Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D797DE94D17D11EF8F8A89B2762E951A.roa
File: D797DE94D17D11EF8F8A89B2762E951A.roa (raw, json)
Hash identifier: KB0hZzOXjmmbxldqVGV3RQ69cTkHNQ6pAbbQhzvqVvQ=
Subject key identifier: C0:57:E2:A3:93:AA:2F:4C:5F:FB:3F:F1:1F:ED:3B:58:8C:47:61:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010686
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D797DE94D17D11EF8F8A89B2762E951A.roa
Signing time: Mon 13 Jan 2025 07:13:09 +0000
ROA not before: Mon 13 Jan 2025 07:13:06 +0000
ROA not after: Thu 20 Feb 2025 07:13:06 +0000
asID: 200080
IP address blocks: 156.253.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67206 (0x10686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 13 07:13:06 2025 GMT
Not After : Feb 20 07:13:06 2025 GMT
Subject: CN=6784bd05-0f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b5:94:d9:9d:d6:4f:e4:04:96:d5:4d:77:ff:
1a:bd:3a:d0:d0:46:c7:dc:e3:a3:48:53:3d:c0:24:
7a:c9:52:84:93:9b:d9:dc:d6:25:d4:4f:02:2f:88:
d7:08:01:f9:35:29:34:08:bb:d2:60:85:16:80:e3:
28:d6:76:48:1f:be:5a:4a:43:73:69:81:c4:82:6e:
c0:15:2a:31:d6:de:01:a5:9c:51:20:2a:fd:f3:e6:
41:37:4d:a1:c2:22:ad:af:3f:1b:7e:75:ba:e1:79:
11:51:51:8d:67:41:e4:73:61:9e:5e:4d:58:a1:de:
ed:9c:e8:44:9a:03:fb:d4:e0:aa:ac:42:21:ef:06:
59:03:b5:f9:a1:24:c8:da:33:44:b7:4b:54:36:c7:
75:50:41:9c:c7:2e:a5:4f:05:c4:e7:c2:79:e5:eb:
b5:6c:61:fb:5e:c7:47:e9:14:b2:fe:74:ca:01:53:
34:6b:95:5c:b1:c2:8a:a9:b5:a6:5f:c5:ba:ad:e6:
8b:16:d2:c1:d9:fa:71:df:cc:2d:84:92:a2:e6:8e:
68:1c:ac:28:be:84:8d:cc:7b:71:e5:f3:7e:e1:21:
52:fe:f7:5f:6a:d4:d2:94:f0:92:0a:6d:03:39:54:
a6:bb:fb:94:32:c4:30:c0:c4:d6:cb:18:62:f0:bd:
0d:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:57:E2:A3:93:AA:2F:4C:5F:FB:3F:F1:1F:ED:3B:58:8C:47:61:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D797DE94D17D11EF8F8A89B2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.236.0/24
Signature Algorithm: sha256WithRSAEncryption
23:17:97:b6:c5:1d:d7:e4:d8:ce:6a:31:48:aa:26:94:03:26:
7d:10:20:6b:6c:84:37:87:d9:9d:55:a3:fd:c0:ec:60:b1:8c:
bd:83:c4:fe:44:f8:25:89:d2:35:01:35:ce:8e:04:56:84:66:
c2:98:a6:ad:38:09:09:74:28:2c:ed:a2:01:20:45:f5:28:ff:
dc:c8:50:88:d2:2a:51:d9:c4:94:cf:e4:3d:5d:1c:52:09:25:
50:8a:98:55:a7:16:9f:a7:a9:d9:5a:3a:4c:0e:72:94:e1:e2:
10:8a:81:41:bc:11:91:87:29:57:2b:a6:c8:5f:af:2d:01:66:
86:29:bc:d5:cb:66:86:fb:5c:4d:e6:fe:dc:63:fe:49:ef:a6:
ba:1b:28:64:53:a6:ca:0b:42:43:d6:70:14:ca:65:85:be:e5:
88:f4:67:19:83:5f:19:b5:db:f8:39:b7:2a:91:a6:c2:e0:f3:
d7:72:5c:95:c9:50:af:f5:a6:a8:d5:bf:77:87:b8:07:71:50:
5d:99:dc:5d:cb:07:11:1f:c0:b9:ee:65:1e:ab:e2:74:e2:95:
63:f4:43:73:59:f7:90:99:61:52:45:4b:bf:b0:43:3a:72:c0:
f5:26:9c:45:f6:8f:f4:5a:97:ad:d1:d0:68:71:ee:62:b7:b2:
bd:9b:c3:31
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQaGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEzMDcxMzA2WhcNMjUwMjIwMDcxMzA2WjAYMRYw
FAYDVQQDEw02Nzg0YmQwNS0wZjFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0rWU2Z3WT+QEltVNd/8avTrQ0EbH3OOjSFM9wCR6yVKEk5vZ3NYl1E8C
L4jXCAH5NSk0CLvSYIUWgOMo1nZIH75aSkNzaYHEgm7AFSox1t4BpZxRICr98+ZB
N02hwiKtrz8bfnW64XkRUVGNZ0Hkc2GeXk1Yod7tnOhEmgP71OCqrEIh7wZZA7X5
oSTI2jNEt0tUNsd1UEGcxy6lTwXE58J55eu1bGH7XsdH6RSy/nTKAVM0a5VcscKK
qbWmX8W6reaLFtLB2fpx38wthJKi5o5oHKwovoSNzHtx5fN+4SFS/vdfatTSlPCS
Cm0DOVSmu/uUMsQwwMTWyxhi8L0N3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMBX
4qOTqi9MX/s/8R/tO1iMR2EgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENzk3REU5NEQxN0QxMUVGOEY4QTg5QjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP3sMA0GCSqGSIb3DQEBCwUA
A4IBAQAjF5e2xR3X5NjOajFIqiaUAyZ9ECBrbIQ3h9mdVaP9wOxgsYy9g8T+RPgl
idI1ATXOjgRWhGbCmKatOAkJdCgs7aIBIEX1KP/cyFCI0ipR2cSUz+Q9XRxSCSVQ
iphVpxafp6nZWjpMDnKU4eIQioFBvBGRhylXK6bIX68tAWaGKbzVy2aG+1xN5v7c
Y/5J76a6GyhkU6bKC0JD1nAUymWFvuWI9GcZg18Ztdv4ObcqkabC4PPXclyVyVCv
9aao1b93h7gHcVBdmdxdywcRH8C57mUeq+J04pVj9ENzWfeQmWFSRUu/sEM6csD1
JpxF9o/0Wpet0dBoce5it7K9m8Mx
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:24 2025 by rpki-client