Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B794EBB0C27C11EFB49C615F762E951A.roa
File: B794EBB0C27C11EFB49C615F762E951A.roa (raw, json)
Hash identifier: 2G9x4ndItXYo5239SViB9tiluPnMPII3gpi2cLASXC8=
Subject key identifier: 03:38:06:76:00:29:0D:20:FA:3E:01:A2:BF:70:22:50:5A:EC:DC:29
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8B3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B794EBB0C27C11EFB49C615F762E951A.roa
Signing time: Wed 25 Dec 2024 04:57:18 +0000
ROA not before: Wed 25 Dec 2024 04:57:15 +0000
ROA not after: Wed 10 Dec 2025 04:57:15 +0000
asID: 984
IP address blocks: 156.227.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59571 (0xe8b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 04:57:15 2024 GMT
Not After : Dec 10 04:57:15 2025 GMT
Subject: CN=676b90ae-70cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:33:99:fd:2c:5b:11:8d:4a:f4:a3:ed:e7:99:
55:85:f0:25:e4:67:63:ab:70:37:dc:c9:fb:6f:5e:
93:db:24:9b:90:8f:9d:19:05:56:f0:73:0b:23:71:
37:ef:b4:91:26:35:1a:78:9d:78:62:a3:4f:32:49:
ec:8d:8e:b6:1a:ee:07:20:57:50:4a:2c:0d:ee:ea:
19:b3:e4:62:bf:4f:02:57:13:5d:e0:52:92:33:5b:
2e:7a:9d:8f:f8:a3:e7:be:8a:14:30:da:52:a9:96:
f9:94:0f:9b:37:2f:2d:cf:dd:fe:d3:44:83:95:94:
3d:51:24:96:fa:8c:8c:f1:b4:a3:c1:83:48:3d:73:
3c:77:2d:a8:1b:41:4e:e0:7a:27:c6:f8:86:35:25:
2e:63:33:41:37:69:77:7a:1d:8d:1f:56:2c:0e:20:
d9:35:cf:5f:7b:a2:8a:af:6a:8c:e7:86:e4:52:de:
9a:b7:f1:17:fa:0c:09:53:6e:82:c5:91:9c:0d:a5:
e8:33:9a:eb:74:83:cd:cf:25:d3:58:b4:d3:af:b5:
e9:29:31:9d:9d:de:6b:3c:d2:7d:4b:15:bf:24:b8:
06:22:13:e9:17:b7:12:18:9d:5f:83:d7:0d:f6:21:
3f:68:57:ae:6c:ed:93:77:66:93:0a:65:7a:7c:3b:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:38:06:76:00:29:0D:20:FA:3E:01:A2:BF:70:22:50:5A:EC:DC:29
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B794EBB0C27C11EFB49C615F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.171.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:02:5e:a6:28:9a:d9:24:ae:ad:81:ff:45:4f:f8:c7:40:da:
8a:40:84:5a:12:11:49:2e:6f:82:19:88:bd:36:75:08:cd:53:
6f:b8:9f:14:aa:4e:1c:68:48:59:14:d4:c0:d5:33:58:1a:0f:
60:2c:82:f4:c9:75:ca:fb:65:42:8e:8c:50:6b:27:f7:3d:fb:
45:b5:06:d3:df:29:c5:56:ef:50:c3:61:47:1b:10:28:b2:3e:
59:1d:f8:dc:20:47:bb:85:97:1e:19:df:9c:1c:dd:c9:8f:6a:
36:d1:d0:f7:ae:cb:b7:22:3b:5c:82:26:3b:01:9e:db:c9:d6:
de:c0:8e:8d:6e:81:17:a9:b9:2e:d3:2a:eb:61:c2:ae:18:72:
5f:76:2e:46:4a:3e:8f:0f:3a:f0:5b:1b:e7:00:88:21:9d:87:
a3:e0:c7:d0:22:ca:62:1d:03:74:d0:2f:3d:74:5e:96:54:95:
72:6d:29:23:af:f0:fc:63:5e:0a:b7:26:61:b4:12:a3:8b:a8:
97:4b:57:67:24:fa:17:dd:4f:f8:bc:50:40:b9:e3:0c:5a:69:
34:68:88:ce:63:f4:00:1f:98:69:eb:a2:18:3f:e9:e3:67:6f:
3d:6a:1e:17:e3:02:e3:0e:af:99:c8:33:33:3d:9c:7e:d6:58:
27:cc:3f:25
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOizMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDQ1NzE1WhcNMjUxMjEwMDQ1NzE1WjAYMRYw
FAYDVQQDEw02NzZiOTBhZS03MGNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0zOZ/SxbEY1K9KPt55lVhfAl5Gdjq3A33Mn7b16T2ySbkI+dGQVW8HML
I3E377SRJjUaeJ14YqNPMknsjY62Gu4HIFdQSiwN7uoZs+Riv08CVxNd4FKSM1su
ep2P+KPnvooUMNpSqZb5lA+bNy8tz93+00SDlZQ9USSW+oyM8bSjwYNIPXM8dy2o
G0FO4HonxviGNSUuYzNBN2l3eh2NH1YsDiDZNc9fe6KKr2qM54bkUt6at/EX+gwJ
U26CxZGcDaXoM5rrdIPNzyXTWLTTr7XpKTGdnd5rPNJ9SxW/JLgGIhPpF7cSGJ1f
g9cN9iE/aFeubO2Td2aTCmV6fDsR3wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAM4
BnYAKQ0g+j4Bor9wIlBa7NwpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNzk0RUJCMEMyN0MxMUVGQjQ5QzYxNUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOrMA0GCSqGSIb3DQEBCwUA
A4IBAQANAl6mKJrZJK6tgf9FT/jHQNqKQIRaEhFJLm+CGYi9NnUIzVNvuJ8Uqk4c
aEhZFNTA1TNYGg9gLIL0yXXK+2VCjoxQayf3PftFtQbT3ynFVu9Qw2FHGxAosj5Z
HfjcIEe7hZceGd+cHN3Jj2o20dD3rsu3IjtcgiY7AZ7bydbewI6NboEXqbku0yrr
YcKuGHJfdi5GSj6PDzrwWxvnAIghnYej4MfQIspiHQN00C89dF6WVJVybSkjr/D8
Y14KtyZhtBKji6iXS1dnJPoX3U/4vFBAueMMWmk0aIjOY/QAH5hp66IYP+njZ289
ah4X4wLjDq+ZyDMzPZx+1lgnzD8l
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:11 2025 by rpki-client