Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C16900CC28A11EF8A9DF5B5762E951A.roa
File: 8C16900CC28A11EF8A9DF5B5762E951A.roa (raw, json)
Hash identifier: pLdIhFn0eLTCR3CjVwpspPpRqrg04DO7IKDK6s0tWtQ=
Subject key identifier: 96:B6:C6:47:64:0A:3F:E2:2D:F3:D0:2A:C4:64:45:20:9F:CA:4E:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E95D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C16900CC28A11EF8A9DF5B5762E951A.roa
Signing time: Wed 25 Dec 2024 06:36:18 +0000
ROA not before: Wed 25 Dec 2024 06:36:15 +0000
ROA not after: Wed 10 Dec 2025 06:36:15 +0000
asID: 984
IP address blocks: 156.228.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59741 (0xe95d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:36:15 2024 GMT
Not After : Dec 10 06:36:15 2025 GMT
Subject: CN=676ba7e2-42a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d8:5b:8c:6c:93:46:4e:26:aa:06:2a:79:1d:
7e:e1:9b:ab:49:06:7f:ca:93:ec:1a:d9:2c:93:99:
61:ef:4d:5c:2f:a6:89:18:77:56:d5:01:5d:95:32:
6d:1d:a7:5e:2f:57:87:51:8b:29:be:48:13:cf:93:
61:b6:7c:d0:49:71:72:65:e5:f3:70:82:89:1d:16:
70:15:8c:4c:e5:ed:4b:b9:b1:45:da:79:03:00:b1:
30:1a:42:a8:48:09:06:de:ab:84:73:c4:55:91:6a:
5d:02:6d:88:bf:33:ae:4a:6d:16:c8:54:98:39:07:
f7:d9:99:7f:71:dd:b9:52:c3:c3:95:ee:2f:12:84:
5d:15:f6:d3:81:f0:fc:f5:f6:df:bb:55:38:f7:c6:
f6:ce:00:c1:ec:94:d0:1e:1b:82:69:3e:a1:67:36:
2d:dc:2e:7d:35:88:a9:8f:bb:5a:23:b2:11:ac:c0:
0d:07:d8:f8:5c:c5:42:5a:ea:75:42:8d:33:16:89:
a5:56:09:ba:bf:2d:a6:c7:e3:11:20:02:9d:74:81:
25:08:37:32:49:19:d6:c2:8a:16:a1:ad:de:b2:a5:
1d:0a:00:d4:3a:6f:1d:c5:b2:5e:ff:06:8e:ec:22:
96:25:5e:75:7e:ed:96:c9:89:83:72:ec:ab:00:d1:
f0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B6:C6:47:64:0A:3F:E2:2D:F3:D0:2A:C4:64:45:20:9F:CA:4E:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C16900CC28A11EF8A9DF5B5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.196.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:e9:a9:9f:c9:38:b2:87:5a:39:3c:e3:7b:64:36:b0:e1:36:
1e:50:f6:49:76:18:e4:97:70:12:9e:c7:ed:90:f1:d5:a3:31:
64:83:bf:de:62:5f:47:5c:9d:04:91:f8:81:28:0f:db:85:cf:
f5:30:95:d8:9b:92:3a:e6:18:c6:c0:72:bb:ef:e8:a0:4c:9f:
fe:9c:12:44:12:e2:6c:98:e4:c6:a9:3b:57:67:e6:58:d1:b3:
a6:f7:75:2c:e9:2c:e0:d2:5d:5d:fe:89:93:1f:98:15:f7:7a:
50:ed:14:e6:c4:57:cc:e3:1b:3c:b6:cb:6b:fb:07:a5:5d:a5:
2d:63:9e:ae:0d:9a:d1:90:7d:bb:70:50:fd:78:5c:4c:c7:7c:
a5:b4:82:d1:97:a5:c7:85:8a:c7:9f:9d:6c:f6:52:d9:a5:f7:
9c:b7:c7:fb:67:89:53:ba:66:14:8b:17:11:b2:94:40:cd:4a:
72:26:2d:bb:14:8b:91:34:0e:8a:6d:38:78:08:37:33:d0:08:
11:ef:91:fe:07:46:b3:ce:c5:01:3b:d4:68:e6:e0:4f:68:4b:
de:43:7a:a7:a9:76:16:f2:e9:07:c9:b3:7f:8a:94:ce:20:f6:
b8:e0:bc:1d:c1:2c:83:07:50:cb:af:6a:0d:a7:7f:3f:b6:3f:
13:a2:32:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOldMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYzNjE1WhcNMjUxMjEwMDYzNjE1WjAYMRYw
FAYDVQQDEw02NzZiYTdlMi00MmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApthbjGyTRk4mqgYqeR1+4ZurSQZ/ypPsGtksk5lh701cL6aJGHdW1QFd
lTJtHadeL1eHUYspvkgTz5NhtnzQSXFyZeXzcIKJHRZwFYxM5e1LubFF2nkDALEw
GkKoSAkG3quEc8RVkWpdAm2IvzOuSm0WyFSYOQf32Zl/cd25UsPDle4vEoRdFfbT
gfD89fbfu1U498b2zgDB7JTQHhuCaT6hZzYt3C59NYipj7taI7IRrMANB9j4XMVC
Wup1Qo0zFomlVgm6vy2mx+MRIAKddIElCDcySRnWwooWoa3esqUdCgDUOm8dxbJe
/waO7CKWJV51fu2WyYmDcuyrANHwlQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJa2
xkdkCj/iLfPQKsRkRSCfyk4SMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzE2OTAwQ0MyOEExMUVGOEE5REY1QjU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTEMA0GCSqGSIb3DQEBCwUA
A4IBAQBt6amfyTiyh1o5PON7ZDaw4TYeUPZJdhjkl3ASnsftkPHVozFkg7/eYl9H
XJ0EkfiBKA/bhc/1MJXYm5I65hjGwHK77+igTJ/+nBJEEuJsmOTGqTtXZ+ZY0bOm
93Us6Szg0l1d/omTH5gV93pQ7RTmxFfM4xs8tstr+welXaUtY56uDZrRkH27cFD9
eFxMx3yltILRl6XHhYrHn51s9lLZpfect8f7Z4lTumYUixcRspRAzUpyJi27FIuR
NA6KbTh4CDcz0AgR75H+B0azzsUBO9Ro5uBPaEveQ3qnqXYW8ukHybN/ipTOIPa4
4LwdwSyDB1DLr2oNp38/tj8TojJk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:46 2025 by rpki-client