Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/870FD486C28211EF9DBB8583762E951A.roa
File: 870FD486C28211EF9DBB8583762E951A.roa (raw, json)
Hash identifier: TUDiRL7+oqGoVtA93pC/64ywn80ZllMjfXnIjfkrNLk=
Subject key identifier: A8:17:C4:AB:BE:1B:F5:5D:FF:90:7A:E8:54:62:36:F2:AB:9C:89:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8FB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/870FD486C28211EF9DBB8583762E951A.roa
Signing time: Wed 25 Dec 2024 05:38:54 +0000
ROA not before: Wed 25 Dec 2024 05:38:50 +0000
ROA not after: Wed 10 Dec 2025 05:38:50 +0000
asID: 984
IP address blocks: 156.228.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59643 (0xe8fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:38:50 2024 GMT
Not After : Dec 10 05:38:50 2025 GMT
Subject: CN=676b9a6e-04c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:db:5c:5b:0d:e8:a7:99:a2:30:c3:91:ee:
16:3c:f6:15:24:a8:46:fe:e3:af:12:45:b4:67:0a:
c6:9d:fd:56:a6:d9:30:99:71:95:ff:6e:95:d4:f6:
57:71:dc:39:52:3a:0b:95:1d:d2:2e:5e:f9:42:7d:
12:27:76:47:3b:95:93:19:a3:79:70:67:97:87:7d:
5a:b5:37:38:13:4e:18:8d:c2:34:c9:54:8b:98:40:
b9:d6:f1:28:28:35:ae:e2:58:77:b0:99:9e:48:bc:
e4:e8:ea:5e:5f:bd:7c:4e:1b:50:3f:72:33:29:e1:
d1:b7:d6:42:cc:1b:22:e4:73:b7:00:7a:b6:c0:1f:
5e:31:25:86:96:2e:74:67:ee:53:6a:85:6a:26:48:
72:11:98:63:e5:92:f3:a4:58:ba:30:e8:2e:95:58:
4d:5c:70:06:11:9c:ad:ca:04:aa:a0:27:70:bc:e9:
bd:21:48:b4:83:e3:eb:ab:2e:78:e4:cb:74:15:55:
94:dc:b6:d0:bd:6a:42:45:68:de:1b:a4:60:f9:0c:
83:03:c8:1d:38:96:1e:7c:e8:c9:0a:1d:f3:89:e5:
89:ab:df:39:f5:bf:23:ff:47:7d:61:36:99:35:36:
ba:5e:c5:0f:5c:91:6d:1c:bd:f9:29:d3:04:8b:7a:
e8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:17:C4:AB:BE:1B:F5:5D:FF:90:7A:E8:54:62:36:F2:AB:9C:89:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/870FD486C28211EF9DBB8583762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:3f:35:b7:01:76:cd:31:81:8d:ce:bf:ec:64:11:6f:93:86:
4e:b6:99:e3:ab:64:8a:cf:3d:ce:d8:bd:d6:04:df:58:9f:d9:
6c:41:6d:6d:1f:8c:39:6b:a2:8a:c6:1d:65:60:97:20:53:e6:
93:a2:b2:b9:88:35:f3:16:c9:10:7d:b4:b8:a9:96:9a:05:d0:
8a:9a:3f:19:69:12:0e:5e:ff:fa:e6:17:0e:db:19:70:1e:23:
0b:c3:5b:bd:a7:af:e8:9e:d1:c0:08:48:f3:43:a6:1a:a4:8f:
81:b3:ca:90:d7:94:c4:40:5e:6b:af:51:02:f3:0e:c6:52:45:
38:1e:61:3b:24:32:67:37:9e:7c:a3:8a:ba:4b:de:30:89:9e:
c6:7a:97:2f:79:02:ce:cb:b6:50:e5:c1:51:35:62:ea:da:31:
1f:d5:fd:fa:b6:ab:3d:39:79:36:cf:93:36:e4:40:f3:c2:95:
7c:22:0f:01:31:c5:59:5e:92:de:b7:5a:70:07:35:81:7e:9f:
e9:23:16:10:60:d5:ff:91:66:69:17:6e:64:3c:b3:c3:ab:b5:
d4:ac:b7:71:f8:ab:4a:82:27:f8:92:4b:83:ed:2e:3e:5a:f3:
ac:4a:e8:88:c5:c4:75:b1:00:bb:5e:d0:22:56:d5:46:80:7d:
de:01:57:19
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOj7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUzODUwWhcNMjUxMjEwMDUzODUwWjAYMRYw
FAYDVQQDEw02NzZiOWE2ZS0wNGMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv8DbXFsN6KeZojDDke4WPPYVJKhG/uOvEkW0ZwrGnf1WptkwmXGV/26V
1PZXcdw5UjoLlR3SLl75Qn0SJ3ZHO5WTGaN5cGeXh31atTc4E04YjcI0yVSLmEC5
1vEoKDWu4lh3sJmeSLzk6OpeX718ThtQP3IzKeHRt9ZCzBsi5HO3AHq2wB9eMSWG
li50Z+5TaoVqJkhyEZhj5ZLzpFi6MOgulVhNXHAGEZytygSqoCdwvOm9IUi0g+Pr
qy545Mt0FVWU3LbQvWpCRWjeG6Rg+QyDA8gdOJYefOjJCh3zieWJq9859b8j/0d9
YTaZNTa6XsUPXJFtHL35KdMEi3roqwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKgX
xKu+G/Vd/5B66FRiNvKrnInqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NzBGRDQ4NkMyODIxMUVGOURCQjg1ODM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQdMA0GCSqGSIb3DQEBCwUA
A4IBAQB+PzW3AXbNMYGNzr/sZBFvk4ZOtpnjq2SKzz3O2L3WBN9Yn9lsQW1tH4w5
a6KKxh1lYJcgU+aTorK5iDXzFskQfbS4qZaaBdCKmj8ZaRIOXv/65hcO2xlwHiML
w1u9p6/ontHACEjzQ6YapI+Bs8qQ15TEQF5rr1EC8w7GUkU4HmE7JDJnN558o4q6
S94wiZ7GepcveQLOy7ZQ5cFRNWLq2jEf1f36tqs9OXk2z5M25EDzwpV8Ig8BMcVZ
XpLet1pwBzWBfp/pIxYQYNX/kWZpF25kPLPDq7XUrLdx+KtKgif4kkuD7S4+WvOs
SuiIxcR1sQC7XtAiVtVGgH3eAVcZ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:00 2025 by rpki-client