Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/340A758EC97611EFA20B3EAE762E951A.roa
File: 340A758EC97611EFA20B3EAE762E951A.roa (raw, json)
Hash identifier: heS5DEBmT52YAD3bnryaCto4vG3OPjNHmGuJ7exDFgQ=
Subject key identifier: DB:48:C9:EC:7D:72:03:5E:CA:F8:8D:66:BA:F2:E4:32:C9:C1:44:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F4E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/340A758EC97611EFA20B3EAE762E951A.roa
Signing time: Fri 03 Jan 2025 01:58:19 +0000
ROA not before: Fri 03 Jan 2025 01:58:15 +0000
ROA not after: Sat 13 Dec 2025 01:58:15 +0000
asID: 984
IP address blocks: 156.227.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62695 (0xf4e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 01:58:15 2025 GMT
Not After : Dec 13 01:58:15 2025 GMT
Subject: CN=6777443b-e721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:83:98:3e:8f:5d:3d:17:4f:32:5a:4c:1c:
a5:e1:9e:da:b8:e5:d1:7f:d2:8c:93:0d:6e:15:68:
78:5f:ed:19:6e:87:65:ee:e5:b0:f9:80:1b:dd:54:
22:5f:55:fa:13:0f:4a:d9:4a:4d:c2:89:ec:fd:ce:
18:d6:7d:7b:f0:a4:b8:f1:a4:a0:ae:03:d3:ae:c4:
0f:5b:3f:00:dc:09:5c:cd:23:f1:fc:6e:ea:8d:82:
a8:d6:29:86:c1:7a:1f:76:04:08:0a:2c:18:6c:c8:
fb:28:f2:2d:aa:43:f4:de:3b:ee:03:46:ea:da:aa:
45:9c:66:97:79:f9:2c:b0:b3:16:8c:54:33:07:79:
12:c9:7c:df:29:9f:18:7a:c7:fe:2f:05:d8:a5:89:
f2:07:8d:2e:7d:28:e7:1c:d7:fb:38:d7:0f:51:01:
af:78:51:ec:ed:3c:f1:64:80:d1:8c:76:e3:fe:47:
7d:b5:67:5d:9e:4a:22:96:31:ed:4d:d4:67:c8:84:
43:d2:ed:d8:0b:4d:ee:d8:01:ac:e9:4d:c7:43:51:
4d:1a:22:f6:f2:7e:f6:12:95:36:27:e1:43:32:32:
29:83:a4:b4:ee:1d:e6:3a:f8:8b:43:cd:ad:a4:45:
aa:d1:29:04:34:40:09:8a:8d:53:cb:d0:39:38:73:
01:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:48:C9:EC:7D:72:03:5E:CA:F8:8D:66:BA:F2:E4:32:C9:C1:44:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/340A758EC97611EFA20B3EAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.101.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:58:74:b3:8a:1a:c1:24:0b:25:c4:0a:ea:88:6e:69:a2:5a:
6a:e0:ec:4d:fd:3e:65:27:77:43:66:28:f9:1c:fb:82:8c:6a:
70:c2:db:a0:92:64:1c:4c:82:54:fb:54:5b:0a:21:0e:41:ad:
01:41:ca:76:ce:c0:85:7d:f6:14:06:a5:54:cd:fb:b7:b6:d3:
e2:55:4d:85:0e:c8:27:76:77:2f:25:39:8f:6d:1b:cb:e7:e4:
3d:ef:bc:e6:d6:72:7e:b9:bf:e6:0b:04:cc:50:93:4c:86:b7:
70:76:28:ca:95:f1:be:79:b1:50:e5:f1:74:ba:56:ef:0b:4b:
0b:19:eb:45:f7:60:d7:f0:7a:56:67:65:3e:5a:82:93:b2:dc:
c7:63:b8:0d:cd:e6:36:da:38:49:52:54:f1:e9:bc:6c:3e:2d:
bb:ed:fd:d8:73:54:ee:46:ff:95:2d:f2:ad:fe:48:72:1c:1b:
ba:c6:86:52:3f:86:c3:b2:5b:b5:52:6c:14:50:ab:2e:52:f8:
a5:1e:20:f3:e6:d0:b1:72:f1:9b:2e:f4:2a:a9:67:3a:1e:56:
e1:aa:a3:f3:bc:31:ce:5b:b0:bc:d0:1e:99:30:14:78:5e:96:
ae:1a:2b:5f:69:9e:e5:fa:66:67:c7:78:8f:58:1c:a8:19:74:
b4:2c:97:21
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPTnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDE1ODE1WhcNMjUxMjEzMDE1ODE1WjAYMRYw
FAYDVQQDEw02Nzc3NDQzYi1lNzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs5ODmD6PXT0XTzJaTByl4Z7auOXRf9KMkw1uFWh4X+0Zbodl7uWw+YAb
3VQiX1X6Ew9K2UpNwons/c4Y1n178KS48aSgrgPTrsQPWz8A3AlczSPx/G7qjYKo
1imGwXofdgQICiwYbMj7KPItqkP03jvuA0bq2qpFnGaXefkssLMWjFQzB3kSyXzf
KZ8Yesf+LwXYpYnyB40ufSjnHNf7ONcPUQGveFHs7TzxZIDRjHbj/kd9tWddnkoi
ljHtTdRnyIRD0u3YC03u2AGs6U3HQ1FNGiL28n72EpU2J+FDMjIpg6S07h3mOviL
Q82tpEWq0SkENEAJio1Ty9A5OHMBfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNtI
yex9cgNeyviNZrry5DLJwUTxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zNDBBNzU4RUM5NzYxMUVGQTIwQjNFQUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONlMA0GCSqGSIb3DQEBCwUA
A4IBAQBMWHSzihrBJAslxArqiG5polpq4OxN/T5lJ3dDZij5HPuCjGpwwtugkmQc
TIJU+1RbCiEOQa0BQcp2zsCFffYUBqVUzfu3ttPiVU2FDsgndncvJTmPbRvL5+Q9
77zm1nJ+ub/mCwTMUJNMhrdwdijKlfG+ebFQ5fF0ulbvC0sLGetF92DX8HpWZ2U+
WoKTstzHY7gNzeY22jhJUlTx6bxsPi277f3Yc1TuRv+VLfKt/khyHBu6xoZSP4bD
slu1UmwUUKsuUvilHiDz5tCxcvGbLvQqqWc6HlbhqqPzvDHOW7C80B6ZMBR4Xpau
GitfaZ7l+mZnx3iPWByoGXS0LJch
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:21 2025 by rpki-client