Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC5EAB68E54311EFBD5F5EBC762E951A.roa
File: DC5EAB68E54311EFBD5F5EBC762E951A.roa (raw, json)
Hash identifier: DJhagYCLHYMCpdJwjLEc6cVhDu6w7dvzb2WjhDXP6cA=
Subject key identifier: 04:2B:31:2C:01:5E:09:68:41:04:BF:9D:6B:7A:D8:13:F2:9C:77:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011D2D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC5EAB68E54311EFBD5F5EBC762E951A.roa
Signing time: Fri 07 Feb 2025 11:08:29 +0000
ROA not before: Fri 07 Feb 2025 11:08:25 +0000
ROA not after: Sat 13 Dec 2025 11:08:25 +0000
asID: 984
IP address blocks: 156.230.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73005 (0x11d2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 11:08:25 2025 GMT
Not After : Dec 13 11:08:25 2025 GMT
Subject: CN=67a5e9ad-baa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:13:57:02:39:ca:72:87:fc:bd:7f:d0:d4:8b:
b9:69:9c:c8:c4:cb:69:fe:6e:97:d6:34:e1:55:e5:
96:3c:9d:1d:23:7e:8b:72:c2:5e:12:a2:87:3c:e8:
02:ec:2f:7c:a2:e6:07:5a:fd:3a:92:09:87:3b:29:
33:e2:46:7a:93:4d:c2:58:60:31:f7:da:91:97:94:
cb:06:c2:04:46:0f:9b:f7:6e:a4:d8:4d:4e:85:32:
ec:bb:51:ed:d3:c8:ca:f3:e6:f6:2a:36:29:46:56:
22:ed:21:ac:c5:45:56:a3:bf:2c:85:3c:cc:9b:ad:
72:28:c2:a1:d0:c2:1e:62:99:9e:06:46:51:a9:3d:
4c:cf:98:b0:65:98:fa:40:5a:c9:33:22:4b:de:81:
57:9e:9b:37:8e:e8:39:e5:e7:a4:cd:e1:b8:9b:e8:
cc:c0:63:a5:23:f6:97:71:21:59:71:29:a0:81:72:
11:f7:5c:cc:20:83:9b:1b:44:75:8f:fb:32:e9:60:
b3:b1:ca:1a:16:83:2c:17:e8:48:61:f4:24:f6:d9:
54:ec:92:1a:c5:07:1f:ad:e5:e4:77:9c:29:e0:ca:
1e:9c:bf:5e:b7:98:cd:ee:28:91:d7:f2:18:a7:d0:
c9:55:bb:01:1d:b1:62:9f:4c:2d:5b:5a:7e:94:20:
81:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2B:31:2C:01:5E:09:68:41:04:BF:9D:6B:7A:D8:13:F2:9C:77:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC5EAB68E54311EFBD5F5EBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.174.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:6b:11:70:14:69:34:93:e8:41:86:17:ab:62:fb:a9:8b:7d:
5c:51:c0:a9:5b:3a:02:db:cb:77:f3:3a:59:c3:1e:09:e7:c5:
2f:7a:d5:51:e8:e3:42:26:0b:8e:99:68:dc:25:4a:ed:4b:8e:
aa:93:29:46:29:50:02:06:76:08:0b:5d:fd:f0:61:7f:14:1f:
92:1b:ee:a5:b5:f6:74:e9:2d:c5:25:e1:1b:27:d2:ee:96:92:
62:12:0f:df:ff:3e:58:51:23:6d:9d:86:28:2d:55:59:5c:1c:
32:7b:99:3d:83:2a:d3:ab:36:4e:c3:c4:d0:24:00:4e:3a:1d:
2b:86:ea:3e:bf:9f:ac:5b:a2:a0:3f:21:e8:85:6f:f2:cc:16:
1a:37:3b:c0:7e:43:f1:0a:06:95:01:91:3a:60:2f:a9:7d:82:
4b:c7:c0:ed:d7:ce:34:17:ad:bc:48:6a:50:73:32:b3:3e:96:
2f:9a:b3:8a:2b:b5:f3:24:6d:17:90:e9:2e:38:ed:be:de:fd:
6d:4a:31:ff:e5:2c:87:34:23:34:15:73:61:bd:f0:76:d7:50:
0d:9d:c3:fa:69:ff:2b:5b:dc:f1:27:a6:39:50:32:86:4a:6c:
00:98:29:a9:af:b7:08:e2:0e:39:24:3f:4d:f0:98:f1:cf:12:
db:fd:d6:33
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAR0tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTEwODI1WhcNMjUxMjEzMTEwODI1WjAYMRYw
FAYDVQQDEw02N2E1ZTlhZC1iYWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5hNXAjnKcof8vX/Q1Iu5aZzIxMtp/m6X1jThVeWWPJ0dI36LcsJeEqKH
POgC7C98ouYHWv06kgmHOykz4kZ6k03CWGAx99qRl5TLBsIERg+b926k2E1OhTLs
u1Ht08jK8+b2KjYpRlYi7SGsxUVWo78shTzMm61yKMKh0MIeYpmeBkZRqT1Mz5iw
ZZj6QFrJMyJL3oFXnps3jug55eekzeG4m+jMwGOlI/aXcSFZcSmggXIR91zMIIOb
G0R1j/sy6WCzscoaFoMsF+hIYfQk9tlU7JIaxQcfreXkd5wp4MoenL9et5jN7iiR
1/IYp9DJVbsBHbFin0wtW1p+lCCB8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAQr
MSwBXgloQQS/nWt62BPynHedMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9EQzVFQUI2OEU1NDMxMUVGQkQ1RjVFQkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOauMA0GCSqGSIb3DQEBCwUA
A4IBAQC3axFwFGk0k+hBhherYvupi31cUcCpWzoC28t38zpZwx4J58UvetVR6ONC
JguOmWjcJUrtS46qkylGKVACBnYIC1398GF/FB+SG+6ltfZ06S3FJeEbJ9LulpJi
Eg/f/z5YUSNtnYYoLVVZXBwye5k9gyrTqzZOw8TQJABOOh0rhuo+v5+sW6KgPyHo
hW/yzBYaNzvAfkPxCgaVAZE6YC+pfYJLx8Dt1840F628SGpQczKzPpYvmrOKK7Xz
JG0XkOkuOO2+3v1tSjH/5SyHNCM0FXNhvfB211ANncP6af8rW9zxJ6Y5UDKGSmwA
mCmpr7cI4g45JD9N8JjxzxLb/dYz
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:39:57 2025 by rpki-client