Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/753F4376C96311EF8198FBAD762E951A.roa
File: 753F4376C96311EF8198FBAD762E951A.roa (raw, json)
Hash identifier: UDBW+7f/11cRGdlFUQXhwPzQMBEag0aJSKykW9LO3EI=
Subject key identifier: 91:07:9D:38:51:50:72:14:3B:BE:32:3F:0F:D8:99:B6:D5:84:F9:A9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F476
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/753F4376C96311EF8198FBAD762E951A.roa
Signing time: Thu 02 Jan 2025 23:44:08 +0000
ROA not before: Thu 02 Jan 2025 23:44:04 +0000
ROA not after: Mon 13 Dec 2027 23:44:04 +0000
asID: 17561
IP address blocks: 156.226.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62582 (0xf476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:44:04 2025 GMT
Not After : Dec 13 23:44:04 2027 GMT
Subject: CN=677724c8-6f2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5f:90:95:62:ce:f7:58:d3:86:b0:d2:3a:63:
36:c4:f5:61:95:8b:60:be:47:08:0f:39:ac:1b:7a:
92:8e:68:98:31:63:72:32:f7:65:a8:fc:10:5a:47:
3b:e3:5b:cc:13:00:37:35:ba:8c:7c:54:04:51:b3:
99:53:46:97:36:1f:0f:8d:d1:a0:24:74:cb:71:1c:
10:4f:d5:23:ed:8a:cc:5f:30:c8:44:d8:12:10:83:
5c:d9:cb:33:6e:5c:1c:cb:e7:50:82:65:d5:c1:01:
69:fb:76:8c:07:f9:00:7d:7a:ad:af:f3:10:26:bf:
40:5c:02:c3:c4:02:e6:60:30:81:30:53:b9:e5:96:
30:b4:87:36:e4:4b:f7:50:d0:d8:ea:d5:bf:53:16:
86:d6:c7:40:bc:06:14:7c:a0:32:3e:6a:1c:20:4f:
7b:a3:32:4d:dc:ab:45:79:47:1d:6b:10:28:ae:c7:
50:da:f9:49:2b:12:0a:9b:61:65:71:d9:b0:0d:69:
61:7b:67:71:b0:f9:6b:62:76:d0:4c:37:28:d2:59:
fe:89:8d:20:7a:24:40:3e:86:0e:4c:a8:2b:c8:15:
d0:40:7d:4c:23:e3:d3:3c:72:a5:00:bb:19:22:4a:
60:25:92:2f:fe:80:ad:9d:44:cc:b8:93:b7:9e:ca:
85:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:07:9D:38:51:50:72:14:3B:BE:32:3F:0F:D8:99:B6:D5:84:F9:A9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/753F4376C96311EF8198FBAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.238.0/24
Signature Algorithm: sha256WithRSAEncryption
78:57:47:51:fc:2b:f1:90:17:f0:29:81:11:30:bd:0c:0d:51:
e4:50:85:9a:b9:6d:79:22:d5:78:b4:5e:29:09:52:de:6f:89:
bb:f5:3e:32:06:cb:f8:8e:23:b3:a5:23:ae:3d:2f:52:93:26:
44:54:d4:56:38:18:d8:1b:7e:73:b4:57:42:25:b8:7e:87:7f:
c6:f4:0d:e9:02:a8:1f:eb:1e:64:9c:c7:a6:fa:ba:41:10:f6:
f7:7b:c9:b4:2e:d3:b5:a1:ae:42:a4:6e:6a:0a:ba:2a:de:93:
f1:5d:ee:f5:b2:d8:09:11:49:b2:3e:f4:ed:20:3f:58:4b:9a:
a1:54:46:2b:ba:09:c5:32:7d:dd:96:9f:ca:c2:31:f1:4a:0a:
09:8d:e2:f4:f4:83:d0:dc:16:a1:2a:4b:52:f1:cd:ad:1a:14:
1d:02:a4:26:58:99:19:f9:eb:53:4a:b1:d2:dd:7f:a3:72:0e:
79:4b:db:0d:21:ef:79:10:7c:42:d7:78:c1:66:ae:6c:3e:5d:
55:49:76:ff:ad:ac:0e:23:26:03:cc:9c:b5:8a:6c:79:e2:10:
5e:49:96:69:5d:b2:42:f9:c1:28:d8:88:70:f7:d8:26:40:ef:
7e:25:c9:62:93:84:89:f5:9b:29:64:33:61:c5:4e:1a:6e:52:
14:44:36:fd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPR2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjM0NDA0WhcNMjcxMjEzMjM0NDA0WjAYMRYw
FAYDVQQDEw02Nzc3MjRjOC02ZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA01+QlWLO91jThrDSOmM2xPVhlYtgvkcIDzmsG3qSjmiYMWNyMvdlqPwQ
Wkc741vMEwA3NbqMfFQEUbOZU0aXNh8PjdGgJHTLcRwQT9Uj7YrMXzDIRNgSEINc
2cszblwcy+dQgmXVwQFp+3aMB/kAfXqtr/MQJr9AXALDxALmYDCBMFO55ZYwtIc2
5Ev3UNDY6tW/UxaG1sdAvAYUfKAyPmocIE97ozJN3KtFeUcdaxAorsdQ2vlJKxIK
m2FlcdmwDWlhe2dxsPlrYnbQTDco0ln+iY0geiRAPoYOTKgryBXQQH1MI+PTPHKl
ALsZIkpgJZIv/oCtnUTMuJO3nsqFVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJEH
nThRUHIUO74yPw/YmbbVhPmpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83NTNGNDM3NkM5NjMxMUVGODE5OEZCQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLuMA0GCSqGSIb3DQEBCwUA
A4IBAQB4V0dR/CvxkBfwKYERML0MDVHkUIWauW15ItV4tF4pCVLeb4m79T4yBsv4
jiOzpSOuPS9SkyZEVNRWOBjYG35ztFdCJbh+h3/G9A3pAqgf6x5knMem+rpBEPb3
e8m0LtO1oa5CpG5qCroq3pPxXe71stgJEUmyPvTtID9YS5qhVEYrugnFMn3dlp/K
wjHxSgoJjeL09IPQ3BahKktS8c2tGhQdAqQmWJkZ+etTSrHS3X+jcg55S9sNIe95
EHxC13jBZq5sPl1VSXb/rawOIyYDzJy1imx54hBeSZZpXbJC+cEo2Ihw99gmQO9+
Jclik4SJ9ZspZDNhxU4ablIURDb9
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:42 2025 by rpki-client