Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/919AF4D2CC1211EF85CECF44762E951A.roa
File: 919AF4D2CC1211EF85CECF44762E951A.roa (raw, json)
Hash identifier: qP3NPHDDIzy7HGN0G523SdRlGZG94cjWs2vXvLvBVT8=
Subject key identifier: 98:E7:14:F8:09:7A:DF:66:56:20:7F:DF:DF:49:F3:14:60:FA:88:72
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F871
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/919AF4D2CC1211EF85CECF44762E951A.roa
Signing time: Mon 06 Jan 2025 09:42:40 +0000
ROA not before: Mon 06 Jan 2025 09:42:36 +0000
ROA not after: Thu 06 Feb 2025 09:42:36 +0000
asID: 200373
IP address blocks: 156.228.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 09:42:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63601 (0xf871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 6 09:42:36 2025 GMT
Not After : Feb 6 09:42:36 2025 GMT
Subject: CN=677ba58f-1ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b0:53:b0:3c:5c:48:be:71:c9:58:03:4c:c7:
ef:c6:04:1e:be:fa:88:dc:cb:91:76:99:65:9d:37:
72:bf:ba:3a:e3:f4:ac:a5:4e:54:ae:8a:9d:c0:90:
3f:9b:5a:97:d9:49:bb:fa:a5:65:39:6f:fc:15:4d:
3c:0c:04:0a:38:5f:b1:6e:33:cb:33:81:6f:f8:5c:
e2:f8:f2:bf:4c:fa:c2:73:99:2c:a3:e7:18:35:5d:
41:31:48:5c:9e:2d:9d:cf:ae:66:97:d0:8e:03:0c:
de:ec:3c:29:52:e4:07:d1:15:de:40:98:cf:24:eb:
3d:f7:43:02:08:ea:c2:83:b5:b9:e9:20:72:f3:b8:
07:cf:11:5e:d4:4a:79:52:cb:e0:2e:45:58:4c:ae:
76:45:f2:ea:f4:8e:0e:a2:58:3f:2e:57:55:8a:c5:
fa:1a:8d:61:52:05:41:47:42:40:cc:32:39:1e:35:
31:f0:e6:60:0c:f4:07:03:4b:87:56:c2:d2:68:36:
b1:65:f5:5d:83:00:f5:2d:d6:8d:6f:35:24:9f:37:
33:14:e7:b9:97:7f:12:40:c2:00:29:ae:36:6f:6c:
55:aa:c7:ee:cb:14:7e:8c:02:74:8a:f8:f4:76:b3:
03:b3:0e:a0:cb:02:ca:1c:d9:91:ca:72:90:96:26:
dd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E7:14:F8:09:7A:DF:66:56:20:7F:DF:DF:49:F3:14:60:FA:88:72
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/919AF4D2CC1211EF85CECF44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.190.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:2b:52:45:0d:fd:78:fb:63:91:cb:e0:22:f0:bb:7b:e7:4d:
51:c9:9a:46:09:6e:22:21:e9:ea:a2:14:ea:6d:15:5b:be:da:
af:02:bc:cc:f2:35:cc:7d:ba:70:64:8e:ba:75:c4:18:db:6d:
a5:5a:31:71:52:a5:bb:d7:4c:bc:2b:e4:93:79:ba:07:ed:00:
ec:f1:c1:82:7a:bf:91:2e:c6:6b:1c:d7:f4:9c:67:bf:0f:fb:
fc:76:a3:40:20:06:74:62:66:a7:23:43:6b:ad:0d:d9:e4:f9:
55:18:d2:06:17:79:ab:f8:e0:86:88:52:28:92:50:d1:4a:bd:
f8:f5:2c:42:b4:12:7f:8a:e9:60:44:d7:8b:14:31:45:58:4e:
e9:20:b7:ba:7c:cd:3b:9f:53:5a:58:d4:e0:05:30:44:f1:40:
91:32:1f:35:e0:e7:82:93:27:a2:7b:1d:21:77:29:72:b0:c4:
89:04:70:2d:e6:f5:ec:d0:6f:ab:ae:80:a4:74:7e:41:3a:af:
e5:e6:53:a2:aa:df:17:54:66:b6:91:fa:fc:2a:17:2e:af:fe:
c2:b7:41:92:77:1b:0f:d5:13:a0:56:8c:6e:0f:86:37:39:6b:
31:e3:08:c5:b5:70:78:78:c2:3c:ae:f0:83:67:87:a2:7b:96:
e5:1c:04:a6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPhxMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA2MDk0MjM2WhcNMjUwMjA2MDk0MjM2WjAYMRYw
FAYDVQQDEw02NzdiYTU4Zi0xYWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2bBTsDxcSL5xyVgDTMfvxgQevvqI3MuRdpllnTdyv7o64/SspU5Uroqd
wJA/m1qX2Um7+qVlOW/8FU08DAQKOF+xbjPLM4Fv+Fzi+PK/TPrCc5kso+cYNV1B
MUhcni2dz65ml9COAwze7DwpUuQH0RXeQJjPJOs990MCCOrCg7W56SBy87gHzxFe
1Ep5UsvgLkVYTK52RfLq9I4Oolg/LldVisX6Go1hUgVBR0JAzDI5HjUx8OZgDPQH
A0uHVsLSaDaxZfVdgwD1LdaNbzUknzczFOe5l38SQMIAKa42b2xVqsfuyxR+jAJ0
ivj0drMDsw6gywLKHNmRynKQlibd5QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJjn
FPgJet9mViB/399J8xRg+ohyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MTlBRjREMkNDMTIxMUVGODVDRUNGNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOS+MA0GCSqGSIb3DQEBCwUA
A4IBAQBeK1JFDf14+2ORy+Ai8Lt7501RyZpGCW4iIenqohTqbRVbvtqvArzM8jXM
fbpwZI66dcQY222lWjFxUqW710y8K+STeboH7QDs8cGCer+RLsZrHNf0nGe/D/v8
dqNAIAZ0YmanI0NrrQ3Z5PlVGNIGF3mr+OCGiFIoklDRSr349SxCtBJ/iulgRNeL
FDFFWE7pILe6fM07n1NaWNTgBTBE8UCRMh814OeCkyeiex0hdylysMSJBHAt5vXs
0G+rroCkdH5BOq/l5lOiqt8XVGa2kfr8Khcur/7Ct0GSdxsP1ROgVoxuD4Y3OWsx
4wjFtXB4eMI8rvCDZ4eie5blHASm
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:29 2025 by rpki-client