Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AE0856ACD0311EF974A39BD762E951A.roa
File: 4AE0856ACD0311EF974A39BD762E951A.roa (raw, json)
Hash identifier: FAokivsd5qNhymh+BJF9AJuAgkG6AMBIhcvTSPvnI5s=
Subject key identifier: D1:E2:A9:A8:EF:27:A0:91:0F:D1:C3:DE:F3:E2:92:97:49:4D:55:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC83
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AE0856ACD0311EF974A39BD762E951A.roa
Signing time: Tue 07 Jan 2025 14:25:50 +0000
ROA not before: Tue 07 Jan 2025 14:25:46 +0000
ROA not after: Mon 13 Dec 2027 14:25:46 +0000
asID: 17561
IP address blocks: 156.238.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64643 (0xfc83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 14:25:46 2025 GMT
Not After : Dec 13 14:25:46 2027 GMT
Subject: CN=677d396e-5135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:37:95:f7:8f:15:65:05:87:37:59:2a:cd:fc:
7c:a0:c4:21:f8:9f:4a:69:0c:64:84:c8:30:c3:41:
2e:df:6a:68:16:22:0b:42:3e:3a:74:f3:2a:a5:d1:
5d:e2:75:b9:cd:57:bf:7b:33:8e:ff:89:19:75:c8:
e1:eb:12:6b:6a:c1:60:28:40:d7:5a:b5:10:c4:5f:
59:73:f4:1a:83:98:63:c6:99:ea:66:2d:80:48:51:
d1:09:9a:f9:8e:98:75:72:be:bc:4a:66:70:fe:b5:
cd:46:c9:5f:54:f2:6d:53:0f:cc:54:ff:c9:8e:7c:
ea:50:15:d1:c1:e2:36:8c:a6:41:d9:b6:82:8d:36:
b0:21:ec:6b:ef:a3:a9:c0:61:8f:78:2a:e4:86:c4:
ed:ac:ad:59:3c:1b:c8:6c:cb:d0:41:54:2b:6e:5c:
85:d5:c7:51:57:fc:8a:7f:2e:87:bc:ae:fe:6b:4c:
00:88:38:97:36:51:9d:c5:87:7c:51:b2:95:03:23:
81:c3:7a:5a:71:38:db:f1:76:d0:9f:3f:f7:5c:45:
b3:ab:ea:c9:f2:81:26:2e:7c:d4:ad:fd:4b:0d:b2:
20:09:aa:64:10:4c:66:cd:27:ca:d4:73:79:f1:ff:
ee:c6:32:fb:1d:45:05:d6:1f:f1:70:3b:35:7c:df:
69:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:E2:A9:A8:EF:27:A0:91:0F:D1:C3:DE:F3:E2:92:97:49:4D:55:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4AE0856ACD0311EF974A39BD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.182.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:c2:e1:1c:e1:78:f9:24:ea:ff:6e:b0:c1:2c:15:d7:7d:ab:
8c:2f:f8:25:3a:9b:84:ee:b9:26:1b:f0:59:63:d4:9b:6d:75:
d5:d5:84:bd:4e:87:72:03:cd:ab:bb:02:e2:50:58:d1:54:7c:
b9:31:51:67:0c:dd:07:81:57:b8:48:53:a6:75:38:38:e0:1e:
d4:57:cf:29:ea:1f:48:fe:57:e2:17:8e:28:13:e5:3f:ef:aa:
98:94:30:41:a5:6f:09:d8:a3:25:f7:e9:b7:e9:2e:ec:70:b6:
69:0c:fa:1b:f8:ad:b2:c9:fe:47:83:16:eb:7c:d6:6d:1a:d3:
fb:fb:6e:c0:a1:f7:f8:56:23:13:14:08:12:a3:32:8d:27:fd:
ab:7f:72:df:c9:73:7e:6b:b8:a1:a3:de:76:b9:49:29:a7:2c:
07:f5:bb:cf:03:2e:db:21:05:f6:26:e1:6b:01:ca:7a:ef:87:
ab:6a:f5:bf:71:9f:e0:3e:3e:70:28:70:fb:27:dc:10:7b:c6:
03:aa:9c:c8:bb:69:ef:c0:b1:c2:0e:8c:9b:fe:4a:b8:31:0c:
5b:e8:56:27:a7:67:a9:df:8a:69:65:5c:ae:52:c2:7e:1a:d5:
04:90:50:8d:b4:ad:b7:7b:e9:a9:7d:06:5d:f8:bf:3c:d6:2d:
f9:dc:5a:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPyDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTQyNTQ2WhcNMjcxMjEzMTQyNTQ2WjAYMRYw
FAYDVQQDEw02NzdkMzk2ZS01MTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzDeV948VZQWHN1kqzfx8oMQh+J9KaQxkhMgww0Eu32poFiILQj46dPMq
pdFd4nW5zVe/ezOO/4kZdcjh6xJrasFgKEDXWrUQxF9Zc/Qag5hjxpnqZi2ASFHR
CZr5jph1cr68SmZw/rXNRslfVPJtUw/MVP/JjnzqUBXRweI2jKZB2baCjTawIexr
76OpwGGPeCrkhsTtrK1ZPBvIbMvQQVQrblyF1cdRV/yKfy6HvK7+a0wAiDiXNlGd
xYd8UbKVAyOBw3pacTjb8XbQnz/3XEWzq+rJ8oEmLnzUrf1LDbIgCapkEExmzSfK
1HN58f/uxjL7HUUF1h/xcDs1fN9ppQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNHi
qajvJ6CRD9HD3vPikpdJTVWQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QUUwODU2QUNEMDMxMUVGOTc0QTM5QkQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO62MA0GCSqGSIb3DQEBCwUA
A4IBAQCNwuEc4Xj5JOr/brDBLBXXfauML/glOpuE7rkmG/BZY9SbbXXV1YS9Tody
A82ruwLiUFjRVHy5MVFnDN0HgVe4SFOmdTg44B7UV88p6h9I/lfiF44oE+U/76qY
lDBBpW8J2KMl9+m36S7scLZpDPob+K2yyf5HgxbrfNZtGtP7+27Aoff4ViMTFAgS
ozKNJ/2rf3LfyXN+a7iho952uUkppywH9bvPAy7bIQX2JuFrAcp674eravW/cZ/g
Pj5wKHD7J9wQe8YDqpzIu2nvwLHCDoyb/kq4MQxb6FYnp2ep34ppZVyuUsJ+GtUE
kFCNtK23e+mpfQZd+L881i353Frc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:39 2025 by rpki-client