Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F264B300CD7C11EF96512953762E951A.roa
File: F264B300CD7C11EF96512953762E951A.roa (raw, json)
Hash identifier: c1A7WWgi9h091M8SvvkrV23dRKNa8lePPU8xBNAmIKo=
Subject key identifier: 38:EB:6C:2B:6F:44:88:C3:27:51:C2:6D:11:37:F0:D8:BC:4E:B4:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F264B300CD7C11EF96512953762E951A.roa
Signing time: Wed 08 Jan 2025 04:56:40 +0000
ROA not before: Wed 08 Jan 2025 04:56:36 +0000
ROA not after: Sat 13 Dec 2025 04:56:36 +0000
asID: 984
IP address blocks: 156.250.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65509 (0xffe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 04:56:36 2025 GMT
Not After : Dec 13 04:56:36 2025 GMT
Subject: CN=677e0588-bbd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f6:ee:82:72:e7:cb:f5:4c:ab:a2:04:99:bc:
a1:09:db:09:3f:d9:32:e9:0d:1c:9f:e8:d9:50:5d:
bd:ab:73:e8:17:64:6c:d2:b5:d5:55:18:e4:ca:61:
37:3c:98:12:88:ad:91:03:27:24:73:1b:a3:fd:a3:
58:aa:74:21:c5:3b:06:2c:f4:f4:02:eb:cf:e4:29:
84:48:d5:56:b3:4b:3e:a3:c3:13:9e:6a:58:65:08:
b7:dd:91:c1:2c:11:1f:83:02:78:1e:03:6e:f9:b1:
26:34:fc:7d:4a:03:b2:67:63:3a:7d:7a:11:61:d3:
b4:95:79:d2:8b:4a:0c:7e:a9:a6:26:ce:a0:45:bf:
84:ee:ef:36:ad:6e:6c:d3:46:c1:ab:61:72:bc:71:
cb:5b:85:5e:62:1b:23:7e:8b:04:72:46:c0:e6:ce:
0d:da:82:34:94:27:fa:bc:7f:31:64:50:3e:cb:dd:
21:dd:d8:01:3d:1b:4a:a6:14:29:26:1c:21:9f:6a:
e3:98:45:9b:65:c8:75:b9:e2:50:46:bd:ba:53:16:
cc:8f:7a:17:66:94:b8:2e:f2:04:bd:dd:32:00:ce:
94:7c:11:b3:cc:06:c6:1e:ac:49:a3:75:d2:96:14:
df:67:33:57:34:f5:c7:64:dd:21:da:9a:e2:8a:36:
be:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EB:6C:2B:6F:44:88:C3:27:51:C2:6D:11:37:F0:D8:BC:4E:B4:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F264B300CD7C11EF96512953762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.56.0/24
Signature Algorithm: sha256WithRSAEncryption
20:40:d5:66:ce:2e:7d:83:a8:ae:ff:8f:c8:15:63:04:1f:52:
e5:ae:8f:57:d8:a1:b5:f5:d9:2d:9e:6a:3e:c1:ba:e8:b3:1b:
26:a6:8c:88:39:ce:b4:fd:55:02:c3:25:b5:23:af:67:da:97:
20:21:15:c1:34:5f:ca:fb:1c:2c:a8:a0:94:81:54:2b:91:74:
59:1c:b3:a0:28:60:c6:b5:8c:70:b8:8a:7f:15:12:4e:5d:0a:
6b:05:d7:12:00:83:7d:c1:98:55:35:19:2b:cb:1b:1a:ec:e1:
d3:42:4e:bb:ec:46:6e:92:29:11:0a:25:bb:f0:d7:65:93:f9:
86:3f:4a:a9:32:ea:29:8f:12:2d:fb:9c:4d:1f:21:26:64:a5:
7c:a8:6b:e9:58:c2:c6:17:5e:15:75:d0:0e:0c:8e:f6:a9:d7:
db:0c:5c:a7:cb:08:84:eb:67:d4:5f:32:93:00:9d:f3:29:90:
f5:68:90:35:ce:10:51:79:b9:a4:1f:8e:2f:8a:dc:68:d6:fc:
1d:64:dc:26:09:c2:92:d5:26:ef:45:8d:80:a8:f9:18:13:d3:
7e:0b:7b:8e:94:55:2f:71:37:d0:16:eb:3b:56:7c:3a:c6:47:
af:f4:00:f6:58:31:aa:a7:9f:32:b6:2f:5f:2d:a6:0d:27:63:
57:8d:a7:62
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQ1NjM2WhcNMjUxMjEzMDQ1NjM2WjAYMRYw
FAYDVQQDEw02NzdlMDU4OC1iYmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyPbugnLny/VMq6IEmbyhCdsJP9ky6Q0cn+jZUF29q3PoF2Rs0rXVVRjk
ymE3PJgSiK2RAyckcxuj/aNYqnQhxTsGLPT0AuvP5CmESNVWs0s+o8MTnmpYZQi3
3ZHBLBEfgwJ4HgNu+bEmNPx9SgOyZ2M6fXoRYdO0lXnSi0oMfqmmJs6gRb+E7u82
rW5s00bBq2FyvHHLW4VeYhsjfosEckbA5s4N2oI0lCf6vH8xZFA+y90h3dgBPRtK
phQpJhwhn2rjmEWbZch1ueJQRr26UxbMj3oXZpS4LvIEvd0yAM6UfBGzzAbGHqxJ
o3XSlhTfZzNXNPXHZN0h2priija+ZwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDjr
bCtvRIjDJ1HCbRE38Ni8TrTpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GMjY0QjMwMENEN0MxMUVGOTY1MTI5NTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPo4MA0GCSqGSIb3DQEBCwUA
A4IBAQAgQNVmzi59g6iu/4/IFWMEH1Llro9X2KG19dktnmo+wbrosxsmpoyIOc60
/VUCwyW1I69n2pcgIRXBNF/K+xwsqKCUgVQrkXRZHLOgKGDGtYxwuIp/FRJOXQpr
BdcSAIN9wZhVNRkryxsa7OHTQk677EZukikRCiW78Ndlk/mGP0qpMuopjxIt+5xN
HyEmZKV8qGvpWMLGF14VddAODI72qdfbDFynywiE62fUXzKTAJ3zKZD1aJA1zhBR
ebmkH44vitxo1vwdZNwmCcKS1SbvRY2AqPkYE9N+C3uOlFUvcTfQFus7Vnw6xkev
9AD2WDGqp58yti9fLaYNJ2NXjadi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:00 2025 by rpki-client