Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BD5F78AC34311EFA453504B762E951A.roa
File: 4BD5F78AC34311EFA453504B762E951A.roa (raw, json)
Hash identifier: dHOpVFEM7zKqj+b/B3UNyp/RmoRvkTxMWk8SaGOFSGY=
Subject key identifier: 53:8F:51:F6:63:35:43:09:9E:40:79:63:FF:83:CA:C2:F0:AC:A0:78
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBE5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BD5F78AC34311EFA453504B762E951A.roa
Signing time: Thu 26 Dec 2024 04:38:48 +0000
ROA not before: Thu 26 Dec 2024 04:38:44 +0000
ROA not after: Fri 10 Dec 2027 04:38:44 +0000
asID: 17561
IP address blocks: 156.244.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60389 (0xebe5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:38:44 2024 GMT
Not After : Dec 10 04:38:44 2027 GMT
Subject: CN=676cddd7-1f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f1:d1:29:12:19:42:15:de:17:78:76:dc:f0:
2e:e0:de:bc:d9:9e:2e:b9:2a:0d:0e:fe:4f:ed:8f:
ab:4d:b3:70:20:1d:23:ff:fd:50:d0:2b:93:3f:58:
f4:e7:99:1d:68:24:93:f8:f1:d7:09:ca:98:dc:41:
23:5e:5a:92:40:90:5d:bb:87:af:e4:7c:02:22:05:
2e:d9:c5:ec:2c:24:54:5b:67:f5:b8:27:4c:18:3f:
d0:11:67:2b:10:0b:35:9d:7f:95:24:ff:3c:18:a3:
ce:97:33:2b:7c:84:f7:eb:73:05:42:42:b1:1c:ef:
fe:0d:59:04:37:9b:bb:ea:b5:2f:d1:ca:e1:f4:54:
f0:b0:13:d9:aa:ae:c4:d9:bc:da:71:ec:e6:1c:1b:
5c:1d:a9:02:a1:40:0a:a0:26:8b:c1:88:c5:42:3f:
fc:e2:09:77:4b:24:06:32:44:36:d7:bc:8b:89:73:
45:6d:cb:e8:ff:ef:97:49:ae:61:6a:4a:fe:14:34:
1d:1c:9f:ec:59:eb:14:2a:48:08:df:a5:84:90:a4:
f9:10:c9:f1:a1:63:1a:80:dd:3f:b3:c9:89:cb:ad:
bd:c4:1a:99:94:ad:00:93:94:91:b5:96:ea:19:ce:
36:f1:d0:22:4f:68:f9:d5:35:8c:f7:29:80:94:98:
53:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8F:51:F6:63:35:43:09:9E:40:79:63:FF:83:CA:C2:F0:AC:A0:78
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4BD5F78AC34311EFA453504B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.238.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:96:7f:a7:d0:d8:93:fa:c5:69:e4:65:aa:c6:6c:32:62:6f:
5c:bc:d2:fa:b7:aa:76:4f:a5:47:ee:14:bf:12:50:d7:15:45:
cb:10:c9:25:fd:b3:b1:87:b4:9c:cc:59:4a:93:4c:14:43:ec:
47:86:ea:3e:b6:c0:8e:eb:0a:1c:84:b8:d0:af:0d:3d:64:0b:
d9:c8:50:c6:25:d8:d0:92:ae:0c:5a:b6:f5:7a:6e:a4:07:50:
f8:50:4a:69:29:35:f2:14:e1:7b:0e:84:d2:84:ae:88:2b:86:
3f:0d:8b:84:29:00:04:75:7e:76:3d:73:93:07:8c:28:75:70:
2b:3e:84:7e:6c:66:b2:77:8f:fe:19:6c:ad:a2:43:69:92:58:
77:18:6b:23:0c:20:66:96:f5:a3:0d:1c:09:3b:53:83:1c:4f:
1b:88:53:c7:2a:f8:d2:10:c8:a3:a7:13:cf:5c:a8:13:6d:5f:
b8:f9:3c:fa:23:e2:7d:f8:6a:c8:ed:aa:bb:b2:17:26:b4:e4:
47:38:81:cf:cd:69:e1:7f:84:f0:17:fa:cd:55:55:09:13:c6:
6a:1d:31:c8:62:91:ff:bb:b7:5f:1f:ac:ec:6d:58:f0:40:95:
b6:ca:ad:76:88:94:44:59:f0:7c:c6:db:27:d1:df:8d:5e:06:
d9:1d:fa:b2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvlMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQzODQ0WhcNMjcxMjEwMDQzODQ0WjAYMRYw
FAYDVQQDEw02NzZjZGRkNy0xZjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv/HRKRIZQhXeF3h23PAu4N682Z4uuSoNDv5P7Y+rTbNwIB0j//1Q0CuT
P1j055kdaCST+PHXCcqY3EEjXlqSQJBdu4ev5HwCIgUu2cXsLCRUW2f1uCdMGD/Q
EWcrEAs1nX+VJP88GKPOlzMrfIT363MFQkKxHO/+DVkEN5u76rUv0crh9FTwsBPZ
qq7E2bzacezmHBtcHakCoUAKoCaLwYjFQj/84gl3SyQGMkQ217yLiXNFbcvo/++X
Sa5hakr+FDQdHJ/sWesUKkgI36WEkKT5EMnxoWMagN0/s8mJy629xBqZlK0Ak5SR
tZbqGc428dAiT2j51TWM9ymAlJhTEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFOP
UfZjNUMJnkB5Y/+DysLwrKB4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QkQ1Rjc4QUMzNDMxMUVGQTQ1MzUwNEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTuMA0GCSqGSIb3DQEBCwUA
A4IBAQB6ln+n0NiT+sVp5GWqxmwyYm9cvNL6t6p2T6VH7hS/ElDXFUXLEMkl/bOx
h7SczFlKk0wUQ+xHhuo+tsCO6wochLjQrw09ZAvZyFDGJdjQkq4MWrb1em6kB1D4
UEppKTXyFOF7DoTShK6IK4Y/DYuEKQAEdX52PXOTB4wodXArPoR+bGayd4/+GWyt
okNpklh3GGsjDCBmlvWjDRwJO1ODHE8biFPHKvjSEMijpxPPXKgTbV+4+Tz6I+J9
+GrI7aq7shcmtORHOIHPzWnhf4TwF/rNVVUJE8ZqHTHIYpH/u7dfH6zsbVjwQJW2
yq12iJREWfB8xtsn0d+NXgbZHfqy
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:14 2025 by rpki-client