Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1E06F8F72C11EE837C796A017001B1.roa
File: 2E1E06F8F72C11EE837C796A017001B1.roa (raw, json)
Hash identifier: Jzp1MnGfgwV94i/pb2TqGTS493hEepLeycVdf7d03kc=
Subject key identifier: A4:27:ED:54:D8:85:D1:A1:12:8E:B3:AA:F6:BE:B1:B1:FB:6F:F1:4E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 81F7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1E06F8F72C11EE837C796A017001B1.roa
Signing time: Wed 10 Apr 2024 11:19:22 +0000
ROA not before: Wed 10 Apr 2024 11:19:19 +0000
ROA not after: Fri 01 Nov 2024 11:19:19 +0000
asID: 152450
IP address blocks: 156.254.126.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33271 (0x81f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 10 11:19:19 2024 GMT
Not After : Nov 1 11:19:19 2024 GMT
Subject: CN=661675ba-9073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:67:e0:fc:db:3b:d8:80:43:9b:b6:08:bb:c7:
79:b0:03:ea:f2:04:ae:1a:1a:c3:9e:02:44:07:23:
33:72:dc:c9:7a:a0:e0:77:0e:94:9e:75:1e:c1:f0:
09:72:54:fb:61:81:c0:2a:cb:3c:31:20:1c:d8:e6:
57:46:c7:e8:62:b6:a6:37:a2:82:59:a7:a3:fd:0e:
77:33:8f:7d:0a:b1:a5:36:f0:8f:64:67:b1:0b:2e:
b1:42:ee:38:07:ba:e5:92:12:f1:92:29:b8:fb:40:
42:3d:6d:3e:52:21:71:f1:0c:ac:5e:64:4b:87:fe:
a7:4b:a1:74:27:0a:de:e8:3d:56:1a:67:69:4c:98:
db:d0:bc:a2:44:91:48:22:a1:16:6d:a3:e8:3c:83:
03:b2:ef:1e:e0:80:b0:43:81:c7:6c:22:8b:82:a6:
39:b5:10:2a:e6:07:58:ee:fd:2c:3c:2c:0d:51:39:
80:23:30:2a:2f:16:a6:50:96:7e:70:c6:57:df:ed:
18:d0:78:a2:6b:9c:0b:a8:53:3a:10:bf:be:ef:a2:
b0:ec:41:5a:91:79:dc:86:04:ea:64:74:4b:92:c1:
7e:6f:2a:e1:dc:c0:af:e3:32:28:58:d4:56:ed:da:
07:fa:53:bd:b1:7f:16:55:a3:c4:d2:c2:8a:b7:52:
10:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:27:ED:54:D8:85:D1:A1:12:8E:B3:AA:F6:BE:B1:B1:FB:6F:F1:4E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2E1E06F8F72C11EE837C796A017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.126.0/23
Signature Algorithm: sha256WithRSAEncryption
04:d2:05:20:da:b0:3d:26:97:0b:f7:b5:bc:08:c6:33:fb:c6:
36:d8:ae:46:f3:30:9f:0a:29:ae:2b:31:1e:c5:63:34:76:f6:
11:df:5b:c8:50:1e:b7:3e:33:ec:7d:40:f1:a5:fc:08:ab:44:
6c:90:33:93:6e:74:16:3d:12:a6:4b:f1:22:fc:3e:f6:8f:b4:
10:75:b8:d0:80:42:91:5a:fe:73:ef:64:ba:73:3b:4b:4d:28:
5a:9d:64:44:ad:d2:a1:6d:32:e3:5d:92:b7:47:16:b1:13:2a:
2e:e7:28:00:b0:f9:7d:e0:6a:9a:37:84:e8:0e:99:f7:ac:a0:
cf:9b:a1:21:dc:1b:6f:f9:0c:f0:69:b0:f5:15:2c:85:90:29:
94:fd:49:f3:8a:a7:2d:64:a5:32:87:a0:0c:99:40:0f:d1:b1:
7a:15:1d:d6:38:95:3b:73:a3:9a:11:cb:af:3a:64:aa:b1:dd:
39:92:15:ca:bd:ad:fe:d3:31:53:e2:01:06:41:9f:77:f8:54:
2f:91:db:88:1a:f1:9d:68:21:08:ca:47:57:fc:17:8e:0d:81:
e0:04:94:73:c2:01:db:ae:11:99:19:03:57:2e:1b:db:ee:1b:
28:29:94:b6:03:8f:45:5b:1d:e6:51:71:ec:77:f1:51:06:2d:
84:74:95:0a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIH3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDEwMTExOTE5WhcNMjQxMTAxMTExOTE5WjAYMRYw
FAYDVQQDEw02NjE2NzViYS05MDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtmfg/Ns72IBDm7YIu8d5sAPq8gSuGhrDngJEByMzctzJeqDgdw6UnnUe
wfAJclT7YYHAKss8MSAc2OZXRsfoYramN6KCWaej/Q53M499CrGlNvCPZGexCy6x
Qu44B7rlkhLxkim4+0BCPW0+UiFx8QysXmRLh/6nS6F0Jwre6D1WGmdpTJjb0Lyi
RJFIIqEWbaPoPIMDsu8e4ICwQ4HHbCKLgqY5tRAq5gdY7v0sPCwNUTmAIzAqLxam
UJZ+cMZX3+0Y0Hiia5wLqFM6EL++76Kw7EFakXnchgTqZHRLksF+byrh3MCv4zIo
WNRW7doH+lO9sX8WVaPE0sKKt1IQvwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKQn
7VTYhdGhEo6zqva+sbH7b/FOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yRTFFMDZGOEY3MkMxMUVFODM3Qzc5NkEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP5+MA0GCSqGSIb3DQEBCwUA
A4IBAQAE0gUg2rA9JpcL97W8CMYz+8Y22K5G8zCfCimuKzEexWM0dvYR31vIUB63
PjPsfUDxpfwIq0RskDOTbnQWPRKmS/Ei/D72j7QQdbjQgEKRWv5z72S6cztLTSha
nWRErdKhbTLjXZK3RxaxEyou5ygAsPl94GqaN4ToDpn3rKDPm6Eh3Btv+QzwabD1
FSyFkCmU/UnziqctZKUyh6AMmUAP0bF6FR3WOJU7c6OaEcuvOmSqsd05khXKva3+
0zFT4gEGQZ93+FQvkduIGvGdaCEIykdX/BeODYHgBJRzwgHbrhGZGQNXLhvb7hso
KZS2A49FWx3mUXHsd/FRBi2EdJUK
-----END CERTIFICATE-----
Generated at Mon May 6 09:08:06 2024 by rpki-client on console-fra.rpki-client.org