Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29FBC3FECD3611EFBACF2F7E762E951A.roa
File: 29FBC3FECD3611EFBACF2F7E762E951A.roa (raw, json)
Hash identifier: Z/K9eyEqr1PQEE2gLFzn5+NyA/Uqb3TtwCVSOHOZ+xM=
Subject key identifier: 86:1B:C2:EB:23:49:66:5C:7A:5E:BF:CD:1A:BC:7C:43:65:06:66:49
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29FBC3FECD3611EFBACF2F7E762E951A.roa
Signing time: Tue 07 Jan 2025 20:29:59 +0000
ROA not before: Tue 07 Jan 2025 20:29:55 +0000
ROA not after: Mon 13 Dec 2027 20:29:55 +0000
asID: 17561
IP address blocks: 156.243.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65051 (0xfe1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:29:55 2025 GMT
Not After : Dec 13 20:29:55 2027 GMT
Subject: CN=677d8ec7-9700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:bc:20:0d:7e:03:37:a0:4a:bd:41:07:7f:
19:c5:be:fa:73:06:4f:1e:7e:ac:0a:f0:de:fc:33:
64:70:78:14:bf:49:15:cb:51:8f:d5:d8:19:79:5c:
04:63:b4:ae:34:fc:d3:d4:80:24:7a:47:eb:94:c4:
b4:0a:65:1c:39:e2:9f:ce:37:09:e4:56:c1:39:d5:
01:bf:3e:63:c3:bd:85:b2:c4:e8:fb:52:76:96:87:
98:ac:0a:e3:92:a8:9b:4d:cf:0a:a6:3e:cb:69:c5:
24:e2:e4:55:94:a7:be:9f:c2:9e:89:36:f8:8e:2e:
74:80:91:96:7c:b7:83:7e:78:90:09:97:61:41:3a:
eb:d7:f5:96:12:7a:fe:54:b0:74:4d:33:df:b8:62:
a1:ef:c0:93:dc:0f:1d:d2:56:3a:e6:a8:88:6d:2d:
77:6a:d4:94:be:fe:04:51:53:95:23:cc:9e:d8:7e:
dc:93:5c:09:9e:5f:6d:34:71:4f:9c:dc:28:00:a8:
e4:d6:fa:02:12:27:3a:d6:7b:62:25:e6:f7:65:14:
6a:84:7c:b7:ba:68:12:8e:e3:dd:33:7a:11:59:7d:
b1:07:dd:39:4e:c9:d4:bd:d6:dc:0a:de:b4:96:d5:
b2:ed:a8:50:37:5f:5e:47:55:7c:05:e9:ad:22:db:
ea:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1B:C2:EB:23:49:66:5C:7A:5E:BF:CD:1A:BC:7C:43:65:06:66:49
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29FBC3FECD3611EFBACF2F7E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.54.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:53:36:27:2f:f4:6d:c9:02:2b:bc:45:e8:29:e7:2e:ca:8e:
cd:54:01:ed:50:ca:16:d1:e0:df:78:bf:41:f6:d1:27:ca:2a:
86:60:b0:4b:05:a1:82:b7:1e:df:05:b9:49:16:58:95:51:10:
63:85:c1:1d:b1:d9:31:9d:f1:14:45:75:3b:76:b6:ee:43:7c:
29:7c:d6:58:3a:5a:5b:11:0a:7d:f3:6b:23:65:d6:bf:4c:a9:
aa:0d:ed:14:a3:f7:87:ef:63:df:01:a7:bb:5c:21:01:1e:80:
83:1d:9e:d8:88:e7:c8:7d:f4:5b:10:3f:92:e8:9a:08:30:79:
fa:65:a7:cd:52:40:c2:e8:83:b2:84:0c:4c:9b:a9:40:25:cc:
07:ce:46:63:67:38:8c:13:e8:7f:44:6b:cc:d2:19:5c:8c:5b:
0d:39:56:06:b4:9a:85:c4:35:ff:dd:79:4d:8c:e1:30:bc:59:
51:bc:fd:3b:79:40:3a:43:48:9a:1f:66:24:a2:de:01:53:14:
63:48:cc:1d:98:11:7d:46:21:2d:e7:e6:49:e9:78:c0:f9:96:
f6:b7:82:c4:d4:86:c2:ec:4f:d0:0f:51:ca:22:27:27:3e:bc:
91:f6:06:71:97:76:94:bb:0a:fb:0c:b7:f0:fc:ad:f0:b1:73:
23:73:a4:f4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjAyOTU1WhcNMjcxMjEzMjAyOTU1WjAYMRYw
FAYDVQQDEw02NzdkOGVjNy05NzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtUG8IA1+AzegSr1BB38Zxb76cwZPHn6sCvDe/DNkcHgUv0kVy1GP1dgZ
eVwEY7SuNPzT1IAkekfrlMS0CmUcOeKfzjcJ5FbBOdUBvz5jw72FssTo+1J2loeY
rArjkqibTc8Kpj7LacUk4uRVlKe+n8KeiTb4ji50gJGWfLeDfniQCZdhQTrr1/WW
Enr+VLB0TTPfuGKh78CT3A8d0lY65qiIbS13atSUvv4EUVOVI8ye2H7ck1wJnl9t
NHFPnNwoAKjk1voCEic61ntiJeb3ZRRqhHy3umgSjuPdM3oRWX2xB905TsnUvdbc
Ct60ltWy7ahQN19eR1V8BemtItvqBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIYb
wusjSWZcel6/zRq8fENlBmZJMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOUZCQzNGRUNEMzYxMUVGQkFDRjJGN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPM2MA0GCSqGSIb3DQEBCwUA
A4IBAQCiUzYnL/RtyQIrvEXoKecuyo7NVAHtUMoW0eDfeL9B9tEnyiqGYLBLBaGC
tx7fBblJFliVURBjhcEdsdkxnfEURXU7drbuQ3wpfNZYOlpbEQp982sjZda/TKmq
De0Uo/eH72PfAae7XCEBHoCDHZ7YiOfIffRbED+S6JoIMHn6ZafNUkDC6IOyhAxM
m6lAJcwHzkZjZziME+h/RGvM0hlcjFsNOVYGtJqFxDX/3XlNjOEwvFlRvP07eUA6
Q0iaH2Ykot4BUxRjSMwdmBF9RiEt5+ZJ6XjA+Zb2t4LE1IbC7E/QD1HKIicnPryR
9gZxl3aUuwr7DLfw/K3wsXMjc6T0
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:45 2025 by rpki-client