Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8806BD7CCE4A11EF89051274762E951A.roa
File: 8806BD7CCE4A11EF89051274762E951A.roa (raw, json)
Hash identifier: 0cuooOsDC/+aZRdafUJHBhhPtNJhLbnDUXFiS8AwZv0=
Subject key identifier: AA:57:90:C5:EF:A9:F7:B0:0E:08:A0:7C:5C:33:40:C2:3E:69:09:04
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0102B7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8806BD7CCE4A11EF89051274762E951A.roa
Signing time: Thu 09 Jan 2025 05:28:18 +0000
ROA not before: Thu 09 Jan 2025 05:28:14 +0000
ROA not after: Fri 09 Jan 2026 05:28:14 +0000
asID: 17561
IP address blocks: 156.238.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66231 (0x102b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:28:14 2025 GMT
Not After : Jan 9 05:28:14 2026 GMT
Subject: CN=677f5e72-0e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:33:42:b6:e4:09:94:2a:ec:d8:26:c1:74:4d:
68:8a:06:7b:4b:3b:f4:16:cf:ba:d3:41:19:88:2f:
57:2e:e9:db:0d:d2:96:64:65:75:43:83:24:0f:91:
f6:68:a4:89:a8:18:8a:3a:24:bd:fd:30:40:27:22:
ee:94:21:9d:7a:22:fa:0f:a7:8e:75:e8:7a:8c:cf:
ec:ba:da:8d:51:1c:20:57:7c:d9:ae:22:16:e2:be:
19:74:c4:fc:5c:2d:76:37:a1:9d:c6:7a:f6:ec:ae:
65:54:67:58:13:22:e7:2d:10:a8:11:d3:3b:2f:3b:
88:50:eb:f5:8b:74:8a:4d:47:ad:1d:d5:fd:b6:04:
bd:57:55:2a:8e:b2:1a:70:61:1f:a4:b1:2f:b9:31:
6c:3b:ae:72:27:0e:ff:f3:29:2d:6f:2f:d1:19:21:
8d:d5:f4:96:d8:36:bc:63:d6:5a:52:a2:a4:9f:4f:
78:c7:2e:e6:bb:5a:a5:dc:11:50:e9:93:f5:88:c9:
51:b3:0c:4b:e7:04:d6:c3:51:de:51:28:11:85:69:
2a:9d:3d:a1:9b:56:a2:49:07:17:0d:b8:0e:0b:e1:
c5:6d:16:ff:03:34:0d:49:11:2f:17:18:19:15:ba:
41:75:7b:e6:a8:5f:37:03:ab:d4:27:60:7a:26:dd:
0e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:57:90:C5:EF:A9:F7:B0:0E:08:A0:7C:5C:33:40:C2:3E:69:09:04
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8806BD7CCE4A11EF89051274762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.47.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:b4:d1:1b:8f:b6:f1:0f:2e:c1:2a:0b:07:ac:01:78:d1:71:
df:15:b9:b3:14:8c:ee:7a:51:2f:ac:b3:fd:84:88:04:a3:85:
f0:94:e4:fe:83:1c:60:b8:39:90:fc:7e:24:03:29:9b:ef:6e:
1f:12:a6:a1:c7:25:6a:8b:84:ae:8d:4e:4b:ee:5a:4f:5b:01:
35:f7:a2:79:c6:f1:86:3e:e7:f2:de:b4:12:77:b1:19:cf:db:
d7:83:4f:ce:80:ef:37:38:8f:27:d8:45:98:8e:a9:fc:5c:82:
2f:72:3d:83:91:63:28:4c:26:28:b3:69:be:6a:86:1e:a4:24:
a3:81:0f:50:69:af:7f:3f:29:2e:36:b4:ea:01:29:77:e6:02:
82:1b:9a:fa:a3:12:9b:64:6d:fb:23:ac:29:ef:e1:bc:41:6f:
b0:76:23:51:fa:f3:2b:8c:45:b2:4d:ff:57:5f:40:40:c9:2f:
90:5c:d7:68:12:d8:7f:6d:21:79:34:0c:51:71:a3:e2:b0:cd:
25:19:69:aa:d7:86:96:03:c0:4b:2a:46:b9:df:fe:fc:15:73:
2d:36:81:7a:80:ae:46:2b:8a:24:98:8d:14:7b:e4:17:0a:7d:
d4:0d:b7:ae:d2:67:6a:ee:3c:90:75:0d:83:14:d7:61:7f:d1:
4f:50:f6:50
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQK3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDUyODE0WhcNMjYwMTA5MDUyODE0WjAYMRYw
FAYDVQQDEw02NzdmNWU3Mi0wZTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2TNCtuQJlCrs2CbBdE1oigZ7Szv0Fs+600EZiC9XLunbDdKWZGV1Q4Mk
D5H2aKSJqBiKOiS9/TBAJyLulCGdeiL6D6eOdeh6jM/sutqNURwgV3zZriIW4r4Z
dMT8XC12N6Gdxnr27K5lVGdYEyLnLRCoEdM7LzuIUOv1i3SKTUetHdX9tgS9V1Uq
jrIacGEfpLEvuTFsO65yJw7/8yktby/RGSGN1fSW2Da8Y9ZaUqKkn094xy7mu1ql
3BFQ6ZP1iMlRswxL5wTWw1HeUSgRhWkqnT2hm1aiSQcXDbgOC+HFbRb/AzQNSREv
FxgZFbpBdXvmqF83A6vUJ2B6Jt0OFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKpX
kMXvqfewDgigfFwzQMI+aQkEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84ODA2QkQ3Q0NFNEExMUVGODkwNTEyNzQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4vMA0GCSqGSIb3DQEBCwUA
A4IBAQBMtNEbj7bxDy7BKgsHrAF40XHfFbmzFIzuelEvrLP9hIgEo4XwlOT+gxxg
uDmQ/H4kAymb724fEqahxyVqi4SujU5L7lpPWwE196J5xvGGPufy3rQSd7EZz9vX
g0/OgO83OI8n2EWYjqn8XIIvcj2DkWMoTCYos2m+aoYepCSjgQ9Qaa9/PykuNrTq
ASl35gKCG5r6oxKbZG37I6wp7+G8QW+wdiNR+vMrjEWyTf9XX0BAyS+QXNdoEth/
bSF5NAxRcaPisM0lGWmq14aWA8BLKka53/78FXMtNoF6gK5GK4okmI0Ue+QXCn3U
Dbeu0mdq7jyQdQ2DFNdhf9FPUPZQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:24 2025 by rpki-client