Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C16C5C0CD9F11EFB29306AB762E951A.roa
File: 8C16C5C0CD9F11EFB29306AB762E951A.roa (raw, json)
Hash identifier: OE1V9R97qARLkHBupVuZrWgvJFFm+NHCa4LWpfdTgcU=
Subject key identifier: 98:62:6A:63:26:69:FA:41:E1:D6:43:19:AA:E2:91:04:04:46:80:00
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100C2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C16C5C0CD9F11EFB29306AB762E951A.roa
Signing time: Wed 08 Jan 2025 09:04:21 +0000
ROA not before: Wed 08 Jan 2025 09:04:16 +0000
ROA not after: Mon 13 Dec 2027 09:04:16 +0000
asID: 17561
IP address blocks: 156.253.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65730 (0x100c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:04:16 2025 GMT
Not After : Dec 13 09:04:16 2027 GMT
Subject: CN=677e3f95-7036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:7c:03:de:d9:94:f2:8c:66:f0:4f:39:78:
af:d8:b2:4f:b5:41:95:85:8f:9d:81:82:f1:bb:8d:
93:29:6f:2d:5d:bc:6c:ba:69:6e:28:b5:e3:31:b2:
3c:92:a8:91:de:30:c3:f3:c9:91:27:81:8e:92:a3:
86:c9:54:8b:dc:de:41:59:8f:7b:2d:fa:a8:c0:6d:
cd:28:ba:18:fc:22:0f:c1:be:8c:31:28:28:d0:c6:
55:9a:55:e4:47:a6:97:ad:c4:45:27:fe:01:83:ac:
a7:93:ec:11:b5:e9:ad:1f:24:d3:99:0e:c4:6d:98:
d1:38:ce:7c:41:2d:23:07:f4:16:1e:3d:61:b0:77:
14:9d:38:64:a7:33:56:c3:a8:8e:34:b4:51:3b:fd:
b4:89:7a:a4:6d:cf:b2:72:34:18:a1:25:e9:a1:0a:
99:f2:76:23:3d:5a:43:27:fa:ba:95:04:13:cd:10:
8b:a2:12:b4:cd:5e:99:db:cb:72:f2:09:b3:b1:dc:
c7:58:bc:84:d9:8d:2e:13:61:b5:07:a3:81:3a:6f:
e3:c7:fb:8c:29:6b:95:ca:a8:60:c7:96:e8:bc:ad:
0e:ee:03:3d:80:10:53:b1:a3:fc:17:4c:ff:59:cc:
ac:ae:9b:96:e8:8e:af:5b:77:75:3a:ce:5a:15:96:
6a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:62:6A:63:26:69:FA:41:E1:D6:43:19:AA:E2:91:04:04:46:80:00
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8C16C5C0CD9F11EFB29306AB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.32.0/24
Signature Algorithm: sha256WithRSAEncryption
48:11:a5:1a:3b:a1:49:06:66:ac:9f:78:d6:ed:09:2a:38:58:
61:cb:85:03:8c:2e:f8:cc:07:ba:dc:68:4d:ea:27:54:bf:42:
d0:f8:1d:c0:7f:c3:50:8f:84:aa:73:88:77:73:ad:8a:ef:4f:
a8:3b:78:45:99:27:de:3e:7f:2f:be:f8:af:53:04:df:99:43:
9c:df:e6:9a:c1:5d:97:76:76:7b:fb:86:ae:7a:c0:89:6c:40:
45:57:ba:ad:fd:66:23:d4:4d:49:35:22:15:19:e4:02:6c:85:
d7:6d:82:93:85:dd:0b:c4:0c:98:cb:dc:74:bb:3a:1c:40:40:
19:12:ee:f4:41:8a:ec:bd:81:ed:7c:e6:35:57:11:48:e5:8a:
a1:d8:9b:77:c4:55:eb:7a:db:9b:45:81:2e:5e:e6:66:55:ac:
08:8b:3b:4c:1f:17:27:75:08:4d:f7:1f:f3:a2:37:84:10:c2:
f1:80:e5:26:d6:31:38:df:ff:01:26:a5:22:eb:da:b8:21:1e:
71:76:8e:e0:8a:71:4c:4d:d6:21:51:b0:b9:71:e1:a6:ce:99:
34:bd:31:57:48:51:87:f3:49:73:c6:62:11:a0:29:16:a3:1c:
9e:d9:b8:1a:24:32:d3:37:ea:d7:71:16:ae:04:81:1c:85:e7:
70:40:62:dd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkwNDE2WhcNMjcxMjEzMDkwNDE2WjAYMRYw
FAYDVQQDEw02NzdlM2Y5NS03MDM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsFd8A97ZlPKMZvBPOXiv2LJPtUGVhY+dgYLxu42TKW8tXbxsumluKLXj
MbI8kqiR3jDD88mRJ4GOkqOGyVSL3N5BWY97LfqowG3NKLoY/CIPwb6MMSgo0MZV
mlXkR6aXrcRFJ/4Bg6ynk+wRtemtHyTTmQ7EbZjROM58QS0jB/QWHj1hsHcUnThk
pzNWw6iONLRRO/20iXqkbc+ycjQYoSXpoQqZ8nYjPVpDJ/q6lQQTzRCLohK0zV6Z
28ty8gmzsdzHWLyE2Y0uE2G1B6OBOm/jx/uMKWuVyqhgx5bovK0O7gM9gBBTsaP8
F0z/WcysrpuW6I6vW3d1Os5aFZZqEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJhi
amMmafpB4dZDGarikQQERoAAMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84QzE2QzVDMENEOUYxMUVGQjI5MzA2QUI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP0gMA0GCSqGSIb3DQEBCwUA
A4IBAQBIEaUaO6FJBmasn3jW7QkqOFhhy4UDjC74zAe63GhN6idUv0LQ+B3Af8NQ
j4Sqc4h3c62K70+oO3hFmSfePn8vvvivUwTfmUOc3+aawV2XdnZ7+4auesCJbEBF
V7qt/WYj1E1JNSIVGeQCbIXXbYKThd0LxAyYy9x0uzocQEAZEu70QYrsvYHtfOY1
VxFI5Yqh2Jt3xFXretubRYEuXuZmVawIiztMHxcndQhN9x/zojeEEMLxgOUm1jE4
3/8BJqUi69q4IR5xdo7ginFMTdYhUbC5ceGmzpk0vTFXSFGH80lzxmIRoCkWoxye
2bgaJDLTN+rXcRauBIEchedwQGLd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:32 2025 by rpki-client