Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FF9F962FD4F11EE9E4A01FD007001B1.roa
File: 8FF9F962FD4F11EE9E4A01FD007001B1.roa (raw, json)
Hash identifier: ubWBgJgkUW2NrtgkEdOXuY0ybfAESfTy6+yX8pBZSeo=
Subject key identifier: 55:5D:E9:C6:31:1F:9B:E5:21:BD:AD:69:42:4A:B8:42:27:84:11:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8355
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FF9F962FD4F11EE9E4A01FD007001B1.roa
Signing time: Thu 18 Apr 2024 06:47:46 +0000
ROA not before: Thu 18 Apr 2024 06:47:42 +0000
ROA not after: Fri 26 Apr 2024 06:47:42 +0000
asID: 39600
IP address blocks: 156.252.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 26 Apr 2024 06:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33621 (0x8355)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 18 06:47:42 2024 GMT
Not After : Apr 26 06:47:42 2024 GMT
Subject: CN=6620c211-5156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a2:ec:a6:ab:6c:4f:81:49:54:c3:9d:bb:93:
12:6a:f8:6d:5a:af:c3:d7:57:e9:eb:ad:7d:dd:ab:
56:56:35:8f:ce:68:0a:45:23:d7:3f:68:97:5c:87:
b4:e5:c6:d9:26:4d:57:83:02:16:03:cd:a0:59:86:
98:e8:21:25:8b:75:4b:01:41:55:65:e7:d9:1b:74:
38:41:aa:f0:d6:41:03:90:2e:10:75:f2:1e:f2:d1:
9d:34:ef:b6:3a:0d:a9:e4:06:d1:c1:7f:f1:94:61:
c0:3d:ca:ed:b5:53:f8:76:94:0e:ef:1e:44:b1:d8:
5b:85:2a:a3:19:41:2f:9b:d0:5c:a6:80:34:80:0b:
b3:7b:75:8a:a7:60:64:86:d1:3f:28:44:ca:e6:84:
89:bc:41:ff:d1:0e:b5:46:99:c1:7a:c8:63:0e:aa:
7a:00:53:0e:84:99:8a:a2:bf:9f:07:df:ce:f1:54:
07:11:be:73:08:0e:9b:8c:2b:c5:2f:27:0e:c7:83:
4b:7f:db:1a:08:66:b6:2b:29:14:5d:c7:89:77:75:
73:51:6c:33:c3:e9:50:c2:4f:89:9d:24:85:77:2f:
35:80:3e:05:61:29:5f:55:a6:48:c0:f8:f6:dc:ef:
26:50:2b:8a:06:90:4a:70:68:9a:f9:33:1d:7a:84:
43:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5D:E9:C6:31:1F:9B:E5:21:BD:AD:69:42:4A:B8:42:27:84:11:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/8FF9F962FD4F11EE9E4A01FD007001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.8.0/22
Signature Algorithm: sha256WithRSAEncryption
60:91:09:a2:ad:66:0a:50:c8:11:f0:4a:ec:48:70:f4:ff:88:
5c:5d:83:68:1c:43:27:9a:e8:cd:87:fe:7a:52:0d:d8:e2:5c:
e4:e8:58:95:d6:6a:67:47:0b:1b:52:e5:72:bc:f8:1e:34:fd:
66:26:b2:64:fa:31:d3:fa:a1:da:1d:c3:81:1d:ab:c0:1f:1b:
12:71:18:54:47:2f:72:98:2e:2e:41:cb:6f:51:5b:e2:18:f4:
3d:7b:ce:45:28:d9:9d:8e:8d:13:1b:26:a1:f1:54:44:81:2d:
d6:7f:2d:ac:7b:4b:37:99:de:01:0b:a4:f0:1c:1c:72:0a:e8:
cc:6c:88:99:69:75:b5:5f:5f:43:2b:23:08:b8:6c:6d:cf:1c:
d7:0a:65:ba:8c:8a:c6:1e:d5:c6:69:f8:ec:1a:d8:46:7d:79:
63:f5:61:ef:9d:7c:b2:e4:d2:e3:9d:ea:69:73:44:31:99:22:
0d:23:b6:44:80:40:2d:44:f7:2f:67:6a:2f:14:8f:74:1a:48:
44:ea:12:d0:9d:2b:b9:c8:ff:df:62:e0:1a:27:13:ec:2a:b4:
90:40:04:5b:ea:8d:8c:a1:d6:56:e7:09:87:1a:43:6d:30:39:
d2:e4:24:21:36:a5:b2:d7:18:3e:18:3d:ef:19:d0:e0:bb:df:
2e:ae:b1:03
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAINVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE4MDY0NzQyWhcNMjQwNDI2MDY0NzQyWjAYMRYw
FAYDVQQDEw02NjIwYzIxMS01MTU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwKLspqtsT4FJVMOdu5MSavhtWq/D11fp66193atWVjWPzmgKRSPXP2iX
XIe05cbZJk1XgwIWA82gWYaY6CEli3VLAUFVZefZG3Q4Qarw1kEDkC4QdfIe8tGd
NO+2Og2p5AbRwX/xlGHAPcrttVP4dpQO7x5EsdhbhSqjGUEvm9BcpoA0gAuze3WK
p2BkhtE/KETK5oSJvEH/0Q61RpnBeshjDqp6AFMOhJmKor+fB9/O8VQHEb5zCA6b
jCvFLycOx4NLf9saCGa2KykUXceJd3VzUWwzw+lQwk+JnSSFdy81gD4FYSlfVaZI
wPj23O8mUCuKBpBKcGia+TMdeoRD7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFVd
6cYxH5vlIb2taUJKuEInhBGXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84RkY5Rjk2MkZENEYxMUVFOUU0QTAxRkQwMDcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPwIMA0GCSqGSIb3DQEBCwUA
A4IBAQBgkQmirWYKUMgR8ErsSHD0/4hcXYNoHEMnmujNh/56Ug3Y4lzk6FiV1mpn
RwsbUuVyvPgeNP1mJrJk+jHT+qHaHcOBHavAHxsScRhURy9ymC4uQctvUVviGPQ9
e85FKNmdjo0TGyah8VREgS3Wfy2se0s3md4BC6TwHBxyCujMbIiZaXW1X19DKyMI
uGxtzxzXCmW6jIrGHtXGafjsGthGfXlj9WHvnXyy5NLjneppc0QxmSINI7ZEgEAt
RPcvZ2ovFI90GkhE6hLQnSu5yP/fYuAaJxPsKrSQQARb6o2ModZW5wmHGkNtMDnS
5CQhNqWy1xg+GD3vGdDgu98urrED
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:33:44 2024 by rpki-client on console-fra.rpki-client.org