Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9616826CCA311EF994BED5F762E951A.roa
File: A9616826CCA311EF994BED5F762E951A.roa (raw, json)
Hash identifier: 0GdiNJxB9MbuGNyfZtONMOby2Eq5DE9OTWnjVLEePpk=
Subject key identifier: CC:C6:A0:6C:8B:78:78:2C:3F:A5:8B:F4:71:9B:E4:41:8C:82:09:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9AA
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9616826CCA311EF994BED5F762E951A.roa
Signing time: Tue 07 Jan 2025 03:01:16 +0000
ROA not before: Tue 07 Jan 2025 03:01:08 +0000
ROA not after: Sat 13 Dec 2025 03:01:08 +0000
asID: 984
IP address blocks: 156.229.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63914 (0xf9aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 03:01:08 2025 GMT
Not After : Dec 13 03:01:08 2025 GMT
Subject: CN=677c98fc-4c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4b:e9:02:8a:87:d2:2a:f6:fa:43:32:ab:4b:
24:2f:54:62:14:3e:91:47:38:ab:77:96:d9:d8:62:
97:23:b2:c9:5b:18:97:2d:05:4a:05:10:da:bb:4c:
cc:67:75:7d:73:fd:47:15:47:8d:d1:6c:6b:42:8f:
e7:0e:71:27:e4:9b:38:cf:82:b8:05:c6:00:d7:59:
9c:35:83:ad:c7:35:be:98:a9:f5:d6:71:1e:db:ca:
16:02:92:76:00:b6:52:6c:7c:9f:9a:c9:9f:fa:57:
e7:87:1e:8b:fd:40:d6:49:3c:43:b9:8f:7a:ba:48:
5a:d7:28:e9:95:fc:d7:e2:ff:18:f1:bb:d0:60:7c:
68:25:e9:0e:79:fe:58:c9:ff:07:59:25:a0:ba:69:
14:8b:cd:fe:cb:54:86:82:99:b7:29:be:53:a2:b8:
78:e2:ea:b8:39:a8:ab:e6:12:b3:6b:3a:cb:fd:29:
dd:26:39:59:aa:49:64:a6:9e:af:63:39:cf:3b:ac:
b9:40:16:f8:fc:5b:74:51:ce:c2:20:00:a3:ff:05:
63:41:62:25:de:e7:bc:61:39:5c:35:3a:17:6a:0d:
0f:b7:e2:dd:ce:47:0c:c0:1b:db:31:3c:ac:8e:d6:
8d:8b:46:4f:b1:f9:43:c9:6e:ef:28:5c:64:33:e5:
c4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C6:A0:6C:8B:78:78:2C:3F:A5:8B:F4:71:9B:E4:41:8C:82:09:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A9616826CCA311EF994BED5F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.175.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5c:c1:31:4e:82:5b:d1:59:de:41:79:d5:10:ea:63:e1:d3:
8c:dc:64:f3:94:f4:5d:d5:42:73:19:3a:f0:f1:b2:23:51:75:
80:0b:97:41:2a:05:2a:a9:04:a6:28:f3:f5:f8:63:7b:84:91:
18:86:f3:53:1b:3b:bf:1c:e8:65:c1:24:6c:aa:14:df:bf:51:
e1:b6:1a:10:b9:b9:db:af:5e:88:db:4e:ea:0a:81:c3:05:c3:
46:52:d6:96:3f:97:16:d6:b4:98:ad:14:1f:25:fb:a4:5b:4a:
29:90:75:79:2a:d5:ac:5c:74:eb:a2:86:39:66:32:c2:95:fb:
6d:15:16:2b:33:eb:a1:19:7a:86:c0:b5:bd:5b:a8:78:7b:51:
cf:96:2c:eb:07:40:d8:d6:b5:8d:ad:cb:54:9e:a0:1d:2f:56:
80:db:d1:7f:d9:f3:21:e0:12:90:fa:a9:6d:52:2f:1e:02:a0:
e2:0c:2a:dd:32:a8:a5:db:f9:c3:da:15:3f:70:0e:ea:84:87:
f2:3c:fd:6b:e6:f5:53:65:77:9e:af:6c:49:2e:93:c5:65:72:
70:36:c3:31:35:b4:db:11:dc:79:4d:ec:05:f4:5f:a6:69:a5:
7d:bc:5d:62:f4:1d:b8:bc:20:48:cf:9b:e0:08:25:a9:35:13:
14:77:e1:f0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPmqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDMwMTA4WhcNMjUxMjEzMDMwMTA4WjAYMRYw
FAYDVQQDEw02NzdjOThmYy00YzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwUvpAoqH0ir2+kMyq0skL1RiFD6RRzird5bZ2GKXI7LJWxiXLQVKBRDa
u0zMZ3V9c/1HFUeN0WxrQo/nDnEn5Js4z4K4BcYA11mcNYOtxzW+mKn11nEe28oW
ApJ2ALZSbHyfmsmf+lfnhx6L/UDWSTxDuY96ukha1yjplfzX4v8Y8bvQYHxoJekO
ef5Yyf8HWSWgumkUi83+y1SGgpm3Kb5Torh44uq4Oair5hKzazrL/SndJjlZqklk
pp6vYznPO6y5QBb4/Ft0Uc7CIACj/wVjQWIl3ue8YTlcNToXag0Pt+LdzkcMwBvb
MTysjtaNi0ZPsflDyW7vKFxkM+XEYwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMzG
oGyLeHgsP6WL9HGb5EGMgglEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BOTYxNjgyNkNDQTMxMUVGOTk0QkVENUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOWvMA0GCSqGSIb3DQEBCwUA
A4IBAQB5XMExToJb0VneQXnVEOpj4dOM3GTzlPRd1UJzGTrw8bIjUXWAC5dBKgUq
qQSmKPP1+GN7hJEYhvNTGzu/HOhlwSRsqhTfv1HhthoQubnbr16I207qCoHDBcNG
UtaWP5cW1rSYrRQfJfukW0opkHV5KtWsXHTrooY5ZjLClfttFRYrM+uhGXqGwLW9
W6h4e1HPlizrB0DY1rWNrctUnqAdL1aA29F/2fMh4BKQ+qltUi8eAqDiDCrdMqil
2/nD2hU/cA7qhIfyPP1r5vVTZXeer2xJLpPFZXJwNsMxNbTbEdx5TewF9F+maaV9
vF1i9B24vCBIz5vgCCWpNRMUd+Hw
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:56 2025 by rpki-client