Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB1013EACCD611EF9BB3A6A4762E951A.roa
File: CB1013EACCD611EF9BB3A6A4762E951A.roa (raw, json)
Hash identifier: lYQmz2nhMLAgbM5mhsMTwSVvTDjnNRYeUVwIxQrNpFE=
Subject key identifier: 43:88:40:C9:73:76:7E:76:C0:09:2D:01:E8:30:7E:DE:E4:E8:A1:5B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB11
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB1013EACCD611EF9BB3A6A4762E951A.roa
Signing time: Tue 07 Jan 2025 09:07:17 +0000
ROA not before: Tue 07 Jan 2025 09:07:14 +0000
ROA not after: Thu 24 Dec 2026 09:07:14 +0000
asID: 140595
IP address blocks: 156.249.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64273 (0xfb11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:07:14 2025 GMT
Not After : Dec 24 09:07:14 2026 GMT
Subject: CN=677ceec5-5d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:e9:31:a0:da:e6:c1:df:40:00:46:94:72:
72:ae:03:0f:01:11:60:0c:8d:bd:9a:6a:c8:58:68:
d6:8a:d0:c6:b6:21:a4:ef:90:63:c7:7c:3d:18:e6:
b7:f5:29:6f:2b:fa:e4:60:67:f7:af:b8:1c:d1:4c:
2e:b3:64:f6:48:12:e1:7c:1e:5d:14:29:66:f6:70:
7a:bb:36:e2:97:00:30:ca:cc:05:0b:3f:07:cb:2d:
92:d3:08:ef:5c:57:49:47:90:42:c3:a4:27:38:8e:
e3:ef:e5:73:db:61:44:5d:d0:cb:3e:81:2c:95:24:
da:bd:a6:24:b2:2a:21:48:42:12:a3:f2:e0:e6:cc:
b0:9a:60:7b:e1:9d:d2:08:53:7d:08:24:1a:ce:d1:
0e:ac:63:df:9d:cb:ec:6a:5f:6d:74:bd:23:15:68:
a1:19:07:89:88:44:73:54:81:0c:9b:a9:bf:8a:12:
41:12:f3:c9:24:21:71:46:0b:b3:45:ed:2b:49:74:
30:cc:f4:6e:e5:54:53:f1:4c:5a:ba:45:35:4a:88:
4a:c4:d5:9b:d9:8b:94:72:a0:7f:cd:b3:fe:23:1a:
25:db:60:1e:a8:a5:3a:4f:85:88:90:87:e4:f6:d1:
25:a5:91:56:46:1c:51:c3:fa:ad:f2:b8:d3:b9:1d:
44:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:88:40:C9:73:76:7E:76:C0:09:2D:01:E8:30:7E:DE:E4:E8:A1:5B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB1013EACCD611EF9BB3A6A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.82.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:3c:73:4f:07:18:42:35:70:f9:a3:c0:0a:2a:b8:3d:6c:53:
42:89:96:56:e5:4e:65:5f:fa:cc:a3:dc:27:ce:dc:c8:63:f9:
4e:f2:4a:9a:70:ee:6f:20:5b:15:10:9b:3f:a9:a8:47:08:c8:
6b:1a:6c:46:8b:b9:b2:80:87:bb:0f:6b:ff:70:19:2b:b1:fc:
d8:73:51:0d:1c:68:63:ea:af:94:56:c5:56:82:89:1e:d7:1a:
eb:e5:37:fb:13:a5:c1:f1:92:56:75:81:a1:92:b3:b0:ba:55:
06:1c:e9:5b:35:1c:96:f3:76:4e:eb:bc:4d:fa:38:1a:22:53:
83:03:02:70:b1:d6:c7:c7:91:28:ce:d9:2f:8c:d4:f1:15:18:
83:09:20:ec:3b:76:dd:51:50:91:13:4a:b2:04:1c:5b:1c:ea:
b8:ea:6f:0a:62:58:9e:cb:be:07:ee:13:cf:33:eb:a9:18:58:
16:96:77:cd:06:79:5f:e0:14:50:0c:6d:c8:c4:75:ab:46:a5:
60:80:d9:1a:af:97:13:e8:0d:b3:c3:73:1c:7f:0b:26:84:b8:
d6:e9:be:94:dd:5e:c9:6a:9d:40:e9:39:8b:e6:a4:f9:9b:5f:
dd:47:29:57:f7:9d:ce:91:4f:2a:7d:6f:a6:85:2d:08:85:79:
01:ae:2a:ed
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPsRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDkwNzE0WhcNMjYxMjI0MDkwNzE0WjAYMRYw
FAYDVQQDEw02NzdjZWVjNS01ZDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr8LpMaDa5sHfQABGlHJyrgMPARFgDI29mmrIWGjWitDGtiGk75Bjx3w9
GOa39SlvK/rkYGf3r7gc0Uwus2T2SBLhfB5dFClm9nB6uzbilwAwyswFCz8Hyy2S
0wjvXFdJR5BCw6QnOI7j7+Vz22FEXdDLPoEslSTavaYksiohSEISo/Lg5sywmmB7
4Z3SCFN9CCQaztEOrGPfncvsal9tdL0jFWihGQeJiERzVIEMm6m/ihJBEvPJJCFx
RguzRe0rSXQwzPRu5VRT8UxaukU1SohKxNWb2YuUcqB/zbP+Ixol22AeqKU6T4WI
kIfk9tElpZFWRhxRw/qt8rjTuR1EuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEOI
QMlzdn52wAktAegwft7k6KFbMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjEwMTNFQUNDRDYxMUVGOUJCM0E2QTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlSMA0GCSqGSIb3DQEBCwUA
A4IBAQAtPHNPBxhCNXD5o8AKKrg9bFNCiZZW5U5lX/rMo9wnztzIY/lO8kqacO5v
IFsVEJs/qahHCMhrGmxGi7mygIe7D2v/cBkrsfzYc1ENHGhj6q+UVsVWgoke1xrr
5Tf7E6XB8ZJWdYGhkrOwulUGHOlbNRyW83ZO67xN+jgaIlODAwJwsdbHx5Eoztkv
jNTxFRiDCSDsO3bdUVCRE0qyBBxbHOq46m8KYliey74H7hPPM+upGFgWlnfNBnlf
4BRQDG3IxHWrRqVggNkar5cT6A2zw3McfwsmhLjW6b6U3V7Jap1A6TmL5qT5m1/d
RylX953OkU8qfW+mhS0IhXkBrirt
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:24 2025 by rpki-client