Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F24DBA44E06C11EFA7D42B9C762E951A.roa
File: F24DBA44E06C11EFA7D42B9C762E951A.roa (raw, json)
Hash identifier: C8Y86Qdj1fawDMeqCHxSmZRyASmhXOo5ECBG6ReaGqM=
Subject key identifier: 86:A1:6B:0D:02:72:C6:C9:75:67:41:AD:CD:2A:C3:0E:36:4F:6B:F2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011869
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F24DBA44E06C11EFA7D42B9C762E951A.roa
Signing time: Sat 01 Feb 2025 07:20:00 +0000
ROA not before: Sat 01 Feb 2025 07:19:56 +0000
ROA not after: Thu 01 May 2025 07:19:56 +0000
asID: 328608
IP address blocks: 156.243.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71785 (0x11869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 1 07:19:56 2025 GMT
Not After : May 1 07:19:56 2025 GMT
Subject: CN=679dcb20-344f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c4:72:1b:d0:d9:ea:5c:7a:db:a4:81:3e:62:
86:30:29:a3:a1:d5:e8:89:87:81:36:9a:5c:67:7c:
23:6c:50:27:65:c9:a6:09:c6:ed:63:31:0c:6f:dd:
75:f3:17:9a:a1:82:1c:07:bd:8d:c8:0e:82:42:2a:
6c:b2:b8:03:72:9e:89:7e:59:57:0d:cf:0b:5c:f9:
3e:99:3a:71:2d:cd:f2:6f:6e:5d:3a:43:99:52:e3:
39:72:6c:67:84:98:d8:cd:1c:ed:40:48:03:6c:d4:
f4:d9:ce:43:94:4d:b1:7b:71:59:f6:1a:2b:0d:fa:
66:2a:a2:6a:f4:29:41:10:9d:86:9c:f1:91:1f:fd:
2c:30:43:a4:7c:25:89:75:78:72:e3:2a:92:52:d7:
34:90:71:74:76:bc:02:70:3b:27:07:8f:50:d4:c6:
8c:ca:41:8c:3a:dd:48:00:ce:37:ab:bf:99:88:eb:
e3:55:39:1d:d9:1d:a8:53:04:05:51:a3:45:15:73:
fc:ca:33:61:2a:42:c3:df:20:85:44:17:10:67:09:
9d:05:a5:3d:d9:58:00:cd:80:82:30:3f:1f:48:c1:
ee:23:d9:7f:cd:7e:cb:19:76:11:7e:80:2b:7e:8a:
34:89:4d:15:9a:38:14:15:1f:aa:e1:21:67:cd:d7:
ca:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A1:6B:0D:02:72:C6:C9:75:67:41:AD:CD:2A:C3:0E:36:4F:6B:F2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F24DBA44E06C11EFA7D42B9C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.134.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:49:c0:6c:5d:b0:ca:7c:c6:26:09:16:6e:5d:fc:59:4e:87:
99:f7:90:91:98:c1:7a:76:3c:93:c2:be:1c:7e:1c:95:2c:40:
8b:10:37:45:a9:81:27:45:dd:9b:93:b0:c4:1e:48:c0:4a:bb:
8a:62:39:fb:8d:05:65:e5:4c:f0:3f:6b:9a:45:47:64:03:5c:
a7:7a:38:57:ef:60:93:01:ef:40:c6:ec:1d:fd:f0:fb:0e:1e:
27:cb:2a:78:be:04:0d:78:53:fa:7d:63:4c:5b:33:d4:ac:3f:
3f:b4:43:17:95:de:17:ec:75:02:c7:47:46:33:65:b6:2a:5d:
bc:1d:eb:8f:d2:e9:3b:2b:97:96:0f:8e:01:f8:ef:75:49:b6:
3c:09:90:38:9e:b3:82:82:64:54:36:f3:b7:e2:77:d2:16:f6:
2b:60:9a:a4:c2:cb:85:21:de:d0:20:3b:da:33:99:65:19:d3:
5b:c6:20:c8:b4:91:4c:b2:da:c2:49:75:b2:15:65:d7:26:a1:
51:de:a7:11:80:98:ac:03:14:9b:91:0f:f0:dc:74:47:6d:b5:
2e:6b:01:d3:55:b1:31:99:25:97:5c:08:83:2b:15:63:c0:3b:
58:44:35:8b:52:41:04:1e:1f:29:b5:ce:50:48:bb:f4:78:4e:
a2:99:d0:35
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARhpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjAxMDcxOTU2WhcNMjUwNTAxMDcxOTU2WjAYMRYw
FAYDVQQDEw02NzlkY2IyMC0zNDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1cRyG9DZ6lx626SBPmKGMCmjodXoiYeBNppcZ3wjbFAnZcmmCcbtYzEM
b9118xeaoYIcB72NyA6CQipssrgDcp6JfllXDc8LXPk+mTpxLc3yb25dOkOZUuM5
cmxnhJjYzRztQEgDbNT02c5DlE2xe3FZ9horDfpmKqJq9ClBEJ2GnPGRH/0sMEOk
fCWJdXhy4yqSUtc0kHF0drwCcDsnB49Q1MaMykGMOt1IAM43q7+ZiOvjVTkd2R2o
UwQFUaNFFXP8yjNhKkLD3yCFRBcQZwmdBaU92VgAzYCCMD8fSMHuI9l/zX7LGXYR
foArfoo0iU0VmjgUFR+q4SFnzdfKuwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIah
aw0CcsbJdWdBrc0qww42T2vyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMjREQkE0NEUwNkMxMUVGQTdENDJCOUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnPOGMA0GCSqGSIb3DQEBCwUA
A4IBAQANScBsXbDKfMYmCRZuXfxZToeZ95CRmMF6djyTwr4cfhyVLECLEDdFqYEn
Rd2bk7DEHkjASruKYjn7jQVl5UzwP2uaRUdkA1ynejhX72CTAe9Axuwd/fD7Dh4n
yyp4vgQNeFP6fWNMWzPUrD8/tEMXld4X7HUCx0dGM2W2Kl28HeuP0uk7K5eWD44B
+O91SbY8CZA4nrOCgmRUNvO34nfSFvYrYJqkwsuFId7QIDvaM5llGdNbxiDItJFM
strCSXWyFWXXJqFR3qcRgJisAxSbkQ/w3HRHbbUuawHTVbExmSWXXAiDKxVjwDtY
RDWLUkEEHh8ptc5QSLv0eE6imdA1
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:33 2025 by rpki-client