Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2CF2B3CC31F11EF953B9151762E951A.roa
File: C2CF2B3CC31F11EF953B9151762E951A.roa (raw, json)
Hash identifier: BeG3VfvaSysNLBWfEhgQvHjIVWYba22z5sSiyAGP4Zo=
Subject key identifier: 6A:D2:04:27:EC:99:5D:7E:BC:14:66:CE:9B:BA:7B:2E:6D:F8:D5:EF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EA11
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2CF2B3CC31F11EF953B9151762E951A.roa
Signing time: Thu 26 Dec 2024 00:24:25 +0000
ROA not before: Thu 26 Dec 2024 00:00:22 +0000
ROA not after: Wed 10 Dec 2025 00:00:22 +0000
asID: 984
IP address blocks: 156.228.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59921 (0xea11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 00:00:22 2024 GMT
Not After : Dec 10 00:00:22 2025 GMT
Subject: CN=676ca239-0e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e1:77:e1:36:e9:fd:35:e9:96:cf:3d:34:37:
06:24:0d:fa:bc:1e:af:b4:62:81:08:56:13:8d:f2:
ef:30:ac:15:05:1a:b7:0d:4d:35:73:27:8e:25:66:
9c:c1:f1:ed:c8:bf:4f:b7:b0:c5:c9:2f:ea:1f:a2:
fe:23:ac:3d:0d:8a:e5:90:35:fc:c2:ab:bb:3f:0c:
be:76:2b:b6:14:cb:46:39:46:80:35:72:7e:d4:e6:
67:90:e6:86:9d:11:6c:cb:8a:a6:6e:18:fb:30:3f:
c0:8f:64:06:74:c7:7b:f8:c0:4e:7c:ea:58:54:10:
00:02:45:62:ce:05:a3:d1:46:9a:61:34:a2:34:af:
99:fa:11:07:91:e9:ab:36:e1:25:1a:a1:01:93:55:
80:0e:d1:43:b5:3f:77:3e:eb:7b:55:72:bc:88:87:
64:b0:f3:1f:02:24:e2:d2:49:4e:ca:9a:a2:f8:6f:
22:b9:62:7d:b9:00:52:23:f0:4a:25:8a:60:17:cd:
73:b8:48:16:e9:05:60:9a:c2:9d:fa:91:ec:88:88:
44:88:94:be:c8:31:8c:b0:5f:86:97:7e:0d:d1:e2:
8b:9c:58:5c:8a:cf:21:b1:ed:3d:da:d9:5e:1e:34:
8d:be:b0:bc:0a:30:73:59:c8:14:84:8f:a5:41:52:
09:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D2:04:27:EC:99:5D:7E:BC:14:66:CE:9B:BA:7B:2E:6D:F8:D5:EF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C2CF2B3CC31F11EF953B9151762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.215.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:b9:1d:b8:bc:7b:f3:b1:6d:e6:3e:10:4f:c4:9f:10:10:b3:
a9:6b:70:b0:35:f0:7f:b9:2c:47:02:42:ca:f4:df:8b:2c:a5:
57:a4:40:85:ea:a0:5b:bb:3e:6f:07:61:c0:44:85:71:ab:2e:
9a:74:b4:9e:f3:f1:27:69:d1:a3:1e:95:04:76:6a:a1:fe:29:
fc:ec:6f:8a:d5:a6:73:a4:3b:14:5b:d2:5f:5b:96:d5:47:cd:
f9:22:51:76:10:c0:fe:8c:1f:de:c3:55:a8:e5:0d:26:fa:69:
2a:88:9d:6c:8e:33:1e:21:42:00:b5:9a:9e:59:9d:b6:2f:bb:
44:d0:1e:39:c6:6f:8e:a5:73:7c:57:a8:6b:32:4a:3b:83:45:
1b:d1:03:e5:6d:e6:ea:00:af:45:df:22:60:26:13:79:ef:07:
8e:2a:ad:4a:e2:04:81:9c:64:c2:06:9e:23:6e:36:73:da:a9:
ed:de:88:5f:eb:74:88:14:82:84:db:ac:60:df:a9:b2:de:8c:
72:2a:aa:b7:b4:09:98:ed:84:8e:c9:24:48:44:5f:e7:33:c4:
59:b7:28:51:e1:8b:35:8a:04:a1:7d:ab:eb:c5:c9:2b:b9:aa:
7a:0e:9f:a7:2c:2a:11:f4:27:50:70:2e:92:e2:a4:31:39:da:
d3:4a:d7:e1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOoRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDAwMDIyWhcNMjUxMjEwMDAwMDIyWjAYMRYw
FAYDVQQDEw02NzZjYTIzOS0wZTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmuF34Tbp/TXpls89NDcGJA36vB6vtGKBCFYTjfLvMKwVBRq3DU01cyeO
JWacwfHtyL9Pt7DFyS/qH6L+I6w9DYrlkDX8wqu7Pwy+diu2FMtGOUaANXJ+1OZn
kOaGnRFsy4qmbhj7MD/Aj2QGdMd7+MBOfOpYVBAAAkVizgWj0UaaYTSiNK+Z+hEH
kemrNuElGqEBk1WADtFDtT93Put7VXK8iIdksPMfAiTi0klOypqi+G8iuWJ9uQBS
I/BKJYpgF81zuEgW6QVgmsKd+pHsiIhEiJS+yDGMsF+Gl34N0eKLnFhcis8hse09
2tleHjSNvrC8CjBzWcgUhI+lQVIJSQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGrS
BCfsmV1+vBRmzpu6ey5t+NXvMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DMkNGMkIzQ0MzMUYxMUVGOTUzQjkxNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOTXMA0GCSqGSIb3DQEBCwUA
A4IBAQBruR24vHvzsW3mPhBPxJ8QELOpa3CwNfB/uSxHAkLK9N+LLKVXpECF6qBb
uz5vB2HARIVxqy6adLSe8/EnadGjHpUEdmqh/in87G+K1aZzpDsUW9JfW5bVR835
IlF2EMD+jB/ew1Wo5Q0m+mkqiJ1sjjMeIUIAtZqeWZ22L7tE0B45xm+OpXN8V6hr
Mko7g0Ub0QPlbebqAK9F3yJgJhN57weOKq1K4gSBnGTCBp4jbjZz2qnt3ohf63SI
FIKE26xg36my3oxyKqq3tAmY7YSOySRIRF/nM8RZtyhR4Ys1igShfavrxckruap6
Dp+nLCoR9CdQcC6S4qQxOdrTStfh
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:10 2025 by rpki-client