Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D6C66ACC33111EF999ABB50762E951A.roa
File: 1D6C66ACC33111EF999ABB50762E951A.roa (raw, json)
Hash identifier: q/aZM3V68/2uWlcmnyS2IRPEky3HYeOC3/JmDx6hprs=
Subject key identifier: 47:12:43:70:47:56:3A:26:42:21:C1:14:01:CA:48:E5:6A:07:94:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D6C66ACC33111EF999ABB50762E951A.roa
Signing time: Thu 26 Dec 2024 02:28:39 +0000
ROA not before: Thu 26 Dec 2024 02:28:35 +0000
ROA not after: Wed 10 Dec 2025 02:28:35 +0000
asID: 984
IP address blocks: 156.243.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60175 (0xeb0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:28:35 2024 GMT
Not After : Dec 10 02:28:35 2025 GMT
Subject: CN=676cbf56-1d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:8e:ca:88:55:2d:0c:5d:b5:12:cc:4a:70:f5:
a8:31:01:24:c4:d6:ef:8e:2c:20:8e:43:99:e9:2c:
91:43:8d:48:21:1c:b0:68:db:44:10:e3:86:c4:25:
ed:66:33:cb:5f:be:9f:71:72:5b:8b:16:88:47:72:
c0:81:dd:4c:d1:72:4f:41:f3:50:00:03:1e:0d:0a:
6d:f9:4c:32:8e:46:61:bc:c0:93:e5:42:38:c0:ef:
61:22:66:ce:01:06:7f:39:cc:3e:90:07:cc:fc:d2:
b1:3b:8f:b6:3e:40:77:f7:4b:ae:40:a6:0e:69:a4:
8f:a5:98:ed:19:ee:66:64:c2:80:72:5e:2e:a4:0b:
e2:ed:b3:dc:53:c7:75:c6:74:aa:dc:f4:99:ff:a0:
11:af:b8:3e:92:8c:53:de:cb:15:40:4f:08:c6:b3:
b0:2d:2c:9d:cd:59:85:a8:97:e7:be:1b:4d:ac:01:
bb:da:06:1b:3e:f7:3f:93:bd:f8:df:24:13:e5:b8:
90:e2:ff:bd:5c:35:5d:e8:73:18:4f:12:70:c6:ec:
1d:63:5a:42:67:a5:f9:3c:f8:a6:c6:6b:19:a2:f8:
fa:d1:a6:74:90:0c:e3:f5:c9:db:88:d0:a8:9c:37:
e3:6f:8e:29:d6:f5:a6:a3:c7:94:ff:af:c7:41:b1:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:12:43:70:47:56:3A:26:42:21:C1:14:01:CA:48:E5:6A:07:94:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1D6C66ACC33111EF999ABB50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:68:23:ab:ce:28:bb:ba:91:5f:9d:8c:18:ae:da:54:88:37:
9d:bd:29:43:37:b7:e8:5f:1c:2c:58:bc:3b:c5:38:f7:65:fc:
e1:02:ed:75:74:36:a3:cb:17:56:b5:c7:c6:10:78:3b:1c:1a:
49:66:28:ec:26:26:8f:79:17:41:d1:4f:fa:5a:99:33:28:5e:
b1:65:bb:a7:fd:2e:10:69:aa:64:f0:90:08:b7:79:c3:48:e3:
d1:e7:e8:6f:0f:91:1e:a3:d6:12:8f:4f:8d:94:19:62:d3:b8:
6f:c4:75:8b:fb:0e:13:20:d5:61:ab:77:0d:15:da:5a:ad:74:
b8:fc:c8:24:31:f1:65:6a:ad:eb:27:a8:5c:21:56:09:f8:23:
08:bc:9a:c9:55:91:2e:eb:34:ff:99:4f:4c:08:75:42:51:6a:
ab:d8:22:60:0f:eb:4c:e4:f0:4e:ff:a0:7f:20:9e:4d:40:8e:
46:0e:61:1e:2a:a5:7f:36:f5:ff:81:0a:f1:4c:f0:b7:07:67:
ad:80:44:9b:0f:d7:0f:c3:0b:1d:8f:fa:d9:03:a9:5d:6d:0f:
67:2f:0e:8a:b3:71:9b:fb:c7:83:c4:03:22:9a:b4:15:fd:41:
8f:3a:56:c6:18:7b:fa:1f:7e:62:20:d4:ce:90:6c:ce:7a:3f:
6a:b6:db:b5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOsPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIyODM1WhcNMjUxMjEwMDIyODM1WjAYMRYw
FAYDVQQDEw02NzZjYmY1Ni0xZDZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7I7KiFUtDF21EsxKcPWoMQEkxNbvjiwgjkOZ6SyRQ41IIRywaNtEEOOG
xCXtZjPLX76fcXJbixaIR3LAgd1M0XJPQfNQAAMeDQpt+UwyjkZhvMCT5UI4wO9h
ImbOAQZ/Ocw+kAfM/NKxO4+2PkB390uuQKYOaaSPpZjtGe5mZMKAcl4upAvi7bPc
U8d1xnSq3PSZ/6ARr7g+koxT3ssVQE8IxrOwLSydzVmFqJfnvhtNrAG72gYbPvc/
k7343yQT5biQ4v+9XDVd6HMYTxJwxuwdY1pCZ6X5PPimxmsZovj60aZ0kAzj9cnb
iNConDfjb44p1vWmo8eU/6/HQbHhzQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEcS
Q3BHVjomQiHBFAHKSOVqB5T4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xRDZDNjZBQ0MzMzExMUVGOTk5QUJCNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPP5MA0GCSqGSIb3DQEBCwUA
A4IBAQAuaCOrzii7upFfnYwYrtpUiDedvSlDN7foXxwsWLw7xTj3ZfzhAu11dDaj
yxdWtcfGEHg7HBpJZijsJiaPeRdB0U/6WpkzKF6xZbun/S4Qaapk8JAIt3nDSOPR
5+hvD5Eeo9YSj0+NlBli07hvxHWL+w4TINVhq3cNFdparXS4/MgkMfFlaq3rJ6hc
IVYJ+CMIvJrJVZEu6zT/mU9MCHVCUWqr2CJgD+tM5PBO/6B/IJ5NQI5GDmEeKqV/
NvX/gQrxTPC3B2etgESbD9cPwwsdj/rZA6ldbQ9nLw6Ks3Gb+8eDxAMimrQV/UGP
OlbGGHv6H35iINTOkGzOej9qttu1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:01 2025 by rpki-client