Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1A44BA8F65311EE9AD26B97775412E6.roa
File: E1A44BA8F65311EE9AD26B97775412E6.roa (raw, json)
Hash identifier: J9js2THMnpEeOWoQLu/6xHMN0PMFBBwyldPQ3bCHJV4=
Subject key identifier: 42:A0:F8:08:50:D4:F5:38:A2:E1:36:34:5E:F9:17:04:90:0E:67:3E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 81D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1A44BA8F65311EE9AD26B97775412E6.roa
Signing time: Tue 09 Apr 2024 09:31:02 +0000
ROA not before: Tue 09 Apr 2024 09:30:59 +0000
ROA not after: Mon 13 May 2024 09:30:59 +0000
asID: 64267
IP address blocks: 156.248.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 09 May 2024 00:16:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33232 (0x81d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Apr 9 09:30:59 2024 GMT
Not After : May 13 09:30:59 2024 GMT
Subject: CN=66150ad6-4a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:08:9f:d0:f9:fb:7e:5d:5d:a5:91:7c:5f:
59:05:e2:ab:d0:67:a4:a6:36:bb:6d:da:31:96:75:
ae:64:6d:8f:69:29:7f:f4:6d:77:76:3a:c8:23:36:
1d:7c:53:8c:50:27:c6:89:70:ee:d5:ef:7c:8a:15:
aa:90:f5:65:15:c9:e4:05:db:55:92:2e:af:51:b3:
a0:3b:1f:61:35:75:c5:2f:58:88:64:62:9d:03:53:
90:ab:f8:88:29:ea:96:da:81:66:b3:24:5e:a7:7f:
66:10:4d:10:61:61:4a:3b:67:ff:3b:ec:29:04:3f:
25:f6:81:7a:9b:bf:4c:c2:c0:6c:dc:b5:8d:6f:c7:
cc:86:43:26:fc:e1:0e:ca:9e:fe:1d:4c:c3:3b:85:
2d:24:a3:9a:dc:3b:64:d9:40:75:0c:9c:f3:45:4f:
29:68:fb:d8:9e:35:dc:38:74:92:e3:b1:e7:ce:5a:
aa:d1:69:6c:da:9e:b1:45:c6:a5:cb:aa:ab:47:97:
90:52:f6:37:82:c0:6a:b5:b3:11:9c:b5:43:dc:14:
ab:eb:d6:02:de:7b:a0:e0:ef:dd:6b:12:0b:bd:82:
44:8c:4b:10:d1:b1:93:11:0b:7a:27:8d:4b:1c:1d:
0f:51:48:62:c0:4e:ab:b5:00:47:26:a6:d7:45:54:
db:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A0:F8:08:50:D4:F5:38:A2:E1:36:34:5E:F9:17:04:90:0E:67:3E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E1A44BA8F65311EE9AD26B97775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.102.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d1:88:52:8c:64:81:36:82:22:63:2c:09:bc:51:78:07:a5:
43:61:fc:a9:37:b3:54:2a:05:b3:1d:db:53:9d:c1:b5:a0:93:
56:ef:fe:cb:7b:7f:76:d6:44:23:e7:ba:1f:00:d9:1b:c4:b2:
d8:23:66:76:14:dd:65:87:e6:26:e8:0f:0c:e6:13:ff:e5:9d:
9c:5f:c7:5b:0b:d2:ed:d5:fc:ba:81:b0:99:2f:49:30:40:be:
f0:89:92:4a:cd:73:33:76:05:a6:f0:43:8b:d5:29:20:55:60:
d5:ff:fa:ee:ce:b2:80:25:82:d1:bb:77:16:21:e3:b1:9c:53:
fa:b8:da:93:a5:c6:9f:14:64:70:92:7c:51:44:3e:3b:ec:f5:
ac:2c:38:52:3f:1e:3d:01:10:54:21:1b:9a:09:a4:27:e4:f1:
be:47:95:dc:fe:a2:03:27:77:24:62:3c:e7:4b:30:a6:6e:ea:
82:1d:f1:4e:63:b3:9d:70:a3:81:34:c5:85:15:50:06:70:96:
02:bd:e9:95:27:8a:61:c8:54:e2:9f:29:88:f1:be:9e:7b:64:
e1:7d:57:ca:63:d1:7a:a2:ef:4b:8f:b6:41:1c:5d:01:1b:ba:
0d:c0:fe:0d:d8:da:fe:e7:a5:07:a7:3a:f0:53:4d:5c:5b:8b:
9b:02:f0:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIHQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDA5MDkzMDU5WhcNMjQwNTEzMDkzMDU5WjAYMRYw
FAYDVQQDEw02NjE1MGFkNi00YTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArEAIn9D5+35dXaWRfF9ZBeKr0Gekpja7bdoxlnWuZG2PaSl/9G13djrI
IzYdfFOMUCfGiXDu1e98ihWqkPVlFcnkBdtVki6vUbOgOx9hNXXFL1iIZGKdA1OQ
q/iIKeqW2oFmsyRep39mEE0QYWFKO2f/O+wpBD8l9oF6m79MwsBs3LWNb8fMhkMm
/OEOyp7+HUzDO4UtJKOa3Dtk2UB1DJzzRU8paPvYnjXcOHSS47Hnzlqq0Wls2p6x
Rcaly6qrR5eQUvY3gsBqtbMRnLVD3BSr69YC3nug4O/daxILvYJEjEsQ0bGTEQt6
J41LHB0PUUhiwE6rtQBHJqbXRVTbXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEKg
+AhQ1PU4ouE2NF75FwSQDmc+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMUE0NEJBOEY2NTMxMUVFOUFEMjZCOTc3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhmMA0GCSqGSIb3DQEBCwUA
A4IBAQCE0YhSjGSBNoIiYywJvFF4B6VDYfypN7NUKgWzHdtTncG1oJNW7/7Le392
1kQj57ofANkbxLLYI2Z2FN1lh+Ym6A8M5hP/5Z2cX8dbC9Lt1fy6gbCZL0kwQL7w
iZJKzXMzdgWm8EOL1SkgVWDV//ruzrKAJYLRu3cWIeOxnFP6uNqTpcafFGRwknxR
RD477PWsLDhSPx49ARBUIRuaCaQn5PG+R5Xc/qIDJ3ckYjznSzCmbuqCHfFOY7Od
cKOBNMWFFVAGcJYCvemVJ4phyFTinymI8b6ee2ThfVfKY9F6ou9Lj7ZBHF0BG7oN
wP4N2Nr+56UHpzrwU01cW4ubAvCw
-----END CERTIFICATE-----
Generated at Tue May 7 01:58:07 2024 by rpki-client on console-fra.rpki-client.org