Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFDEB6CCAD211EF997BEF50762E951A.roa
File: CAFDEB6CCAD211EF997BEF50762E951A.roa (raw, json)
Hash identifier: z7HjLrNy8j1dgczuzYSy/gtv6CZdAzLbbGV3GvkoUhE=
Subject key identifier: 8C:B3:03:19:E0:A6:A0:20:6C:1B:A5:87:53:60:F8:C8:F1:A6:36:F8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F782
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFDEB6CCAD211EF997BEF50762E951A.roa
Signing time: Sat 04 Jan 2025 19:33:37 +0000
ROA not before: Sun 05 Jan 2025 19:33:33 +0000
ROA not after: Sun 09 Feb 2025 19:33:33 +0000
asID: 11404
IP address blocks: 156.237.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63362 (0xf782)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 5 19:33:33 2025 GMT
Not After : Feb 9 19:33:33 2025 GMT
Subject: CN=67798d11-6269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3f:01:ab:bb:e4:db:18:67:26:5f:50:6c:9f:
ea:9b:a9:ce:d0:62:f1:08:64:93:49:9d:51:48:3f:
43:9a:4a:b9:e1:1f:da:32:bf:38:32:41:d8:4f:3e:
46:4d:3e:9e:f4:e2:cf:f4:fc:cf:07:52:52:03:ad:
94:f8:91:dd:39:91:4a:99:39:5c:d2:55:b8:88:19:
68:b1:55:f2:4d:bd:b3:c8:5a:77:56:91:17:86:76:
70:c7:e3:88:eb:83:f1:2b:fe:d3:7b:af:89:66:ec:
04:96:ce:59:51:d2:4f:9e:8f:7f:b1:b2:5c:5a:1e:
87:70:2c:d6:92:a1:92:e8:99:26:b7:af:3b:17:61:
91:44:c4:95:4c:42:6b:35:f4:78:52:bd:53:c4:f9:
07:43:98:93:a2:ff:ab:dc:23:0b:97:2e:3d:fb:0c:
eb:50:45:76:70:3d:92:3c:61:54:ce:0f:1b:5e:02:
79:27:ae:8b:11:0c:f0:5d:89:9a:32:27:f1:a2:8d:
0f:d7:c5:0c:b9:c2:dc:ec:c0:7a:33:29:a4:e0:5f:
e0:51:63:13:eb:3b:e2:37:6e:cb:ae:ac:04:2b:cd:
f5:82:af:33:aa:ad:c3:d8:b6:e3:3b:57:ce:94:4c:
92:33:6d:00:76:13:42:40:27:7c:a6:d3:68:ba:82:
81:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B3:03:19:E0:A6:A0:20:6C:1B:A5:87:53:60:F8:C8:F1:A6:36:F8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CAFDEB6CCAD211EF997BEF50762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.96.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:19:88:c7:9f:5e:e1:9a:eb:b1:79:d8:c1:72:08:e3:18:b2:
1b:31:00:3c:06:8d:5e:b5:61:4d:07:0c:75:b7:8c:45:46:28:
f9:96:bb:45:2f:8a:56:ab:e1:14:f9:95:e6:cf:18:a3:61:47:
25:c2:8c:0c:86:39:2f:94:25:2b:cc:da:29:15:a5:4b:90:a9:
9e:6e:42:99:ee:a4:4d:b7:6b:0c:cd:05:f6:04:1a:e0:96:28:
9c:a9:b7:5c:cb:cc:2d:4b:40:9e:55:18:70:fe:2a:f9:d2:5e:
8d:87:4f:27:59:de:8b:14:e4:4a:12:08:76:dc:4b:93:5c:5a:
b9:11:15:e7:66:81:12:6d:a7:ea:b6:11:ea:77:33:e2:c5:65:
b9:6e:51:3d:8d:70:2d:62:3c:4d:67:86:92:c4:5e:aa:bb:14:
c4:39:cc:50:ba:0b:64:5e:4c:15:9b:88:c2:36:c8:b6:3c:c7:
69:f1:e6:61:97:41:91:50:55:c0:67:45:c1:13:76:6c:c3:0a:
9d:fc:d5:8d:4f:f8:29:1a:ae:8b:22:7f:14:00:1d:83:77:97:
f8:74:ec:9c:1b:a5:f6:3e:0f:ab:e6:d9:77:4a:ae:4e:7e:1f:
cf:ba:a5:b4:36:c6:75:df:e4:8b:c4:aa:3d:97:81:68:1e:30:
93:74:40:be
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPeCMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA1MTkzMzMzWhcNMjUwMjA5MTkzMzMzWjAYMRYw
FAYDVQQDEw02Nzc5OGQxMS02MjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlD8Bq7vk2xhnJl9QbJ/qm6nO0GLxCGSTSZ1RSD9Dmkq54R/aMr84MkHY
Tz5GTT6e9OLP9PzPB1JSA62U+JHdOZFKmTlc0lW4iBlosVXyTb2zyFp3VpEXhnZw
x+OI64PxK/7Te6+JZuwEls5ZUdJPno9/sbJcWh6HcCzWkqGS6Jkmt687F2GRRMSV
TEJrNfR4Ur1TxPkHQ5iTov+r3CMLly49+wzrUEV2cD2SPGFUzg8bXgJ5J66LEQzw
XYmaMifxoo0P18UMucLc7MB6Mymk4F/gUWMT6zviN27LrqwEK831gq8zqq3D2Lbj
O1fOlEySM20AdhNCQCd8ptNouoKBdwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIyz
AxngpqAgbBulh1Ng+Mjxpjb4MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQUZERUI2Q0NBRDIxMUVGOTk3QkVGNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnO1gMA0GCSqGSIb3DQEBCwUA
A4IBAQCmGYjHn17hmuuxedjBcgjjGLIbMQA8Bo1etWFNBwx1t4xFRij5lrtFL4pW
q+EU+ZXmzxijYUclwowMhjkvlCUrzNopFaVLkKmebkKZ7qRNt2sMzQX2BBrgliic
qbdcy8wtS0CeVRhw/ir50l6Nh08nWd6LFORKEgh23EuTXFq5ERXnZoESbafqthHq
dzPixWW5blE9jXAtYjxNZ4aSxF6quxTEOcxQugtkXkwVm4jCNsi2PMdp8eZhl0GR
UFXAZ0XBE3Zswwqd/NWNT/gpGq6LIn8UAB2Dd5f4dOycG6X2Pg+r5tl3Sq5Ofh/P
uqW0NsZ13+SLxKo9l4FoHjCTdEC+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:26 2025 by rpki-client