Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB63A042F48511EFA3917CAB762E951A.roa
File: CB63A042F48511EFA3917CAB762E951A.roa (raw, json)
Hash identifier: vVDv+Tcg2J5Ki+8mU2NAk6258apHmj1Lhej88Sy1nvU=
Subject key identifier: 90:4C:89:BD:8B:83:59:00:16:8F:63:2B:AD:C0:E8:81:1A:7F:72:5A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0137BA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB63A042F48511EFA3917CAB762E951A.roa
Signing time: Wed 26 Feb 2025 21:08:15 +0000
ROA not before: Wed 26 Feb 2025 21:08:11 +0000
ROA not after: Sat 19 Feb 2028 21:08:11 +0000
asID: 17561
IP address blocks: 156.224.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79802 (0x137ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 21:08:11 2025 GMT
Not After : Feb 19 21:08:11 2028 GMT
Subject: CN=67bf82bf-cf92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:34:30:6e:76:74:1e:cd:11:cd:40:b6:a4:0b:
88:b8:25:6e:57:64:c5:a1:ce:27:e0:90:6b:57:bd:
b8:5d:2e:d4:fe:ea:1c:06:b8:50:ea:9a:7e:ca:b0:
c4:db:d1:98:c5:8f:1a:9b:a0:ac:67:06:fc:d1:11:
be:30:b3:7e:cd:42:8c:28:e8:ee:7b:a5:42:a3:36:
1a:4f:5a:37:27:88:0d:a7:68:99:50:3c:83:85:33:
42:87:41:74:83:1f:64:b7:84:fd:c4:e4:f0:c5:31:
b9:51:4f:57:de:18:64:25:e6:5b:7e:f9:29:8d:5c:
c4:b4:60:ba:82:9e:fe:a4:3c:46:94:93:65:49:57:
17:d4:37:5e:bc:fb:32:33:1e:77:ac:59:4e:d2:4a:
2a:94:51:df:de:e1:6d:f4:09:05:4d:a5:d8:1d:8a:
9a:f5:59:9e:7b:d6:e2:c5:3b:3d:7d:6d:d0:92:55:
ac:98:1a:9d:b0:9a:22:37:a4:0f:48:4b:1b:40:f1:
e4:5a:66:7c:e2:af:1f:0f:29:e3:d7:d4:35:3b:ab:
b3:3b:e4:97:b8:ca:1f:af:f5:dc:ae:65:11:43:81:
71:cb:be:1b:34:f4:05:76:ee:88:f4:9f:c9:17:15:
4e:51:af:c1:52:bd:48:bf:e9:a1:37:43:f1:df:d7:
30:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4C:89:BD:8B:83:59:00:16:8F:63:2B:AD:C0:E8:81:1A:7F:72:5A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB63A042F48511EFA3917CAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.224.88.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:29:e2:7e:5f:ad:66:ab:43:02:71:2d:18:b3:c2:92:a5:9d:
d5:c1:7f:62:d5:ae:23:68:e9:8b:6b:0c:7d:9f:2a:38:b6:cd:
45:50:e9:c8:bf:50:d0:42:7e:05:21:f1:67:3a:93:95:88:6f:
b9:25:db:87:d5:8a:ae:c5:9a:50:a0:6e:7e:8f:11:d7:62:8d:
97:6f:5d:e3:a6:62:b6:db:2d:f9:d2:c4:2e:e0:dc:ec:91:5f:
1e:c9:e7:67:df:16:98:d4:a4:a0:f7:54:5b:eb:e5:f5:d7:8f:
42:97:9a:94:cd:a0:ef:12:35:d0:4b:4d:20:6f:32:78:9e:a1:
2d:db:e0:fd:0d:0d:ed:ea:92:78:bb:43:0e:9c:b4:05:51:c4:
11:57:ba:b5:34:13:cf:2b:71:23:1d:1b:b1:cd:04:f4:f4:46:
d7:ab:e5:32:91:a9:a2:86:7e:5d:d7:78:16:28:a3:5a:18:4b:
89:da:28:11:2b:6b:ec:48:8a:41:78:ad:2c:64:95:34:21:00:
55:10:33:0d:2f:b7:44:9a:da:09:f1:9e:bc:6c:bc:97:6c:c9:
3c:f0:a0:f9:2c:35:aa:3e:d3:7f:54:2c:51:fb:ca:53:70:d0:
4b:3a:38:f8:c3:18:86:3e:06:94:c7:58:32:5a:bd:47:ca:91:
e3:cc:19:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATe6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MjEwODExWhcNMjgwMjE5MjEwODExWjAYMRYw
FAYDVQQDEw02N2JmODJiZi1jZjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwDQwbnZ0Hs0RzUC2pAuIuCVuV2TFoc4n4JBrV724XS7U/uocBrhQ6pp+
yrDE29GYxY8am6CsZwb80RG+MLN+zUKMKOjue6VCozYaT1o3J4gNp2iZUDyDhTNC
h0F0gx9kt4T9xOTwxTG5UU9X3hhkJeZbfvkpjVzEtGC6gp7+pDxGlJNlSVcX1Dde
vPsyMx53rFlO0koqlFHf3uFt9AkFTaXYHYqa9Vmee9bixTs9fW3QklWsmBqdsJoi
N6QPSEsbQPHkWmZ84q8fDynj19Q1O6uzO+SXuMofr/XcrmURQ4Fxy74bNPQFdu6I
9J/JFxVOUa/BUr1Iv+mhN0Px39cw0wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJBM
ib2Lg1kAFo9jK63A6IEaf3JaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjYzQTA0MkY0ODUxMUVGQTM5MTdDQUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOBYMA0GCSqGSIb3DQEBCwUA
A4IBAQC3KeJ+X61mq0MCcS0Ys8KSpZ3VwX9i1a4jaOmLawx9nyo4ts1FUOnIv1DQ
Qn4FIfFnOpOViG+5JduH1YquxZpQoG5+jxHXYo2Xb13jpmK22y350sQu4NzskV8e
yedn3xaY1KSg91Rb6+X1149Cl5qUzaDvEjXQS00gbzJ4nqEt2+D9DQ3t6pJ4u0MO
nLQFUcQRV7q1NBPPK3EjHRuxzQT09EbXq+Uykamihn5d13gWKKNaGEuJ2igRK2vs
SIpBeK0sZJU0IQBVEDMNL7dEmtoJ8Z68bLyXbMk88KD5LDWqPtN/VCxR+8pTcNBL
Ojj4wxiGPgaUx1gyWr1HypHjzBk+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:48 2025 by rpki-client