Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A08A5C2602FF11EF8434E355017001B1.roa
File: A08A5C2602FF11EF8434E355017001B1.roa (raw, json)
Hash identifier: lbiftuOJUmXdi8qW9wCTrHi+2mJ0cG/AMyrS1iCh6R4=
Subject key identifier: D1:99:DB:85:B1:A5:C7:09:55:F2:B7:2A:4E:ED:15:58:DC:96:CF:97
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 8541
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A08A5C2602FF11EF8434E355017001B1.roa
Signing time: Thu 25 Apr 2024 12:30:41 +0000
ROA not before: Thu 25 Apr 2024 12:30:37 +0000
ROA not after: Mon 06 May 2024 12:30:37 +0000
asID: 5065
IP address blocks: 156.248.8.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 06 May 2024 12:30:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34113 (0x8541)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 25 12:30:37 2024 GMT
Not After : May 6 12:30:37 2024 GMT
Subject: CN=662a4cf0-8e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6c:d7:cc:c2:e5:17:71:34:13:9c:db:79:ef:
3f:fc:51:bc:fe:5f:7d:41:50:3f:cc:d3:f0:fe:e4:
ab:a3:a6:16:ea:72:af:83:65:16:8f:6a:62:40:c2:
93:72:b0:af:1c:b5:80:32:4c:9c:b5:9a:eb:6c:e9:
47:2f:12:8a:11:f2:14:e5:f7:7b:56:c8:78:f0:e1:
21:f2:82:12:6f:5a:e2:fa:3c:bf:b9:de:ec:1e:07:
81:3f:43:4c:77:7b:e5:ec:68:b1:98:9e:94:a2:41:
be:d5:2b:d0:17:a3:0d:17:75:30:5a:cf:d1:f8:d0:
f5:fc:fd:72:8a:e5:a2:bc:7c:0b:ba:f1:15:06:3b:
ff:88:de:f9:5d:22:3d:5b:1e:59:0c:90:b5:3e:f2:
8e:bb:d4:c4:6b:14:25:08:68:e1:7c:09:62:e8:cc:
40:e0:03:c7:64:aa:28:9c:d6:05:fb:a8:83:57:d8:
64:5e:0f:e8:cb:f8:51:c4:cf:09:28:2c:bf:cb:21:
52:ff:66:cd:27:99:d1:f5:b3:fc:3b:6f:f0:cd:cd:
b6:00:fe:90:d3:07:25:e0:f1:62:49:0f:64:82:2a:
95:1b:e6:63:ad:94:6d:e9:0d:8f:9a:ae:1b:11:8d:
7a:ad:1a:7c:6b:b9:46:70:d0:f3:1f:a6:15:84:78:
84:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:99:DB:85:B1:A5:C7:09:55:F2:B7:2A:4E:ED:15:58:DC:96:CF:97
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A08A5C2602FF11EF8434E355017001B1.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.8.0/22
Signature Algorithm: sha256WithRSAEncryption
73:66:a4:14:6e:9f:89:22:97:ab:3b:55:44:5a:97:36:86:c2:
d3:c2:3f:1b:c9:96:d2:c1:42:2e:c5:e5:39:91:4f:68:8d:7d:
2a:0f:3a:3a:b4:49:49:5d:1f:c9:34:0e:2a:53:17:3b:54:cc:
2c:31:86:38:0e:ab:3f:e3:74:20:dd:fd:f2:f6:2b:7b:25:b9:
a3:3d:e1:17:75:a2:bc:81:8d:5b:88:bf:43:59:fd:f9:71:45:
4b:71:c9:7a:5e:ae:e3:10:b4:ff:df:25:d8:35:a7:61:de:a9:
51:9f:85:30:b5:a3:8f:ae:0f:8d:c3:52:8c:71:01:c7:ec:00:
28:1e:fa:4c:e2:a0:ce:fb:d6:60:37:1e:a7:51:d9:6a:92:7e:
8a:5a:40:a8:e4:74:26:14:ad:a9:af:c6:cd:58:1d:54:bd:20:
2f:b5:3e:dd:79:c6:cb:c2:ce:34:79:c6:a2:b7:f3:90:f8:00:
d7:7e:c1:9a:e6:57:0b:9c:72:0b:b7:b3:1f:bb:a8:d5:66:f7:
9e:f5:6b:08:6b:a4:f7:a6:e6:0b:df:99:36:23:27:a5:a2:04:
16:0b:bf:b5:48:4d:91:78:27:c2:b7:dc:d2:c0:b9:68:6b:3c:
02:d1:5f:82:ca:05:36:3e:32:e5:dd:a0:73:83:ce:3e:49:71:
c0:12:d6:53
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIVBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDI1MTIzMDM3WhcNMjQwNTA2MTIzMDM3WjAYMRYw
FAYDVQQDEw02NjJhNGNmMC04ZTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA22zXzMLlF3E0E5zbee8//FG8/l99QVA/zNPw/uSro6YW6nKvg2UWj2pi
QMKTcrCvHLWAMkyctZrrbOlHLxKKEfIU5fd7Vsh48OEh8oISb1ri+jy/ud7sHgeB
P0NMd3vl7GixmJ6UokG+1SvQF6MNF3UwWs/R+ND1/P1yiuWivHwLuvEVBjv/iN75
XSI9Wx5ZDJC1PvKOu9TEaxQlCGjhfAli6MxA4APHZKoonNYF+6iDV9hkXg/oy/hR
xM8JKCy/yyFS/2bNJ5nR9bP8O2/wzc22AP6Q0wcl4PFiSQ9kgiqVG+ZjrZRt6Q2P
mq4bEY16rRp8a7lGcNDzH6YVhHiETwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNGZ
24WxpccJVfK3Kk7tFVjcls+XMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMDhBNUMyNjAyRkYxMUVGODQzNEUzNTUwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPgIMA0GCSqGSIb3DQEBCwUA
A4IBAQBzZqQUbp+JIperO1VEWpc2hsLTwj8byZbSwUIuxeU5kU9ojX0qDzo6tElJ
XR/JNA4qUxc7VMwsMYY4Dqs/43Qg3f3y9it7JbmjPeEXdaK8gY1biL9DWf35cUVL
ccl6Xq7jELT/3yXYNadh3qlRn4UwtaOPrg+Nw1KMcQHH7AAoHvpM4qDO+9ZgNx6n
Udlqkn6KWkCo5HQmFK2pr8bNWB1UvSAvtT7decbLws40ecait/OQ+ADXfsGa5lcL
nHILt7Mfu6jVZvee9WsIa6T3puYL35k2IyelogQWC7+1SE2ReCfCt9zSwLloazwC
0V+CygU2PjLl3aBzg84+SXHAEtZT
-----END CERTIFICATE-----
Generated at Mon May 6 09:08:13 2024 by rpki-client on console-fra.rpki-client.org