Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7ECC1F50C32711EFAD180E89762E951A.roa
File: 7ECC1F50C32711EFAD180E89762E951A.roa (raw, json)
Hash identifier: 68mXTS/EfNMTRPmiyel+EB+m5whofD3U9LyJYHEoUw0=
Subject key identifier: 31:2E:D5:90:A3:F5:B7:C0:E4:BE:97:1F:E1:5F:19:8B:C5:4F:82:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7ECC1F50C32711EFAD180E89762E951A.roa
Signing time: Thu 26 Dec 2024 01:19:47 +0000
ROA not before: Thu 26 Dec 2024 01:19:43 +0000
ROA not after: Wed 10 Dec 2025 01:19:43 +0000
asID: 984
IP address blocks: 156.243.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60059 (0xea9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:19:43 2024 GMT
Not After : Dec 10 01:19:43 2025 GMT
Subject: CN=676caf33-792c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:22:6f:bf:18:a2:bd:b9:60:96:72:12:b5:92:
35:54:78:00:09:09:f1:47:13:f7:25:27:a8:b2:7b:
ae:6d:56:c9:71:77:bd:66:14:65:58:e4:ab:2a:4e:
bd:fa:2c:1c:11:29:20:45:6f:0a:9d:52:3e:d4:55:
ed:bb:bc:4c:74:78:32:f0:d9:c0:3a:eb:ac:8c:28:
dd:14:e4:86:ed:3b:b1:f8:36:9e:54:a8:f8:c1:bd:
1e:e6:ff:92:02:2f:c2:77:09:9e:67:ed:bb:bf:1a:
eb:fd:29:3c:ab:6d:4d:96:a7:18:1e:6f:45:f5:1b:
c7:78:9c:66:38:9c:38:26:34:99:84:22:d0:91:d3:
03:05:b3:b0:f5:8e:bd:b3:cc:1a:d8:d7:2f:bf:88:
ff:c0:89:12:7f:87:6a:71:b9:28:cf:b8:96:07:bd:
3f:6b:c3:43:1d:99:45:4a:5c:87:b8:d2:29:22:dc:
7d:74:b9:1d:cf:89:90:6c:b5:5a:73:3c:be:ea:1d:
9b:77:64:a8:67:c6:70:2e:ea:ab:f6:70:d4:cb:a4:
d5:92:74:b3:ed:ba:50:72:62:99:54:9f:ca:6e:8b:
c8:1f:6b:39:c4:7e:da:fd:b6:94:50:50:65:70:12:
60:ce:38:a7:c6:4a:ad:25:ab:ac:ff:14:2f:67:7f:
31:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2E:D5:90:A3:F5:B7:C0:E4:BE:97:1F:E1:5F:19:8B:C5:4F:82:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7ECC1F50C32711EFAD180E89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.141.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c5:e7:f6:c7:d8:1e:47:6f:0e:45:26:1b:8c:2d:ad:6e:02:
ef:ce:40:db:c6:3d:4f:08:1d:23:82:20:bb:61:3c:31:d4:fa:
0f:09:a5:66:f4:c0:a1:c7:17:b8:e5:45:1d:53:9c:26:66:25:
40:3d:3c:e5:3c:70:64:c8:4a:13:69:53:36:66:63:e1:2f:be:
9b:1e:8f:76:85:e1:75:73:ad:ee:c9:a9:17:9f:9c:1d:1e:f1:
31:32:d4:f4:3b:32:75:6e:65:bb:66:f2:69:9e:38:b2:f6:96:
ed:ee:6a:5c:9f:f2:e6:bc:39:e0:29:46:16:9f:5b:96:e6:03:
34:54:13:53:63:de:8f:73:1d:fa:a0:cf:1b:b3:43:79:90:cd:
68:4d:b4:26:ab:50:78:84:4d:a2:00:a2:f0:47:38:af:48:17:
08:91:e8:cc:1c:c7:13:77:e5:e7:f6:51:41:73:40:b2:e5:ec:
1d:e6:f1:a6:bf:84:0e:6b:cb:64:50:04:73:da:98:e3:97:2e:
3f:38:37:38:6b:2c:8c:c9:ba:88:42:20:76:48:e3:c3:7d:1a:
9a:a6:3d:f1:17:1a:ed:0b:cc:c3:a2:3e:72:2d:57:c3:b9:5a:
9e:04:f6:06:7d:e5:b1:b1:8a:c0:84:df:40:bf:61:2c:88:3c:
02:d8:86:30
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDExOTQzWhcNMjUxMjEwMDExOTQzWjAYMRYw
FAYDVQQDEw02NzZjYWYzMy03OTJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwyJvvxiivblglnIStZI1VHgACQnxRxP3JSeosnuubVbJcXe9ZhRlWOSr
Kk69+iwcESkgRW8KnVI+1FXtu7xMdHgy8NnAOuusjCjdFOSG7Tux+DaeVKj4wb0e
5v+SAi/CdwmeZ+27vxrr/Sk8q21NlqcYHm9F9RvHeJxmOJw4JjSZhCLQkdMDBbOw
9Y69s8wa2Ncvv4j/wIkSf4dqcbkoz7iWB70/a8NDHZlFSlyHuNIpItx9dLkdz4mQ
bLVaczy+6h2bd2SoZ8ZwLuqr9nDUy6TVknSz7bpQcmKZVJ/KbovIH2s5xH7a/baU
UFBlcBJgzjinxkqtJaus/xQvZ38xwwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDEu
1ZCj9bfA5L6XH+FfGYvFT4LvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RUNDMUY1MEMzMjcxMUVGQUQxODBFODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPONMA0GCSqGSIb3DQEBCwUA
A4IBAQBFxef2x9geR28ORSYbjC2tbgLvzkDbxj1PCB0jgiC7YTwx1PoPCaVm9MCh
xxe45UUdU5wmZiVAPTzlPHBkyEoTaVM2ZmPhL76bHo92heF1c63uyakXn5wdHvEx
MtT0OzJ1bmW7ZvJpnjiy9pbt7mpcn/LmvDngKUYWn1uW5gM0VBNTY96Pcx36oM8b
s0N5kM1oTbQmq1B4hE2iAKLwRzivSBcIkejMHMcTd+Xn9lFBc0Cy5ewd5vGmv4QO
a8tkUARz2pjjly4/ODc4ayyMybqIQiB2SOPDfRqapj3xFxrtC8zDoj5yLVfDuVqe
BPYGfeWxsYrAhN9Av2EsiDwC2IYw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:27 2025 by rpki-client