Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB74571AF46211EFBD3DBFB9762E951A.roa
File: DB74571AF46211EFBD3DBFB9762E951A.roa (raw, json)
Hash identifier: 15rP1pmeBqutL+0HDCuDn3v1TJnRbh2IlQ5frTCOLk0=
Subject key identifier: 53:D8:FE:CA:80:F8:4A:B0:5E:BA:36:B6:04:FD:99:5C:58:B1:58:26
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013543
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB74571AF46211EFBD3DBFB9762E951A.roa
Signing time: Wed 26 Feb 2025 16:58:10 +0000
ROA not before: Wed 26 Feb 2025 16:58:06 +0000
ROA not after: Thu 19 Feb 2026 16:58:06 +0000
asID: 984
IP address blocks: 156.245.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79171 (0x13543)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 16:58:06 2025 GMT
Not After : Feb 19 16:58:06 2026 GMT
Subject: CN=67bf4822-a595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ff:2d:d8:28:a9:59:39:61:d9:e8:15:69:cd:
0a:08:15:d5:70:87:f5:30:17:7a:58:2f:4c:d0:93:
1a:49:2d:e1:0b:62:92:44:53:e1:bc:76:e0:e0:cd:
46:ce:4c:40:d0:67:ad:4f:1e:7e:05:2a:62:f5:cf:
e2:dd:00:e5:01:bd:80:6b:c6:6d:c4:03:ab:a7:ec:
73:57:53:f7:58:db:a3:32:44:81:32:39:bf:59:b9:
cd:cf:b3:d8:5b:5e:03:d0:33:2e:1c:c1:c6:ca:67:
95:fc:67:c3:cf:40:3b:59:c1:0c:92:93:18:8f:96:
92:5a:ba:e4:13:97:06:39:31:1e:d5:0c:b5:2b:a1:
5a:ee:0c:77:d1:de:28:f1:bf:a7:39:64:df:9b:70:
0a:d9:ef:88:74:19:2b:ae:de:a0:ed:6a:24:07:25:
63:60:78:9d:c5:15:f5:8d:5d:e1:7b:d3:85:f6:bc:
77:e4:6c:c8:af:7a:fd:b5:0c:e1:a3:91:ae:c3:04:
a7:c4:7c:e9:88:f7:8e:94:10:42:31:9a:82:d1:9d:
87:f8:6f:f3:41:2d:c8:4b:64:eb:5b:8f:4a:7a:90:
78:a3:87:48:e7:78:3a:88:6e:34:36:5a:07:95:24:
a0:f5:14:c7:a0:74:67:f9:e3:1d:be:0f:9b:d9:b1:
7a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D8:FE:CA:80:F8:4A:B0:5E:BA:36:B6:04:FD:99:5C:58:B1:58:26
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DB74571AF46211EFBD3DBFB9762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.72.0/24
Signature Algorithm: sha256WithRSAEncryption
98:7e:b4:89:5d:a0:b2:62:62:01:50:3e:80:2a:84:f5:50:fc:
5c:b0:39:c0:78:92:cf:2c:08:22:a1:fe:a2:29:6d:61:9b:50:
c2:62:9c:de:22:9b:23:ca:cd:3d:dd:2f:a2:30:2c:c3:83:9a:
09:af:04:8d:a5:00:cf:f5:0c:21:bb:4d:35:c4:92:14:2c:7b:
13:38:5a:9c:5a:a8:7c:d7:ab:0d:ea:8f:dd:b4:b0:7d:4f:11:
d2:61:f5:d5:97:e8:6a:62:ca:0c:a3:c2:d7:83:1c:69:d1:ef:
62:73:00:ee:0a:11:f7:8b:9b:7c:2d:e9:9d:58:e1:1d:05:18:
1e:e2:a1:be:9f:04:2e:33:fe:44:de:cc:cb:cd:13:40:87:f6:
52:c6:81:a9:11:8a:ed:ab:d9:22:06:c5:de:65:4a:3d:7a:af:
80:31:11:6e:d6:1c:b8:e4:4c:f8:68:7a:c9:fa:ca:2c:9c:e0:
86:d3:ed:85:27:5e:8b:4c:a2:39:82:e6:9d:e3:b7:68:c2:50:
35:15:95:e2:29:81:f4:e0:64:29:42:d2:00:21:7a:97:fc:82:
02:06:aa:a2:e4:17:bd:5d:7d:06:65:47:85:b5:53:dd:4d:1c:
85:69:a5:60:93:7f:2a:7d:0f:1c:40:b4:95:e0:2c:e9:e2:1c:
ab:57:5e:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATVDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTY1ODA2WhcNMjYwMjE5MTY1ODA2WjAYMRYw
FAYDVQQDEw02N2JmNDgyMi1hNTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5/8t2CipWTlh2egVac0KCBXVcIf1MBd6WC9M0JMaSS3hC2KSRFPhvHbg
4M1GzkxA0GetTx5+BSpi9c/i3QDlAb2Aa8ZtxAOrp+xzV1P3WNujMkSBMjm/WbnN
z7PYW14D0DMuHMHGymeV/GfDz0A7WcEMkpMYj5aSWrrkE5cGOTEe1Qy1K6Fa7gx3
0d4o8b+nOWTfm3AK2e+IdBkrrt6g7WokByVjYHidxRX1jV3he9OF9rx35GzIr3r9
tQzho5GuwwSnxHzpiPeOlBBCMZqC0Z2H+G/zQS3IS2TrW49KepB4o4dI53g6iG40
NloHlSSg9RTHoHRn+eMdvg+b2bF6/QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFPY
/sqA+EqwXro2tgT9mVxYsVgmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQjc0NTcxQUY0NjIxMUVGQkQzREJGQjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPVIMA0GCSqGSIb3DQEBCwUA
A4IBAQCYfrSJXaCyYmIBUD6AKoT1UPxcsDnAeJLPLAgiof6iKW1hm1DCYpzeIpsj
ys093S+iMCzDg5oJrwSNpQDP9Qwhu001xJIULHsTOFqcWqh816sN6o/dtLB9TxHS
YfXVl+hqYsoMo8LXgxxp0e9icwDuChH3i5t8LemdWOEdBRge4qG+nwQuM/5E3szL
zRNAh/ZSxoGpEYrtq9kiBsXeZUo9eq+AMRFu1hy45Ez4aHrJ+sosnOCG0+2FJ16L
TKI5guad47dowlA1FZXiKYH04GQpQtIAIXqX/IICBqqi5Be9XX0GZUeFtVPdTRyF
aaVgk38qfQ8cQLSV4Czp4hyrV14l
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:30 2025 by rpki-client