Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C7B9B3EAD5E11EF817A424C762E951A.roa
File: 1C7B9B3EAD5E11EF817A424C762E951A.roa (raw, json)
Hash identifier: IIhKsY3eXrKomaFez0U1eBWUcqhgGD5KLUauAfLg6Rk=
Subject key identifier: 8F:B0:3E:6A:10:91:B4:57:7C:69:44:B6:3F:BA:B7:20:9F:40:47:20
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DC5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C7B9B3EAD5E11EF817A424C762E951A.roa
Signing time: Thu 28 Nov 2024 07:55:19 +0000
ROA not before: Thu 28 Nov 2024 07:55:15 +0000
ROA not after: Tue 11 Feb 2025 07:55:15 +0000
asID: 9009
IP address blocks: 156.238.4.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 28 Dec 2024 00:21:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56413 (0xdc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 28 07:55:15 2024 GMT
Not After : Feb 11 07:55:15 2025 GMT
Subject: CN=674821e7-23eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5c:fa:de:1b:fc:99:40:74:cd:62:16:d5:36:
05:ab:d6:7d:b3:20:ee:a4:e1:6c:e9:32:69:05:27:
07:ee:0d:17:d7:ff:2b:98:e5:20:b3:f0:6a:7a:3d:
e4:dd:34:62:9a:09:73:76:13:9b:e6:e3:9b:82:7a:
db:3d:9d:51:d9:4f:f9:95:ff:c7:39:70:34:35:a3:
90:26:29:88:2a:bc:74:97:7c:fd:00:24:c2:1b:2a:
f0:ca:5b:9d:82:a2:9d:76:84:7f:1e:16:dc:d9:db:
99:a9:35:66:27:5c:f8:15:6e:be:cf:d1:7e:de:38:
a4:57:2d:6e:b7:62:21:c7:52:c0:60:e2:88:4a:d1:
6f:43:71:83:01:e0:85:83:ea:fb:6e:6b:f0:dc:c2:
8c:3e:a3:0c:6c:9c:45:8e:2e:92:2d:c6:8d:47:07:
bd:2d:52:90:46:9e:dd:87:86:be:a7:01:65:06:55:
d8:a9:cc:d4:5d:fa:c8:6a:c9:0a:89:d3:db:d6:34:
f1:4b:88:40:85:48:34:1f:14:7a:69:8e:cc:a4:6c:
b0:54:ee:94:f1:4a:76:81:1d:d3:8a:1a:eb:27:38:
c2:a7:31:25:4b:37:b3:93:69:b3:8c:d0:cc:43:10:
45:79:60:a0:6f:c4:b3:1d:23:33:66:f7:03:e4:54:
f9:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B0:3E:6A:10:91:B4:57:7C:69:44:B6:3F:BA:B7:20:9F:40:47:20
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1C7B9B3EAD5E11EF817A424C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.4.0/22
Signature Algorithm: sha256WithRSAEncryption
23:49:63:f9:b1:a9:17:ab:7a:b6:ce:fb:fe:c0:e7:26:a1:9a:
2b:2c:10:3c:29:0d:e7:9e:4e:86:07:91:f0:9d:31:9a:6b:56:
0c:59:d3:8e:89:ec:92:08:c9:5f:37:ef:9d:70:8a:a0:92:13:
58:46:11:66:ca:b5:dd:73:c5:ab:9f:51:76:c8:2a:3f:97:15:
4c:d8:40:f3:8b:9d:3e:da:ac:44:28:90:c6:5c:9e:91:b6:4f:
74:49:a8:94:67:28:c6:e4:67:93:b9:7f:f9:9b:02:97:44:39:
84:cf:b8:2e:55:aa:2b:97:76:82:8e:e1:58:bd:6a:af:6e:f1:
95:49:62:87:5e:08:51:1f:c2:5f:cb:20:97:1f:04:0e:c1:37:
2c:53:2f:2c:d8:47:ea:29:b7:55:c6:85:7f:b0:66:61:fe:f1:
a0:7a:79:9c:1d:ec:f5:73:65:98:f2:52:98:4f:ae:72:3b:46:
f3:cd:c8:65:e8:62:6d:b4:ab:44:b9:a4:83:fc:8f:bf:cc:64:
24:da:96:3b:35:e5:99:5c:52:c2:30:14:2c:e0:a8:c8:61:a8:
11:d7:33:b1:4e:36:b2:07:91:ff:4a:04:c4:d2:e9:06:f5:62:
a3:ce:ce:85:3e:1d:25:59:c3:f1:ce:20:36:f3:c4:20:56:96:
b9:1b:51:bf
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANxdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTI4MDc1NTE1WhcNMjUwMjExMDc1NTE1WjAYMRYw
FAYDVQQDEw02NzQ4MjFlNy0yM2ViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5lz63hv8mUB0zWIW1TYFq9Z9syDupOFs6TJpBScH7g0X1/8rmOUgs/Bq
ej3k3TRimglzdhOb5uObgnrbPZ1R2U/5lf/HOXA0NaOQJimIKrx0l3z9ACTCGyrw
yludgqKddoR/Hhbc2duZqTVmJ1z4FW6+z9F+3jikVy1ut2Ihx1LAYOKIStFvQ3GD
AeCFg+r7bmvw3MKMPqMMbJxFji6SLcaNRwe9LVKQRp7dh4a+pwFlBlXYqczUXfrI
askKidPb1jTxS4hAhUg0HxR6aY7MpGywVO6U8Up2gR3TihrrJzjCpzElSzezk2mz
jNDMQxBFeWCgb8SzHSMzZvcD5FT5WQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI+w
PmoQkbRXfGlEtj+6tyCfQEcgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQzdCOUIzRUFENUUxMUVGODE3QTQyNEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO4EMA0GCSqGSIb3DQEBCwUA
A4IBAQAjSWP5sakXq3q2zvv+wOcmoZorLBA8KQ3nnk6GB5HwnTGaa1YMWdOOieyS
CMlfN++dcIqgkhNYRhFmyrXdc8Wrn1F2yCo/lxVM2EDzi50+2qxEKJDGXJ6Rtk90
SaiUZyjG5GeTuX/5mwKXRDmEz7guVaorl3aCjuFYvWqvbvGVSWKHXghRH8JfyyCX
HwQOwTcsUy8s2EfqKbdVxoV/sGZh/vGgenmcHez1c2WY8lKYT65yO0bzzchl6GJt
tKtEuaSD/I+/zGQk2pY7NeWZXFLCMBQs4KjIYagR1zOxTjayB5H/SgTE0ukG9WKj
zs6FPh0lWcPxziA288QgVpa5G1G/
-----END CERTIFICATE-----
Generated at Thu Dec 26 15:15:56 2024 by rpki-client on console-ams.rpki-client.org