOSjxlPqa1TmcAlfABXMxV20AG9own5Svk4v8eUMOmV8xBGOE059Yfj
G7u7iugYtzFIM9O8edkLhXyxAtU0+Ykojts6hb8j33n1WN/CNQ8d8fVCnk6pQ55T
5ecMYjuee7ARx7xM4tMZBcs92yol7yU7hEZknceUiG2/L2AuoVgsuH9C2PYUMfsP
SexOvzF54tO3TQdo8hFyG/ds0gZuy3RL6xGulwmHUz3rSwT8VkHPJFSiUMSuH8Mh
U7vI38v6V5QuyFVw7pAHOnplLZVIhZDGGE+hGTmrDdUWum89KMPoofAA1kqPHgd1
jM4V/HG4ptCUtuSVqHyL3CW2zNO8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:18 2025 by rpki-client