Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF3D0E60F35611EF9E3F2889762E951A.roa
File: FF3D0E60F35611EF9E3F2889762E951A.roa (raw, json)
Hash identifier: 5rAhcfntiKGmhpn1cOWZti0Q6ICeilaesGHOxCAdscE=
Subject key identifier: 45:EE:93:D9:5D:AB:01:BC:55:1B:18:EF:1C:89:0A:2B:FA:B8:71:73
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012DF2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF3D0E60F35611EF9E3F2889762E951A.roa
Signing time: Tue 25 Feb 2025 09:00:45 +0000
ROA not before: Tue 25 Feb 2025 09:00:41 +0000
ROA not after: Sat 19 Feb 2028 09:00:41 +0000
asID: 17561
IP address blocks: 156.249.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77298 (0x12df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 09:00:41 2025 GMT
Not After : Feb 19 09:00:41 2028 GMT
Subject: CN=67bd86bd-df54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:66:2d:1e:e0:6c:ce:0b:c9:95:17:b3:4e:79:
73:a6:8a:be:57:f2:14:35:61:89:ab:67:fd:d4:c4:
51:ed:c7:4c:59:7a:ef:d4:9d:30:77:7f:50:4d:c4:
b2:34:f0:37:96:2f:f4:81:d3:f3:9f:d5:0d:fe:54:
d0:47:f9:cd:ab:95:d8:70:b9:3a:1e:65:72:65:69:
b1:e7:71:70:c2:5a:53:d5:a8:bb:06:ad:ea:a1:39:
f8:9f:f5:61:81:36:e7:64:fa:e3:ea:30:19:8a:4f:
3b:83:33:2b:49:1a:82:1c:d8:d5:06:2b:c4:49:0b:
e3:ec:04:63:08:9e:2e:60:df:c7:89:75:17:64:2c:
d3:eb:f9:e3:38:7b:6f:de:54:6a:46:b5:6f:12:34:
5f:84:19:38:5d:14:eb:4f:d6:fc:0d:54:5e:f8:c7:
b9:29:0e:ba:ca:89:ce:b4:09:9e:a4:31:85:55:3a:
a3:00:06:5e:64:af:b8:08:6e:b6:d2:c0:00:0d:8d:
2d:ef:c8:b2:d5:ac:df:a1:4c:a4:dc:5b:d9:c1:2a:
d3:01:a0:7b:97:cc:6c:7b:26:1b:04:a0:54:62:72:
43:83:b8:e1:d3:f4:07:f3:f3:39:fe:4a:d9:52:f7:
f4:39:b2:22:50:b1:11:b6:1d:8e:19:40:cc:74:39:
c3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EE:93:D9:5D:AB:01:BC:55:1B:18:EF:1C:89:0A:2B:FA:B8:71:73
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FF3D0E60F35611EF9E3F2889762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.246.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:f8:36:7c:ed:a5:bf:60:56:6a:ec:bd:30:b3:cc:94:cd:98:
0a:94:77:b0:5b:c4:ac:20:e5:6f:5c:85:79:2c:60:65:d2:49:
15:70:6c:36:a4:a1:e0:7d:6b:bf:cd:ff:02:44:bb:a8:72:07:
8c:89:02:c3:0e:a3:0d:e7:a6:c4:68:11:e0:ea:d2:45:16:56:
5d:de:14:c1:66:83:af:6a:54:9a:97:22:59:69:f7:bd:4c:17:
68:b5:14:ae:9c:63:78:e0:8e:54:d4:3e:1a:22:05:95:b3:90:
b4:e2:c0:34:33:18:6b:f4:d6:fe:57:78:17:c2:3d:95:a7:36:
a4:9f:b4:21:a0:4a:ee:b3:61:69:f8:61:ea:fb:a7:de:77:d3:
ce:91:7f:cf:0d:86:5e:df:ca:ca:27:73:bc:be:36:01:4c:74:
5c:b8:f1:ce:03:71:59:1e:5e:b4:d9:24:d7:5f:69:e4:dc:97:
2e:26:e6:ed:de:a1:37:8f:f3:6e:e1:27:18:ea:b9:8e:d3:62:
6d:37:a8:08:85:68:48:e2:fe:b3:87:d6:6a:bc:a8:03:a1:f2:
c8:12:f8:f3:d6:5d:c7:5b:8f:45:a0:a5:3e:31:9f:6b:46:83:
91:68:55:fd:45:d0:83:47:3a:e1:1a:94:2c:91:62:ea:56:3e:
30:e0:25:ea
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS3yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDkwMDQxWhcNMjgwMjE5MDkwMDQxWjAYMRYw
FAYDVQQDEw02N2JkODZiZC1kZjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwGYtHuBszgvJlRezTnlzpoq+V/IUNWGJq2f91MRR7cdMWXrv1J0wd39Q
TcSyNPA3li/0gdPzn9UN/lTQR/nNq5XYcLk6HmVyZWmx53FwwlpT1ai7Bq3qoTn4
n/VhgTbnZPrj6jAZik87gzMrSRqCHNjVBivESQvj7ARjCJ4uYN/HiXUXZCzT6/nj
OHtv3lRqRrVvEjRfhBk4XRTrT9b8DVRe+Me5KQ66yonOtAmepDGFVTqjAAZeZK+4
CG620sAADY0t78iy1azfoUyk3FvZwSrTAaB7l8xseyYbBKBUYnJDg7jh0/QH8/M5
/krZUvf0ObIiULERth2OGUDMdDnD3QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEXu
k9ldqwG8VRsY7xyJCiv6uHFzMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRjNEMEU2MEYzNTYxMUVGOUUzRjI4ODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPn2MA0GCSqGSIb3DQEBCwUA
A4IBAQCw+DZ87aW/YFZq7L0ws8yUzZgKlHewW8SsIOVvXIV5LGBl0kkVcGw2pKHg
fWu/zf8CRLuocgeMiQLDDqMN56bEaBHg6tJFFlZd3hTBZoOvalSalyJZafe9TBdo
tRSunGN44I5U1D4aIgWVs5C04sA0Mxhr9Nb+V3gXwj2Vpzakn7QhoErus2Fp+GHq
+6fed9POkX/PDYZe38rKJ3O8vjYBTHRcuPHOA3FZHl602STXX2nk3JcuJubt3qE3
j/Nu4ScY6rmO02JtN6gIhWhI4v6zh9ZqvKgDofLIEvjz1l3HW49FoKU+MZ9rRoOR
aFX9RdCDRzrhGpQskWLqVj4w4CXq
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:57 2025 by rpki-client