Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68714CAC33811EF91B89885762E951A.roa
File: B68714CAC33811EF91B89885762E951A.roa (raw, json)
Hash identifier: egoXkLf9fgiJRMV+8fPpvQNv9j71bDeqteuDNnFsgUk=
Subject key identifier: 21:22:5E:A3:4B:46:D6:C2:DC:D0:EF:3B:F6:C0:EA:04:AB:42:F8:0F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB69
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68714CAC33811EF91B89885762E951A.roa
Signing time: Thu 26 Dec 2024 03:23:02 +0000
ROA not before: Thu 26 Dec 2024 03:22:58 +0000
ROA not after: Fri 10 Dec 2027 03:22:58 +0000
asID: 17561
IP address blocks: 156.244.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:26:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60265 (0xeb69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 26 03:22:58 2024 GMT
Not After : Dec 10 03:22:58 2027 GMT
Subject: CN=676ccc16-98ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:1c:bf:5e:b3:09:42:a0:2d:e6:26:fe:64:
3b:bb:89:95:7c:ec:11:bf:a5:d7:d9:76:63:4b:76:
e2:2e:fe:13:af:b4:a7:02:fe:19:0d:a8:c3:4a:e3:
0d:50:2f:99:6a:3a:4f:29:04:ab:82:d6:44:ba:72:
ea:8c:42:87:17:f2:cd:3d:04:de:a7:2c:65:ff:7f:
59:9d:24:ac:3b:77:a5:b0:0d:6e:bc:ba:74:62:9a:
9b:3f:9a:1f:77:01:87:37:ef:93:b6:38:07:1c:43:
f8:96:8e:05:2d:17:66:5b:86:47:d8:42:1f:dd:d5:
9f:ef:9d:2e:6b:1a:b7:c5:23:d7:06:6f:85:ea:74:
1f:c1:86:cf:a5:7c:74:16:3b:ad:96:6a:67:c1:6a:
70:24:31:4a:01:69:ae:7d:57:e0:9d:02:b6:0d:fa:
d8:a3:61:e2:9b:4e:fb:b8:1f:0d:3b:82:3e:b1:e5:
05:c8:cb:8d:88:8b:71:dc:3d:5d:91:3c:06:f6:35:
30:58:32:45:68:04:8f:9d:35:42:b0:a8:06:76:c9:
6a:4d:00:5e:62:c4:b6:53:b4:0d:b0:9f:71:b6:6c:
3a:44:32:12:8e:57:58:9a:32:7d:9d:6a:fc:47:55:
8d:59:2c:8c:d1:55:7c:62:96:51:f4:d5:bd:3f:f5:
b1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:22:5E:A3:4B:46:D6:C2:DC:D0:EF:3B:F6:C0:EA:04:AB:42:F8:0F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B68714CAC33811EF91B89885762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.176.0/24
Signature Algorithm: sha256WithRSAEncryption
11:5a:26:fa:86:b7:e5:0f:54:f0:fb:51:9b:c9:c3:48:91:5c:
fd:5d:2b:e5:fe:bb:2d:70:ce:be:8b:5c:6e:d0:b7:4b:05:0e:
d2:0a:97:9f:60:40:a5:5b:cb:12:87:ee:9d:82:20:a0:e9:14:
c3:52:75:0b:02:9f:a4:11:c2:2b:18:1c:16:7e:50:ec:ad:93:
72:07:69:b2:6f:b0:e6:36:75:f2:8f:b6:46:84:58:91:6b:c2:
1e:03:6e:70:f8:b6:ae:a5:ec:63:65:61:1d:a2:e6:ca:35:3d:
99:75:d5:2e:a7:b4:96:8a:7f:cf:94:05:a1:df:b6:60:41:d1:
8c:8d:d2:68:cb:fe:15:61:ee:1d:2a:d4:f9:88:f4:91:00:4d:
20:14:2d:cc:92:48:61:3e:15:f7:c9:35:06:64:05:02:0b:8f:
32:ca:5f:d4:bd:03:3a:e1:54:bf:e3:3e:67:b2:41:82:23:52:
f6:c6:0a:74:04:48:54:38:57:17:26:29:28:c6:64:07:77:fb:
84:52:26:8b:5a:08:7c:b3:71:c6:21:ca:e9:ba:ec:f0:e7:27:
01:26:7e:22:4d:e4:8b:73:b2:b9:b6:a6:7c:e1:52:9e:9e:f1:
ec:f7:bd:68:0e:0c:73:2e:37:7e:15:7f:4d:32:77:b7:f7:60:
c0:22:5f:3d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOtpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDMyMjU4WhcNMjcxMjEwMDMyMjU4WjAYMRYw
FAYDVQQDEw02NzZjY2MxNi05OGVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnGMcv16zCUKgLeYm/mQ7u4mVfOwRv6XX2XZjS3biLv4Tr7SnAv4ZDajD
SuMNUC+ZajpPKQSrgtZEunLqjEKHF/LNPQTepyxl/39ZnSSsO3elsA1uvLp0Ypqb
P5ofdwGHN++TtjgHHEP4lo4FLRdmW4ZH2EIf3dWf750uaxq3xSPXBm+F6nQfwYbP
pXx0FjutlmpnwWpwJDFKAWmufVfgnQK2DfrYo2Him077uB8NO4I+seUFyMuNiItx
3D1dkTwG9jUwWDJFaASPnTVCsKgGdslqTQBeYsS2U7QNsJ9xtmw6RDISjldYmjJ9
nWr8R1WNWSyM0VV8YpZR9NW9P/Wx4wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCEi
XqNLRtbC3NDvO/bA6gSrQvgPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CNjg3MTRDQUMzMzgxMUVGOTFCODk4ODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPSwMA0GCSqGSIb3DQEBCwUA
A4IBAQARWib6hrflD1Tw+1GbycNIkVz9XSvl/rstcM6+i1xu0LdLBQ7SCpefYECl
W8sSh+6dgiCg6RTDUnULAp+kEcIrGBwWflDsrZNyB2myb7DmNnXyj7ZGhFiRa8Ie
A25w+LaupexjZWEdoubKNT2ZddUup7SWin/PlAWh37ZgQdGMjdJoy/4VYe4dKtT5
iPSRAE0gFC3MkkhhPhX3yTUGZAUCC48yyl/UvQM64VS/4z5nskGCI1L2xgp0BEhU
OFcXJikoxmQHd/uEUiaLWgh8s3HGIcrpuuzw5ycBJn4iTeSLc7K5tqZ84VKenvHs
971oDgxzLjd+FX9NMne392DAIl89
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:09:05 2025 by rpki-client