Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F81DD276CD7311EFA25B9A99762E951A.roa
File: F81DD276CD7311EFA25B9A99762E951A.roa (raw, json)
Hash identifier: PMir74J/dVL9Up1/F1OdWfs6/CyMUsHRrdVPz7DslbQ=
Subject key identifier: 4E:69:B8:42:42:20:5E:8C:DC:B7:97:6B:10:8B:10:3B:FE:51:0D:42
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFA1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F81DD276CD7311EFA25B9A99762E951A.roa
Signing time: Wed 08 Jan 2025 03:52:24 +0000
ROA not before: Wed 08 Jan 2025 03:52:20 +0000
ROA not after: Mon 13 Dec 2027 03:52:20 +0000
asID: 17561
IP address blocks: 156.248.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65441 (0xffa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:52:20 2025 GMT
Not After : Dec 13 03:52:20 2027 GMT
Subject: CN=677df678-0589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:80:fb:cd:5c:89:26:de:9d:96:ce:c1:1d:78:
b2:8d:f4:57:f8:06:94:d9:2b:46:70:f6:2c:32:4f:
bf:83:7d:9a:80:07:35:cc:44:5d:0a:27:08:ca:99:
9f:ad:22:9b:9f:fc:89:53:b8:93:f6:4a:ce:4b:de:
be:60:5a:c7:e0:22:cd:2e:51:7c:63:80:ff:25:47:
0b:64:05:c4:00:68:af:3d:da:a1:7c:2b:dd:ee:77:
f1:c1:93:f1:71:31:7a:08:4b:a5:91:33:91:58:61:
4a:c5:71:b0:55:06:eb:5c:6d:39:a1:93:8c:29:3e:
47:ec:e2:42:c4:94:93:28:53:b3:34:ed:8b:15:47:
28:99:6b:1c:ad:d2:08:06:6f:34:08:c8:3b:d9:90:
b4:c8:07:be:d3:1e:63:55:48:45:2d:9c:cc:f1:0b:
6e:45:cf:aa:33:b2:50:e5:ee:3f:70:89:32:7f:fa:
88:da:fd:8d:0e:a5:7f:54:ea:c6:39:0a:d7:80:6c:
14:cf:ae:bc:9d:38:c9:79:b9:dd:66:c1:b4:50:e4:
55:2d:f7:c2:c5:19:47:6f:0a:a5:61:d6:bd:72:d8:
75:ab:d6:95:fc:d0:99:eb:a4:4a:39:7e:2e:dd:71:
bf:f3:ab:00:45:32:99:c9:f1:9e:8e:4e:06:e5:15:
eb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:69:B8:42:42:20:5E:8C:DC:B7:97:6B:10:8B:10:3B:FE:51:0D:42
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F81DD276CD7311EFA25B9A99762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.82.0/24
Signature Algorithm: sha256WithRSAEncryption
93:88:9f:3e:0a:50:66:18:14:e4:6f:36:78:64:e0:bc:02:98:
39:cb:5e:83:43:0e:6b:1f:b5:03:25:a2:06:ee:60:ca:66:d0:
5f:1c:a1:5b:1e:70:69:c9:8e:3c:a9:41:75:02:86:8a:3c:e2:
6e:fe:10:3d:0d:66:ae:83:ed:cc:ec:28:c8:fd:5b:c1:79:72:
29:7e:82:4b:b1:e0:0c:73:0d:99:aa:ed:11:89:4e:e0:f5:07:
b2:11:89:b7:23:69:dd:15:fb:ab:6a:31:62:3f:68:e2:bd:58:
e5:09:6b:75:3a:b6:e5:9f:f0:19:10:ad:2c:fd:7d:50:b9:e7:
97:b6:29:4e:43:6b:49:09:fa:3d:60:c4:b6:cf:2f:9a:97:ec:
47:5c:e3:18:5a:89:d0:bc:72:50:76:b8:23:4e:ff:97:87:d7:
90:c4:1e:1b:0e:c7:db:69:6a:5d:8a:ea:35:a9:f4:02:ad:61:
5f:54:93:cf:69:1d:9b:c6:59:90:ce:06:04:3b:2a:ae:a7:5b:
d4:3d:e9:64:31:da:31:6b:6e:7c:da:39:c9:18:a5:9c:84:59:
88:66:f3:b3:c1:b3:2b:c3:e6:07:63:ed:de:4c:ce:d1:42:a1:
9c:2d:c2:24:78:71:07:af:60:f2:69:68:e8:f9:a8:16:9d:c5:
8a:d9:bb:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM1MjIwWhcNMjcxMjEzMDM1MjIwWjAYMRYw
FAYDVQQDEw02NzdkZjY3OC0wNTg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAroD7zVyJJt6dls7BHXiyjfRX+AaU2StGcPYsMk+/g32agAc1zERdCicI
ypmfrSKbn/yJU7iT9krOS96+YFrH4CLNLlF8Y4D/JUcLZAXEAGivPdqhfCvd7nfx
wZPxcTF6CEulkTORWGFKxXGwVQbrXG05oZOMKT5H7OJCxJSTKFOzNO2LFUcomWsc
rdIIBm80CMg72ZC0yAe+0x5jVUhFLZzM8QtuRc+qM7JQ5e4/cIkyf/qI2v2NDqV/
VOrGOQrXgGwUz668nTjJebndZsG0UORVLffCxRlHbwqlYda9cth1q9aV/NCZ66RK
OX4u3XG/86sARTKZyfGejk4G5RXrHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE5p
uEJCIF6M3LeXaxCLEDv+UQ1CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GODFERDI3NkNENzMxMUVGQTI1QjlBOTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhSMA0GCSqGSIb3DQEBCwUA
A4IBAQCTiJ8+ClBmGBTkbzZ4ZOC8Apg5y16DQw5rH7UDJaIG7mDKZtBfHKFbHnBp
yY48qUF1AoaKPOJu/hA9DWaug+3M7CjI/VvBeXIpfoJLseAMcw2Zqu0RiU7g9Qey
EYm3I2ndFfurajFiP2jivVjlCWt1Orbln/AZEK0s/X1QueeXtilOQ2tJCfo9YMS2
zy+al+xHXOMYWonQvHJQdrgjTv+Xh9eQxB4bDsfbaWpdiuo1qfQCrWFfVJPPaR2b
xlmQzgYEOyqup1vUPelkMdoxa2582jnJGKWchFmIZvOzwbMrw+YHY+3eTM7RQqGc
LcIkeHEHr2DyaWjo+agWncWK2buS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:35 2025 by rpki-client