Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93B1E760C28711EF8E755DA3762E951A.roa
File: 93B1E760C28711EF8E755DA3762E951A.roa (raw, json)
Hash identifier: rG3/0L6Pod/LgI0o2IicJVRQkrDlnfE/6Vt2l7Svtvw=
Subject key identifier: D2:9C:75:50:16:31:59:4B:70:B4:4D:2E:C8:7B:66:66:CE:19:B4:4F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E939
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93B1E760C28711EF8E755DA3762E951A.roa
Signing time: Wed 25 Dec 2024 06:15:03 +0000
ROA not before: Wed 25 Dec 2024 06:14:59 +0000
ROA not after: Wed 10 Dec 2025 06:14:59 +0000
asID: 984
IP address blocks: 156.228.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59705 (0xe939)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:14:59 2024 GMT
Not After : Dec 10 06:14:59 2025 GMT
Subject: CN=676ba2e6-e685
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4b:7c:d1:b0:50:ac:59:e9:53:c1:a0:9d:f5:
70:94:ab:0b:3e:23:7b:36:28:b3:0d:f5:8a:f6:e1:
0e:b3:0e:2b:c6:4b:f9:c1:bf:1d:d9:d6:64:c0:9b:
ca:99:96:46:78:2e:cf:50:35:8e:f1:88:bb:52:df:
07:76:0d:27:09:51:55:58:00:d6:e3:1d:db:b0:65:
c8:bb:c3:0a:44:d8:42:4f:e0:47:a8:11:3c:9c:ab:
12:e3:eb:3d:4c:1c:20:76:3c:3a:fc:b7:e9:2f:64:
d1:e1:f4:c2:f3:80:40:09:43:10:9c:85:dd:9b:d0:
aa:c6:75:5c:ec:18:73:34:f3:0a:1b:86:74:cd:9f:
8a:2f:df:96:10:aa:de:34:1e:3d:1c:ee:53:8e:11:
d4:53:4a:1c:a6:25:0b:f8:63:19:b3:7a:a3:fb:31:
f6:ed:a2:69:59:49:db:f0:a4:05:46:ba:bb:d9:55:
02:e6:16:e7:ef:c3:81:87:44:db:7f:f6:3e:89:a4:
a0:7c:c4:a6:d6:1a:28:fc:46:20:de:07:af:6a:b3:
f7:9c:6c:0c:45:b0:c4:f2:8b:31:98:43:1d:ca:ff:
27:57:cb:34:ec:7c:f9:f7:fb:8f:3a:f9:a4:13:bd:
c7:2e:ba:49:2e:71:cf:47:60:89:03:0c:95:84:af:
dc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9C:75:50:16:31:59:4B:70:B4:4D:2E:C8:7B:66:66:CE:19:B4:4F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/93B1E760C28711EF8E755DA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.60.0/24
Signature Algorithm: sha256WithRSAEncryption
61:d4:d8:50:20:ee:37:7e:a2:12:f1:1d:d9:41:cd:85:ca:41:
ca:0d:37:72:f4:79:6d:e1:b8:74:0d:81:51:b8:ac:42:ab:f2:
cb:c8:2a:14:99:77:41:dd:17:c5:c8:5f:21:71:66:f7:ef:ce:
50:13:15:76:97:0a:ae:af:b8:9f:9b:2e:cd:17:4e:ac:93:ee:
85:f4:70:9f:75:15:b0:60:a3:95:ee:08:48:bf:73:b7:6a:d5:
43:a0:d5:34:92:bc:d0:8a:a6:b7:b6:c2:e2:1f:f0:4a:97:a8:
e3:e3:ba:46:30:95:e1:e7:da:6e:db:73:dd:9f:1d:f2:0d:4b:
75:f7:8c:19:94:00:29:b3:51:97:cb:4f:5e:84:fb:74:0b:98:
67:d0:ee:3a:dc:2a:dd:ea:43:87:20:79:d5:b4:ac:ca:c1:8e:
4c:bc:02:95:63:ff:8c:dc:a9:53:f3:15:05:d8:b6:f7:32:5f:
ec:ef:35:6a:7d:fc:b3:7c:ab:93:00:d7:eb:b9:09:21:26:97:
89:81:a1:a5:9f:3a:62:91:8b:b9:7c:0f:b3:e0:21:39:61:0d:
48:2e:01:93:9b:7a:29:1e:77:18:7b:52:b0:2f:73:7b:fc:33:
db:64:2d:d7:b1:72:8b:9e:ec:fc:ad:32:a9:2b:da:8a:59:fd:
a2:e8:ee:93
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOk5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYxNDU5WhcNMjUxMjEwMDYxNDU5WjAYMRYw
FAYDVQQDEw02NzZiYTJlNi1lNjg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzkt80bBQrFnpU8GgnfVwlKsLPiN7NiizDfWK9uEOsw4rxkv5wb8d2dZk
wJvKmZZGeC7PUDWO8Yi7Ut8Hdg0nCVFVWADW4x3bsGXIu8MKRNhCT+BHqBE8nKsS
4+s9TBwgdjw6/LfpL2TR4fTC84BACUMQnIXdm9CqxnVc7BhzNPMKG4Z0zZ+KL9+W
EKreNB49HO5TjhHUU0ocpiUL+GMZs3qj+zH27aJpWUnb8KQFRrq72VUC5hbn78OB
h0Tbf/Y+iaSgfMSm1hoo/EYg3gevarP3nGwMRbDE8osxmEMdyv8nV8s07Hz59/uP
OvmkE73HLrpJLnHPR2CJAwyVhK/c0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNKc
dVAWMVlLcLRNLsh7ZmbOGbRPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85M0IxRTc2MEMyODcxMUVGOEU3NTVEQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQ8MA0GCSqGSIb3DQEBCwUA
A4IBAQBh1NhQIO43fqIS8R3ZQc2FykHKDTdy9Hlt4bh0DYFRuKxCq/LLyCoUmXdB
3RfFyF8hcWb3785QExV2lwqur7ifmy7NF06sk+6F9HCfdRWwYKOV7ghIv3O3atVD
oNU0krzQiqa3tsLiH/BKl6jj47pGMJXh59pu23Pdnx3yDUt194wZlAAps1GXy09e
hPt0C5hn0O463Crd6kOHIHnVtKzKwY5MvAKVY/+M3KlT8xUF2Lb3Ml/s7zVqffyz
fKuTANfruQkhJpeJgaGlnzpikYu5fA+z4CE5YQ1ILgGTm3opHncYe1KwL3N7/DPb
ZC3XsXKLnuz8rTKpK9qKWf2i6O6T
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:44 2025 by rpki-client