Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/638AAC3CC99111EF9B464269762E951A.roa
File: 638AAC3CC99111EF9B464269762E951A.roa (raw, json)
Hash identifier: QtAqe5t4PKRgjwqrni+/tn4f9IkRuMVWmBPo8QMoNxU=
Subject key identifier: 23:4E:B4:5C:CC:FC:69:8D:0A:44:BB:ED:5D:77:46:84:0D:C1:CE:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/638AAC3CC99111EF9B464269762E951A.roa
Signing time: Fri 03 Jan 2025 05:12:55 +0000
ROA not before: Fri 03 Jan 2025 05:12:51 +0000
ROA not after: Sat 13 Dec 2025 05:12:51 +0000
asID: 984
IP address blocks: 156.233.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62951 (0xf5e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:12:51 2025 GMT
Not After : Dec 13 05:12:51 2025 GMT
Subject: CN=677771d7-81ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:db:14:39:07:e4:56:89:39:47:47:c8:ad:45:
43:27:a6:20:ef:5e:54:df:df:d9:4f:09:78:1b:90:
9a:eb:ae:00:e7:23:76:ea:d7:fd:5c:db:24:d5:a0:
d0:94:58:7e:bb:17:9e:3e:10:ab:d9:e3:3b:fe:30:
5a:4c:fc:3b:e1:95:fa:63:9b:b6:ec:07:4e:59:a4:
67:a5:76:a1:bb:d7:de:f8:62:75:55:10:eb:23:9e:
82:f5:c2:8a:09:4e:d1:f3:2c:6e:dc:b7:a0:aa:99:
73:44:73:74:70:0e:c9:45:93:9f:df:af:ba:aa:39:
b2:d5:01:de:f5:56:ab:d2:07:13:47:77:36:4f:4c:
87:9a:09:67:40:35:10:21:96:a1:6c:c6:8f:8e:44:
34:42:f5:60:97:41:c4:82:14:72:ab:51:c2:0d:71:
46:87:3e:7d:ef:fc:73:cb:85:38:9b:1d:8f:8f:42:
95:e3:1c:e9:d7:0a:a3:7e:27:e7:d0:63:36:52:5c:
38:26:df:ae:85:19:89:13:51:ad:e7:02:87:97:7d:
e3:91:a0:37:7f:9d:5e:52:f9:fb:39:36:ea:41:88:
77:a0:df:31:4f:b7:7d:9b:0e:30:c7:8a:34:11:ab:
19:1d:8d:06:42:e0:61:99:b8:78:9b:cf:02:61:8c:
31:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4E:B4:5C:CC:FC:69:8D:0A:44:BB:ED:5D:77:46:84:0D:C1:CE:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/638AAC3CC99111EF9B464269762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.104.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:fc:be:ce:cb:b1:b0:46:7a:7a:85:09:71:1d:7d:0a:02:ed:
77:78:88:96:8e:25:2c:a3:e4:55:da:e5:d7:62:8a:4a:54:21:
3d:2c:b0:f3:ba:77:74:f9:ec:d9:5a:35:cd:9f:56:2c:52:37:
0c:6a:22:44:3d:55:3b:29:c4:dd:c8:cd:2e:e1:f1:91:62:63:
fb:97:60:57:07:ce:71:49:c2:11:86:47:53:6d:ef:50:f4:fe:
1b:ab:ba:39:32:96:d1:3f:ce:34:33:94:41:c6:aa:02:df:61:
32:c3:12:e1:59:3f:85:2f:e6:8c:64:67:53:fb:28:25:bb:ea:
27:91:25:f1:49:21:06:0e:64:72:91:7d:50:81:ee:2d:75:a3:
d2:57:7b:00:d4:cd:d9:db:ed:7a:0f:99:f6:1f:8c:a7:27:4a:
77:09:06:a0:61:cd:8d:9e:0e:93:2c:c3:bf:4a:8a:0f:91:6d:
fd:c4:fa:36:33:d2:47:b2:94:d9:8b:2c:d7:34:d8:ed:a7:1a:
19:37:c1:d3:cc:96:06:6d:23:bd:e5:c7:f8:1d:ba:3e:01:e9:
e7:06:f0:6c:fc:a6:7c:a9:fc:cb:1b:cd:12:bf:ca:bf:3b:c1:
b2:e0:20:4e:eb:1d:89:d5:0e:07:dd:ac:4e:92:2c:be:85:79:
00:de:40:b3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUxMjUxWhcNMjUxMjEzMDUxMjUxWjAYMRYw
FAYDVQQDEw02Nzc3NzFkNy04MWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1NsUOQfkVok5R0fIrUVDJ6Yg715U39/ZTwl4G5Ca664A5yN26tf9XNsk
1aDQlFh+uxeePhCr2eM7/jBaTPw74ZX6Y5u27AdOWaRnpXahu9fe+GJ1VRDrI56C
9cKKCU7R8yxu3LegqplzRHN0cA7JRZOf36+6qjmy1QHe9Var0gcTR3c2T0yHmgln
QDUQIZahbMaPjkQ0QvVgl0HEghRyq1HCDXFGhz597/xzy4U4mx2Pj0KV4xzp1wqj
fifn0GM2Ulw4Jt+uhRmJE1Gt5wKHl33jkaA3f51eUvn7OTbqQYh3oN8xT7d9mw4w
x4o0EasZHY0GQuBhmbh4m88CYYwxoQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCNO
tFzM/GmNCkS77V13RoQNwc5EMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82MzhBQUMzQ0M5OTExMUVGOUI0NjQyNjk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOloMA0GCSqGSIb3DQEBCwUA
A4IBAQCx/L7Oy7GwRnp6hQlxHX0KAu13eIiWjiUso+RV2uXXYopKVCE9LLDzund0
+ezZWjXNn1YsUjcMaiJEPVU7KcTdyM0u4fGRYmP7l2BXB85xScIRhkdTbe9Q9P4b
q7o5MpbRP840M5RBxqoC32EywxLhWT+FL+aMZGdT+yglu+onkSXxSSEGDmRykX1Q
ge4tdaPSV3sA1M3Z2+16D5n2H4ynJ0p3CQagYc2Nng6TLMO/SooPkW39xPo2M9JH
spTZiyzXNNjtpxoZN8HTzJYGbSO95cf4Hbo+AennBvBs/KZ8qfzLG80Sv8q/O8Gy
4CBO6x2J1Q4H3axOkiy+hXkA3kCz
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:49 2025 by rpki-client