Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBFD82D8D56411EFA5E8DD4D762E951A.roa
File: CBFD82D8D56411EFA5E8DD4D762E951A.roa (raw, json)
Hash identifier: iM+GADdrhTZ+L4L2wPvhlwzhqo7sXzwjn8t9+/Tzr1w=
Subject key identifier: 6A:F4:CD:10:05:59:E5:4E:34:B2:43:9A:36:4D:9B:F7:7A:13:95:6D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010AF7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBFD82D8D56411EFA5E8DD4D762E951A.roa
Signing time: Sat 18 Jan 2025 06:23:57 +0000
ROA not before: Sat 18 Jan 2025 06:23:53 +0000
ROA not after: Sat 22 Feb 2025 06:23:53 +0000
asID: 395886
IP address blocks: 156.239.24.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 21 Feb 2025 00:26:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68343 (0x10af7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 18 06:23:53 2025 GMT
Not After : Feb 22 06:23:53 2025 GMT
Subject: CN=678b48fd-4e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a0:94:52:54:7a:c6:66:9e:13:6f:76:4c:54:
35:17:76:c2:fd:71:8a:57:ce:7d:d5:96:8c:ba:86:
cd:57:f5:fc:30:39:ec:c1:f4:ed:15:5c:43:8c:83:
b0:b6:dc:e6:24:1f:51:6f:e8:4c:8a:4e:d3:a3:0a:
36:4e:68:8c:93:cc:a2:95:58:e8:86:c5:e7:7a:eb:
25:37:7b:8c:d4:e9:69:92:e6:46:72:4c:4d:f2:9d:
fa:8d:c5:bd:38:91:ec:a3:fa:d4:b8:22:83:fe:e4:
50:e9:13:88:22:5c:51:32:9b:43:b6:87:d5:81:2c:
a0:0c:fc:0c:d1:87:fa:75:4e:ae:cc:d9:cc:57:ed:
46:d4:74:b6:e0:6e:4f:ea:5d:40:db:79:76:ab:02:
c4:1d:d7:58:7f:13:ca:e6:99:24:af:3b:1b:c3:c9:
13:2b:d3:5a:19:ac:f7:f3:92:7d:68:b1:42:64:d9:
51:aa:1e:5c:5f:52:33:00:4c:98:d4:95:41:fa:14:
d6:cd:8d:89:5b:75:fb:e2:fb:4f:a2:1c:25:ce:1e:
ee:a2:de:a6:a9:20:64:b3:a9:73:79:37:73:0d:77:
fc:b0:42:54:79:49:49:64:be:07:8c:20:7a:d0:30:
71:99:43:dd:e6:cc:4a:cf:55:a5:d6:fd:f2:7e:d3:
3d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:F4:CD:10:05:59:E5:4E:34:B2:43:9A:36:4D:9B:F7:7A:13:95:6D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBFD82D8D56411EFA5E8DD4D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.24.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:1c:e9:58:6c:55:78:c3:df:1e:a8:38:09:36:ae:e2:fb:af:
ab:04:34:f9:f6:f0:60:b4:46:9c:47:82:4f:fa:86:2c:9e:2e:
71:22:e4:8e:89:7f:d3:fd:52:a5:f8:91:75:be:b8:8b:4b:ea:
d1:fd:bb:17:04:e6:2f:d5:1d:8f:ab:ed:77:ab:b3:8b:8c:f3:
57:bc:54:88:60:20:b0:e1:89:09:2d:7b:d4:82:06:40:53:26:
74:58:53:04:e0:0c:ae:6c:bd:1a:d6:98:d0:94:3e:aa:a6:9a:
5f:3f:a1:bc:67:f8:ce:79:ed:f1:55:0b:5e:9f:cd:a4:93:e0:
ff:05:8c:9f:b9:56:87:de:cc:6e:ef:1b:80:c7:79:88:17:c9:
b8:52:e4:fa:e9:6a:10:f1:03:ca:c4:59:d3:5f:fd:00:6f:0e:
4b:a0:ad:2b:60:b9:f3:16:0f:fd:97:d2:71:e5:5f:25:0a:8a:
5a:84:d4:b7:3c:eb:a8:be:98:94:34:bb:01:a8:fe:30:b0:88:
70:b5:29:15:0d:16:6b:1f:e0:d2:d5:61:7c:e4:f4:57:48:cd:
80:7c:5d:25:de:a4:ed:ab:09:92:42:a9:8a:e2:9c:9d:5b:9c:
f5:94:ab:3c:7b:f2:1a:ae:b5:27:23:65:f2:d9:28:a8:c9:84:
85:c0:69:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQr3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE4MDYyMzUzWhcNMjUwMjIyMDYyMzUzWjAYMRYw
FAYDVQQDEw02NzhiNDhmZC00ZTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7aCUUlR6xmaeE292TFQ1F3bC/XGKV8591ZaMuobNV/X8MDnswfTtFVxD
jIOwttzmJB9Rb+hMik7Towo2TmiMk8yilVjohsXneuslN3uM1OlpkuZGckxN8p36
jcW9OJHso/rUuCKD/uRQ6ROIIlxRMptDtofVgSygDPwM0Yf6dU6uzNnMV+1G1HS2
4G5P6l1A23l2qwLEHddYfxPK5pkkrzsbw8kTK9NaGaz385J9aLFCZNlRqh5cX1Iz
AEyY1JVB+hTWzY2JW3X74vtPohwlzh7uot6mqSBks6lzeTdzDXf8sEJUeUlJZL4H
jCB60DBxmUPd5sxKz1Wl1v3yftM9OQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGr0
zRAFWeVONLJDmjZNm/d6E5VtMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQkZEODJEOEQ1NjQxMUVGQTVFOERENEQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO8YMA0GCSqGSIb3DQEBCwUA
A4IBAQA8HOlYbFV4w98eqDgJNq7i+6+rBDT59vBgtEacR4JP+oYsni5xIuSOiX/T
/VKl+JF1vriLS+rR/bsXBOYv1R2Pq+13q7OLjPNXvFSIYCCw4YkJLXvUggZAUyZ0
WFME4AyubL0a1pjQlD6qpppfP6G8Z/jOee3xVQten82kk+D/BYyfuVaH3sxu7xuA
x3mIF8m4UuT66WoQ8QPKxFnTX/0Abw5LoK0rYLnzFg/9l9Jx5V8lCopahNS3POuo
vpiUNLsBqP4wsIhwtSkVDRZrH+DS1WF85PRXSM2AfF0l3qTtqwmSQqmK4pydW5z1
lKs8e/IarrUnI2Xy2SioyYSFwGnz
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:59 2025 by rpki-client