Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1116170CCCD411EFAB4C3B95762E951A.roa
File: 1116170CCCD411EFAB4C3B95762E951A.roa (raw, json)
Hash identifier: KeW9qauJIEkumFq1jiN0pwk8i9+Vj5zeI5oyBuaHl4Q=
Subject key identifier: 97:22:52:C3:A2:C2:45:A9:41:87:70:8F:2E:34:B9:84:1D:36:D8:B7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAEE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1116170CCCD411EFAB4C3B95762E951A.roa
Signing time: Tue 07 Jan 2025 08:47:46 +0000
ROA not before: Tue 07 Jan 2025 08:47:43 +0000
ROA not after: Mon 13 Dec 2027 08:47:43 +0000
asID: 17561
IP address blocks: 156.233.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64238 (0xfaee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:47:43 2025 GMT
Not After : Dec 13 08:47:43 2027 GMT
Subject: CN=677cea32-451d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c9:6a:9f:56:e8:76:5c:1c:96:3b:0c:e5:31:
a3:fa:87:97:cd:7e:17:ec:77:20:8a:d1:f2:41:bd:
b7:af:c4:ef:1f:74:94:de:da:bd:6b:f2:9d:5e:8f:
27:60:e9:6c:d2:c4:65:11:42:a4:49:e2:26:08:81:
cb:84:80:6c:dd:1d:ea:09:85:22:ab:4c:e0:28:70:
65:6b:a3:73:92:a5:cd:35:38:45:ce:80:15:84:98:
5c:dc:ba:ce:63:b9:cf:1e:9e:18:ae:19:e5:55:b4:
6a:a4:f2:27:48:8d:e8:ff:69:24:1a:ba:22:c1:f8:
9c:f3:0b:84:33:01:9b:60:05:1d:46:e9:a8:80:c6:
93:af:86:49:af:d4:ed:f5:79:f3:55:e1:34:ef:b6:
eb:39:dc:fb:8b:06:6b:9e:97:e8:98:5c:79:d8:96:
97:ab:0a:54:1b:84:fb:da:42:38:d7:aa:58:40:8c:
5b:87:d9:5b:af:e4:02:e9:c5:64:c5:0d:70:99:d6:
c5:db:44:23:dc:8b:91:8d:2c:ff:c9:bd:c9:af:c7:
b8:e3:c3:20:f6:a4:75:da:e6:0d:6f:24:2f:93:88:
d3:7d:f8:52:b6:58:bb:cf:02:09:59:07:72:cf:f5:
c0:66:1e:fe:19:bd:8c:31:45:5d:72:10:2e:9a:f4:
61:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:22:52:C3:A2:C2:45:A9:41:87:70:8F:2E:34:B9:84:1D:36:D8:B7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1116170CCCD411EFAB4C3B95762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.166.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6c:de:01:c8:78:d5:dd:4a:a5:3a:9b:52:2d:46:12:ae:8d:
50:b7:20:fd:91:b8:a6:cf:94:17:21:ff:ac:07:c9:ea:fe:bc:
8f:a5:a8:92:da:e7:2a:08:ae:17:ee:f3:00:7d:97:1d:a8:d4:
19:f0:63:60:4f:44:53:14:6a:74:5a:0b:24:4c:f8:b3:2c:91:
62:99:06:27:c0:d7:af:2c:bc:d4:ca:94:03:98:b9:92:2e:c7:
bc:e2:e7:02:12:df:4d:b1:2e:6d:e0:f7:58:52:0c:04:0b:05:
a6:3d:4d:5d:97:2d:69:b5:3e:e5:70:37:ab:da:0e:6e:88:24:
2d:21:d2:d7:17:0f:9b:2d:9d:a5:c0:27:cb:75:4b:a7:4c:6b:
24:1d:0a:41:ea:24:36:90:7f:b3:28:4e:f6:cb:29:5b:b2:4f:
22:59:20:cd:13:56:f2:f1:9b:98:09:19:8e:14:ec:20:94:21:
18:5a:df:8b:a1:8f:cb:27:86:6b:f2:0d:6d:5d:07:46:17:13:
a6:6c:40:d8:21:d6:e3:ad:ac:f6:ff:07:7f:33:9b:83:bb:e6:
38:1b:f0:1c:d7:67:0c:a5:e6:3c:25:f8:30:f9:ca:83:24:1d:
dc:65:01:cd:d9:b1:a6:8d:8b:1a:f0:a9:be:58:48:1d:e9:61:
8f:cb:f5:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPruMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDg0NzQzWhcNMjcxMjEzMDg0NzQzWjAYMRYw
FAYDVQQDEw02NzdjZWEzMi00NTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApslqn1bodlwcljsM5TGj+oeXzX4X7HcgitHyQb23r8TvH3SU3tq9a/Kd
Xo8nYOls0sRlEUKkSeImCIHLhIBs3R3qCYUiq0zgKHBla6NzkqXNNThFzoAVhJhc
3LrOY7nPHp4YrhnlVbRqpPInSI3o/2kkGroiwfic8wuEMwGbYAUdRumogMaTr4ZJ
r9Tt9XnzVeE077brOdz7iwZrnpfomFx52JaXqwpUG4T72kI416pYQIxbh9lbr+QC
6cVkxQ1wmdbF20Qj3IuRjSz/yb3Jr8e448Mg9qR12uYNbyQvk4jTffhStli7zwIJ
WQdyz/XAZh7+Gb2MMUVdchAumvRhMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJci
UsOiwkWpQYdwjy40uYQdNti3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMTE2MTcwQ0NDRDQxMUVGQUI0QzNCOTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmmMA0GCSqGSIb3DQEBCwUA
A4IBAQAubN4ByHjV3UqlOptSLUYSro1QtyD9kbimz5QXIf+sB8nq/ryPpaiS2ucq
CK4X7vMAfZcdqNQZ8GNgT0RTFGp0WgskTPizLJFimQYnwNevLLzUypQDmLmSLse8
4ucCEt9NsS5t4PdYUgwECwWmPU1dly1ptT7lcDer2g5uiCQtIdLXFw+bLZ2lwCfL
dUunTGskHQpB6iQ2kH+zKE72yylbsk8iWSDNE1by8ZuYCRmOFOwglCEYWt+LoY/L
J4Zr8g1tXQdGFxOmbEDYIdbjraz2/wd/M5uDu+Y4G/Ac12cMpeY8Jfgw+cqDJB3c
ZQHN2bGmjYsa8Km+WEgd6WGPy/UH
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:28 2025 by rpki-client