Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9FC3A94E53E11EF9C10899D762E951A.roa
File: C9FC3A94E53E11EF9C10899D762E951A.roa (raw, json)
Hash identifier: YaZK1uTsJcfoN4h/Pz7Od1PEpvoomEFO84jMyPvxd5A=
Subject key identifier: 83:FF:81:2C:4F:07:44:3A:E9:0B:B6:DD:ED:6B:D4:62:93:48:2C:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011D04
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9FC3A94E53E11EF9C10899D762E951A.roa
Signing time: Fri 07 Feb 2025 10:32:11 +0000
ROA not before: Fri 07 Feb 2025 10:32:07 +0000
ROA not after: Mon 13 Dec 2027 10:32:07 +0000
asID: 17561
IP address blocks: 156.230.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72964 (0x11d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 7 10:32:07 2025 GMT
Not After : Dec 13 10:32:07 2027 GMT
Subject: CN=67a5e12b-c0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:46:44:91:d6:53:1b:6e:81:e0:0b:58:77:34:
6f:17:0b:25:a4:a9:e7:7a:8c:21:2e:f3:99:78:2b:
f9:9c:38:70:6c:b0:a2:14:c6:00:a8:53:13:4a:d1:
bc:e7:6b:60:41:56:12:d0:7c:f1:d9:c1:44:d0:67:
be:dc:a4:9d:fd:66:6e:32:53:35:61:3d:ab:91:2e:
a6:6c:eb:c9:f1:3d:4b:66:52:56:cd:32:a8:c2:8a:
67:c2:ad:23:d0:fa:7a:ae:a4:c0:10:6b:c2:06:f8:
58:ba:3c:fe:c9:f9:8c:08:6f:e4:42:97:99:0e:1f:
9d:49:bb:43:63:03:2e:87:49:7f:2d:cd:5d:b8:f3:
37:ae:b6:02:d8:0a:7a:f6:30:54:75:8a:9f:5a:89:
d3:83:ef:6e:fe:69:fd:e5:f5:63:af:e3:5e:6f:7e:
42:5e:65:e5:2d:50:57:26:db:e1:b3:e5:bc:a7:74:
9c:33:59:85:fb:62:f8:a6:a8:84:20:ab:bf:72:e7:
04:b9:18:2a:45:3e:b9:0f:06:44:18:f4:51:15:07:
71:50:bd:76:08:c3:04:61:13:ed:48:d5:e7:73:ab:
f9:ff:2b:4a:5f:07:6d:50:74:b3:8e:fd:46:c5:52:
cc:42:c3:6f:9a:f8:2d:eb:91:21:6e:21:68:71:0f:
7b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:FF:81:2C:4F:07:44:3A:E9:0B:B6:DD:ED:6B:D4:62:93:48:2C:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C9FC3A94E53E11EF9C10899D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.158.0/24
Signature Algorithm: sha256WithRSAEncryption
58:e6:eb:53:9c:a3:92:31:9f:89:4a:ee:7c:d9:28:ac:74:e1:
3e:6f:71:a9:83:32:63:6f:be:95:37:98:0d:78:76:cd:d7:e8:
b6:0a:ed:5b:6c:c0:e2:9d:31:dc:a7:b2:61:2e:54:be:25:f5:
d7:8a:9f:4e:7c:65:f9:43:e7:dc:d3:49:49:01:a6:66:1c:da:
d5:e8:ec:c7:ef:08:4b:20:7f:cb:4c:f7:6b:d9:9d:1c:60:a8:
15:e9:fb:29:d6:b2:6f:cf:15:15:bf:ac:ba:0e:6b:e1:3d:77:
68:fb:14:60:8f:73:4f:94:24:10:3a:33:98:28:8c:1e:dc:5c:
62:d8:9a:3e:b7:3d:18:f5:25:96:9d:88:a2:eb:bb:4b:94:c7:
b2:ee:c9:53:c3:4b:3a:36:ae:1d:1a:a1:22:f1:52:9c:2e:04:
74:2a:14:7f:2d:f1:73:9d:56:8a:aa:db:82:e5:aa:2d:ad:81:
30:3a:28:d5:63:d8:e2:1d:8e:02:17:4d:5d:56:4b:de:ca:ee:
df:af:52:c5:f8:6a:32:57:9a:88:53:75:53:bd:85:af:29:6e:
e6:aa:c0:1d:80:58:6c:04:cc:55:c1:6d:3b:da:9e:64:ac:77:
9c:42:94:82:53:f6:d0:67:76:23:4a:29:da:90:e2:e0:4b:56:
b6:f9:09:49
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAR0EMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjA3MTAzMjA3WhcNMjcxMjEzMTAzMjA3WjAYMRYw
FAYDVQQDEw02N2E1ZTEyYi1jMGIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9UZEkdZTG26B4AtYdzRvFwslpKnneowhLvOZeCv5nDhwbLCiFMYAqFMT
StG852tgQVYS0Hzx2cFE0Ge+3KSd/WZuMlM1YT2rkS6mbOvJ8T1LZlJWzTKowopn
wq0j0Pp6rqTAEGvCBvhYujz+yfmMCG/kQpeZDh+dSbtDYwMuh0l/Lc1duPM3rrYC
2Ap69jBUdYqfWonTg+9u/mn95fVjr+Neb35CXmXlLVBXJtvhs+W8p3ScM1mF+2L4
pqiEIKu/cucEuRgqRT65DwZEGPRRFQdxUL12CMMEYRPtSNXnc6v5/ytKXwdtUHSz
jv1GxVLMQsNvmvgt65EhbiFocQ97pQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIP/
gSxPB0Q66Qu23e1r1GKTSCxUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DOUZDM0E5NEU1M0UxMUVGOUMxMDg5OUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOaeMA0GCSqGSIb3DQEBCwUA
A4IBAQBY5utTnKOSMZ+JSu582SisdOE+b3GpgzJjb76VN5gNeHbN1+i2Cu1bbMDi
nTHcp7JhLlS+JfXXip9OfGX5Q+fc00lJAaZmHNrV6OzH7whLIH/LTPdr2Z0cYKgV
6fsp1rJvzxUVv6y6DmvhPXdo+xRgj3NPlCQQOjOYKIwe3Fxi2Jo+tz0Y9SWWnYii
67tLlMey7slTw0s6Nq4dGqEi8VKcLgR0KhR/LfFznVaKqtuC5aotrYEwOijVY9ji
HY4CF01dVkveyu7fr1LF+GoyV5qIU3VTvYWvKW7mqsAdgFhsBMxVwW072p5krHec
QpSCU/bQZ3YjSinakOLgS1a2+QlJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:12 2025 by rpki-client