Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EF81C38FAE711EE98BC685B017001B1.roa
File: 9EF81C38FAE711EE98BC685B017001B1.roa (raw, json)
Hash identifier: aemLiyVt/Hwb4g+DnVecFIVOldcWyaJy5h4YgPHn8R0=
Subject key identifier: 00:A6:17:C4:48:AE:88:50:1D:BC:79:2F:00:34:69:14:DC:B5:85:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 826E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EF81C38FAE711EE98BC685B017001B1.roa
Signing time: Mon 15 Apr 2024 05:18:41 +0000
ROA not before: Mon 15 Apr 2024 05:18:37 +0000
ROA not after: Sun 19 May 2024 05:18:37 +0000
asID: 23470
IP address blocks: 156.252.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 04 May 2024 00:16:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33390 (0x826e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 15 05:18:37 2024 GMT
Not After : May 19 05:18:37 2024 GMT
Subject: CN=661cb8b1-e543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:29:63:15:02:14:d7:6c:4c:03:85:91:9e:b0:
0e:d8:55:3c:58:25:10:97:fd:4a:c6:32:5f:9f:a6:
ca:8b:c5:be:17:99:9f:7f:d7:3d:ce:46:4f:1f:21:
46:b5:35:e8:2b:46:77:e9:1d:6e:28:1c:1c:c4:0a:
f9:48:f2:e3:14:05:1e:a8:98:9a:fb:4d:13:e1:a5:
0f:2c:91:cd:12:0c:1d:87:47:ca:13:36:a1:18:95:
0a:20:10:67:9c:9f:f6:24:93:2c:97:d3:d6:91:36:
55:c8:33:e6:90:69:31:25:a1:71:9a:29:9d:44:4f:
fe:d5:11:67:a1:0a:7a:ea:0e:2f:a2:42:62:b0:56:
28:ca:ed:4d:f0:12:f4:5a:6d:69:50:4b:31:8d:b2:
d6:1d:80:00:90:07:a3:c2:38:c6:8e:15:8d:23:b1:
45:05:cb:d1:8d:54:49:19:1c:d9:51:02:05:a5:5b:
88:b1:e4:57:0f:2d:1c:97:f2:32:ca:66:c5:a1:9e:
38:a6:dd:25:9f:07:c3:ad:27:2d:5b:c8:59:85:01:
5b:57:ba:06:4f:b6:b6:1d:0d:f1:61:2f:56:58:02:
de:34:74:45:db:ae:e0:6d:e8:bb:ff:ab:04:7a:45:
e5:2e:dd:00:b2:b0:8b:3f:08:f2:26:b9:04:7a:5e:
a0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A6:17:C4:48:AE:88:50:1D:BC:79:2F:00:34:69:14:DC:B5:85:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9EF81C38FAE711EE98BC685B017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.0.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:1c:d5:55:9d:55:c3:31:19:af:01:b5:09:38:0c:3c:c9:89:
9c:8c:1a:2a:93:40:58:3c:17:3c:ca:db:97:27:0a:7a:17:53:
0b:63:00:ef:88:a8:70:70:c6:36:f7:20:14:82:73:d5:a1:3b:
80:6f:88:01:56:60:0e:86:c2:0f:e8:82:18:16:41:8d:de:29:
9f:8a:e7:b7:4d:15:5c:75:f6:4e:0b:f9:26:9e:1c:de:d1:06:
64:26:f8:39:88:59:41:e9:41:ba:02:ad:8d:66:b6:ac:d4:26:
2b:b2:4f:e0:2a:df:ca:27:3e:32:34:4b:35:52:c2:cb:70:15:
2c:c3:08:28:bd:97:00:87:6f:e9:9f:a1:07:ef:c6:f0:fc:4d:
1b:6a:04:23:1f:34:52:6c:13:99:63:c4:65:07:29:9f:53:6d:
6e:3e:e3:3a:88:68:14:68:c1:23:c8:b3:4c:0e:17:5c:78:23:
39:f6:6f:4c:a3:38:67:75:ed:25:8c:7a:00:80:59:e9:e7:7b:
c8:36:20:30:52:3a:0c:9b:4b:cb:d3:d9:20:c6:72:b3:54:10:
27:ce:8b:42:eb:13:34:d9:43:ee:3b:37:2f:7c:dc:cf:77:1e:
73:1f:f5:37:a5:07:fe:96:b9:18:74:ef:34:13:75:88:ef:8f:
01:71:0e:cf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIJuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE1MDUxODM3WhcNMjQwNTE5MDUxODM3WjAYMRYw
FAYDVQQDEw02NjFjYjhiMS1lNTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuyljFQIU12xMA4WRnrAO2FU8WCUQl/1KxjJfn6bKi8W+F5mff9c9zkZP
HyFGtTXoK0Z36R1uKBwcxAr5SPLjFAUeqJia+00T4aUPLJHNEgwdh0fKEzahGJUK
IBBnnJ/2JJMsl9PWkTZVyDPmkGkxJaFxmimdRE/+1RFnoQp66g4vokJisFYoyu1N
8BL0Wm1pUEsxjbLWHYAAkAejwjjGjhWNI7FFBcvRjVRJGRzZUQIFpVuIseRXDy0c
l/IyymbFoZ44pt0lnwfDrSctW8hZhQFbV7oGT7a2HQ3xYS9WWALeNHRF267gbei7
/6sEekXlLt0AsrCLPwjyJrkEel6gGwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFACm
F8RIrohQHbx5LwA0aRTctYXvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RUY4MUMzOEZBRTcxMUVFOThCQzY4NUIwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPwAMA0GCSqGSIb3DQEBCwUA
A4IBAQA/HNVVnVXDMRmvAbUJOAw8yYmcjBoqk0BYPBc8ytuXJwp6F1MLYwDviKhw
cMY29yAUgnPVoTuAb4gBVmAOhsIP6IIYFkGN3imfiue3TRVcdfZOC/kmnhze0QZk
Jvg5iFlB6UG6Aq2NZras1CYrsk/gKt/KJz4yNEs1UsLLcBUswwgovZcAh2/pn6EH
78bw/E0bagQjHzRSbBOZY8RlBymfU21uPuM6iGgUaMEjyLNMDhdceCM59m9Mozhn
de0ljHoAgFnp53vINiAwUjoMm0vL09kgxnKzVBAnzotC6xM02UPuOzcvfNzPdx5z
H/U3pQf+lrkYdO80E3WI748BcQ7P
-----END CERTIFICATE-----
Generated at Thu May 2 03:12:43 2024 by rpki-client on console-ams.rpki-client.org