Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79D2319ACD7411EF9D41A29D762E951A.roa
File: 79D2319ACD7411EF9D41A29D762E951A.roa (raw, json)
Hash identifier: rfN6LGBCEWktDHghi/KWZ4VwKb/YkMpPWZeDJ2w1E8E=
Subject key identifier: 92:80:45:53:3B:10:92:57:AF:0C:88:B5:2F:95:2D:3E:66:AF:F3:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFA5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79D2319ACD7411EF9D41A29D762E951A.roa
Signing time: Wed 08 Jan 2025 03:56:01 +0000
ROA not before: Wed 08 Jan 2025 03:55:58 +0000
ROA not after: Mon 13 Dec 2027 03:55:58 +0000
asID: 17561
IP address blocks: 156.248.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65445 (0xffa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Jan 8 03:55:58 2025 GMT
Not After : Dec 13 03:55:58 2027 GMT
Subject: CN=677df751-d581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3f:bc:54:7b:47:37:05:1e:70:c3:70:f3:a4:
bd:9a:5e:13:6b:04:9f:fe:d7:51:a6:43:a7:d3:16:
f3:bf:f7:01:85:d7:7c:22:8f:c4:ad:e0:5e:77:e0:
34:04:34:f0:9b:bd:f7:2d:8c:76:08:3a:bc:d5:d2:
36:96:0a:78:bb:7c:31:1c:50:d1:9b:a0:f6:2a:d8:
5e:fa:71:fe:72:47:32:ed:ce:5c:19:69:76:0a:42:
36:21:8a:e9:db:d1:97:bd:74:13:37:46:bf:f3:bd:
47:95:41:86:83:1e:7c:2f:da:bb:f2:78:5e:ff:9a:
8d:94:08:67:2f:96:2c:57:ec:5f:ae:69:0e:2e:8a:
87:bb:00:ad:48:a4:89:d7:44:4c:6d:32:47:e3:17:
18:07:f0:fb:0b:7b:f2:33:c4:dc:eb:ee:ec:86:c4:
db:4b:71:d3:22:06:85:98:46:a1:05:91:e0:ee:1c:
99:c0:13:e8:68:82:ac:55:fe:c8:b7:f7:32:5a:d2:
dd:cc:96:93:0e:cc:be:cd:c6:02:36:f5:9a:53:17:
9d:a0:dd:50:78:53:bf:ed:ad:10:cd:de:d0:47:f2:
62:4f:3b:36:b8:a8:0d:d3:37:1d:c9:d3:91:f5:a0:
bf:db:a4:22:b0:19:27:59:02:de:8d:a1:0f:6c:05:
a1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:80:45:53:3B:10:92:57:AF:0C:88:B5:2F:95:2D:3E:66:AF:F3:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/79D2319ACD7411EF9D41A29D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.84.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:91:cf:d0:33:51:69:95:38:92:ac:da:b0:51:5b:32:d8:5d:
b4:bf:20:0a:4c:2c:c8:c2:ca:90:82:ee:0f:33:90:e3:c2:88:
7b:4d:44:92:57:f2:e9:a6:79:2a:e1:cd:0e:c2:c7:6e:94:90:
8b:48:fa:31:94:ed:29:5b:80:cb:98:74:e6:72:48:4e:75:6b:
a9:9a:a0:75:ec:e3:e5:fa:67:f9:fe:3d:89:28:0c:73:41:d8:
88:33:51:51:1c:f5:e8:49:77:e3:5c:f4:6f:93:a1:9d:c4:68:
a2:62:9c:83:ef:12:92:7f:c1:1b:47:32:9d:bf:a0:e0:f6:f9:
2e:9e:98:d0:54:33:5c:d0:77:e7:ac:da:52:dc:3d:c0:74:b8:
3a:81:46:00:b4:a2:e2:33:3a:0f:75:71:6e:ee:6b:37:3c:3a:
8f:25:02:fa:af:96:7e:bc:e0:61:7b:a0:5b:fc:36:53:f0:10:
13:34:c3:c9:28:fa:c4:7d:b7:e0:cd:d1:39:03:e9:8d:67:9b:
3b:83:fe:6c:8b:86:0e:3b:8b:5c:d1:44:d5:fc:5e:2d:2e:d3:
87:0e:22:51:c3:3b:c2:1f:62:99:ef:49:01:9c:31:51:f2:a7:
01:bf:2f:ff:d2:e4:36:4f:e7:89:46:a1:77:e4:fe:20:61:49:
57:df:bf:0f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+lMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM1NTU4WhcNMjcxMjEzMDM1NTU4WjAYMRYw
FAYDVQQDEw02NzdkZjc1MS1kNTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwD+8VHtHNwUecMNw86S9ml4TawSf/tdRpkOn0xbzv/cBhdd8Io/EreBe
d+A0BDTwm733LYx2CDq81dI2lgp4u3wxHFDRm6D2Kthe+nH+ckcy7c5cGWl2CkI2
IYrp29GXvXQTN0a/871HlUGGgx58L9q78nhe/5qNlAhnL5YsV+xfrmkOLoqHuwCt
SKSJ10RMbTJH4xcYB/D7C3vyM8Tc6+7shsTbS3HTIgaFmEahBZHg7hyZwBPoaIKs
Vf7It/cyWtLdzJaTDsy+zcYCNvWaUxedoN1QeFO/7a0Qzd7QR/JiTzs2uKgN0zcd
ydOR9aC/26QisBknWQLejaEPbAWh/wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJKA
RVM7EJJXrwyItS+VLT5mr/OhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83OUQyMzE5QUNENzQxMUVGOUQ0MUEyOUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhUMA0GCSqGSIb3DQEBCwUA
A4IBAQBdkc/QM1FplTiSrNqwUVsy2F20vyAKTCzIwsqQgu4PM5Djwoh7TUSSV/Lp
pnkq4c0OwsdulJCLSPoxlO0pW4DLmHTmckhOdWupmqB17OPl+mf5/j2JKAxzQdiI
M1FRHPXoSXfjXPRvk6GdxGiiYpyD7xKSf8EbRzKdv6Dg9vkunpjQVDNc0HfnrNpS
3D3AdLg6gUYAtKLiMzoPdXFu7ms3PDqPJQL6r5Z+vOBhe6Bb/DZT8BATNMPJKPrE
fbfgzdE5A+mNZ5s7g/5si4YOO4tc0UTV/F4tLtOHDiJRwzvCH2KZ70kBnDFR8qcB
vy//0uQ2T+eJRqF35P4gYUlX378P
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:27:06 2025 by rpki-client