Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F7C7CAA007D11EFB71DCF61017001B1.roa
File: 7F7C7CAA007D11EFB71DCF61017001B1.roa (raw, json)
Hash identifier: gI7nLmltVTkPhPy8fj4MJM3coIivqK5ye4GF2j4Amq8=
Subject key identifier: 98:EC:A7:E9:CB:C2:4E:BA:C7:B1:73:A4:86:5D:A8:75:9B:53:61:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 83AB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F7C7CAA007D11EFB71DCF61017001B1.roa
Signing time: Mon 22 Apr 2024 07:54:08 +0000
ROA not before: Mon 22 Apr 2024 07:54:05 +0000
ROA not after: Mon 20 May 2024 07:54:05 +0000
asID: 140869
IP address blocks: 156.225.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 08 May 2024 00:16:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33707 (0x83ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 22 07:54:05 2024 GMT
Not After : May 20 07:54:05 2024 GMT
Subject: CN=662617a0-46a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f8:bb:c5:48:41:e2:97:a2:fd:df:1e:fa:45:
03:ad:4d:72:2b:4d:80:2b:ff:62:40:0d:f9:4c:0d:
e0:68:a6:aa:65:c5:1a:70:23:c1:74:f5:e1:1c:82:
3a:82:d8:15:fe:b8:c3:05:80:56:5f:3f:61:0c:d1:
df:10:39:47:a8:56:40:5a:39:20:25:ff:f0:c1:fc:
e5:50:16:a7:ec:d8:ad:7c:5f:d3:60:78:7e:1d:3d:
96:a6:38:c3:9b:0a:62:3e:8a:51:88:0f:3f:6c:a0:
38:73:e8:94:7b:4f:48:9a:5c:b4:a6:1b:63:ae:34:
f4:71:4e:97:60:28:44:82:5d:1f:ef:14:79:b8:94:
d2:88:76:62:95:ea:ac:5b:54:ce:21:9f:d6:3f:10:
79:a3:b0:f1:b8:ed:f6:27:2c:75:ac:a0:9d:fb:7a:
9b:f3:cc:12:63:c8:be:e5:05:36:00:7f:65:67:ea:
f2:4e:6f:35:a4:29:b3:75:da:e2:c1:17:07:d7:05:
0f:1d:2e:bb:e5:cd:3d:c5:f1:87:76:4b:1e:ac:6b:
d0:97:fd:95:45:e2:87:dc:2a:5c:26:31:38:0c:0e:
a7:48:1f:73:2e:42:ce:fb:af:f0:29:0a:75:b1:c1:
2f:ae:a3:d2:52:23:18:0c:f4:8c:f8:5a:87:a2:3e:
f2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EC:A7:E9:CB:C2:4E:BA:C7:B1:73:A4:86:5D:A8:75:9B:53:61:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F7C7CAA007D11EFB71DCF61017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.81.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:7e:e0:d2:1b:b8:62:83:5d:d0:40:0e:14:d6:0d:04:65:de:
4d:c7:fa:7e:d4:a3:d3:0f:27:82:83:cf:e5:f5:e8:cf:64:a4:
e7:a6:d5:8d:d8:14:6e:c1:d0:1a:5a:f8:93:65:ef:e8:bf:90:
cc:5d:45:d4:d6:cc:75:00:db:89:bc:e9:ea:05:6b:83:bc:86:
63:bb:d6:7b:c7:41:7f:c3:94:2e:a4:25:71:54:fc:9b:9f:0c:
3e:fb:cb:25:57:2e:72:b5:26:1e:ba:9d:a0:d5:34:08:b0:2e:
92:de:55:61:65:63:86:d3:b4:08:f8:c3:c9:87:3a:3b:9a:7f:
cf:09:f6:35:85:18:86:29:16:00:98:af:a3:a7:9a:3b:ee:95:
03:f1:cc:49:87:26:88:27:89:45:a9:a8:16:00:24:82:e7:16:
f2:41:8f:cd:e1:fc:a9:b8:2e:05:5f:d2:39:45:67:13:02:e7:
ed:0e:f4:1c:0e:d7:da:31:14:7c:06:05:24:66:3d:8e:d8:34:
1f:25:c3:30:b0:c2:f7:4b:25:a3:ea:05:28:fd:00:f4:27:e9:
2f:72:51:90:2b:c3:9e:ea:a1:e7:4d:f0:84:db:e4:f1:a5:23:
15:59:63:f4:16:7f:0a:83:7c:e0:ef:ff:e3:f7:0d:5e:e1:e1:
15:05:33:e5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIOrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDIyMDc1NDA1WhcNMjQwNTIwMDc1NDA1WjAYMRYw
FAYDVQQDEw02NjI2MTdhMC00NmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxfi7xUhB4pei/d8e+kUDrU1yK02AK/9iQA35TA3gaKaqZcUacCPBdPXh
HII6gtgV/rjDBYBWXz9hDNHfEDlHqFZAWjkgJf/wwfzlUBan7NitfF/TYHh+HT2W
pjjDmwpiPopRiA8/bKA4c+iUe09Imly0phtjrjT0cU6XYChEgl0f7xR5uJTSiHZi
leqsW1TOIZ/WPxB5o7DxuO32Jyx1rKCd+3qb88wSY8i+5QU2AH9lZ+ryTm81pCmz
ddriwRcH1wUPHS675c09xfGHdkserGvQl/2VReKH3CpcJjE4DA6nSB9zLkLO+6/w
KQp1scEvrqPSUiMYDPSM+FqHoj7yHwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJjs
p+nLwk66x7FzpIZdqHWbU2HIMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RjdDN0NBQTAwN0QxMUVGQjcxRENGNjEwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFRMA0GCSqGSIb3DQEBCwUA
A4IBAQCmfuDSG7hig13QQA4U1g0EZd5Nx/p+1KPTDyeCg8/l9ejPZKTnptWN2BRu
wdAaWviTZe/ov5DMXUXU1sx1ANuJvOnqBWuDvIZju9Z7x0F/w5QupCVxVPybnww+
+8slVy5ytSYeup2g1TQIsC6S3lVhZWOG07QI+MPJhzo7mn/PCfY1hRiGKRYAmK+j
p5o77pUD8cxJhyaIJ4lFqagWACSC5xbyQY/N4fypuC4FX9I5RWcTAuftDvQcDtfa
MRR8BgUkZj2O2DQfJcMwsML3SyWj6gUo/QD0J+kvclGQK8Oe6qHnTfCE2+TxpSMV
WWP0Fn8Kg3zg7//j9w1e4eEVBTPl
-----END CERTIFICATE-----
Generated at Mon May 6 09:08:12 2024 by rpki-client on console-fra.rpki-client.org