Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB1A5F22CD7A11EF8D530346762E951A.roa
File: CB1A5F22CD7A11EF8D530346762E951A.roa (raw, json)
Hash identifier: Pl0ixxHt4P/bWdim2geKHMboIvvCDsCKEkASAzQyubk=
Subject key identifier: 7F:93:99:28:8F:A7:B4:72:62:1A:D0:71:3C:3D:9C:6E:0C:E6:50:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFD5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB1A5F22CD7A11EF8D530346762E951A.roa
Signing time: Wed 08 Jan 2025 04:41:15 +0000
ROA not before: Wed 08 Jan 2025 04:41:11 +0000
ROA not after: Mon 13 Dec 2027 04:41:11 +0000
asID: 17561
IP address blocks: 156.250.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65493 (0xffd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 04:41:11 2025 GMT
Not After : Dec 13 04:41:11 2027 GMT
Subject: CN=677e01eb-5043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4d:a2:4e:7c:97:4c:c2:e3:90:a6:bd:9e:ae:
ab:a3:f3:d3:99:ce:86:2a:fe:7d:fe:e6:af:01:24:
c9:8f:ca:80:e7:ae:97:8e:f0:7c:31:8b:7b:f2:95:
bc:99:79:95:04:6a:ee:29:68:a8:cb:90:14:a9:9a:
9a:de:aa:d6:44:90:48:f5:3e:89:64:3f:c2:7a:2d:
ad:d2:68:58:56:ec:65:3a:2b:b7:39:ea:16:fa:9f:
1a:c5:37:ef:e6:de:e4:14:2b:38:fb:4e:7b:5c:10:
b2:c0:fa:cc:4b:ef:12:f3:4f:2a:1b:7f:51:7e:2f:
f7:a0:4b:85:e2:cd:66:ac:ea:8a:4f:e4:97:50:87:
5d:cf:a0:f3:f6:6e:a9:28:4f:ed:32:41:f0:36:e5:
67:dc:75:2b:77:a6:d1:f2:d4:36:42:38:ba:cc:01:
66:38:f5:b1:b4:5c:7b:8f:1f:f1:7a:1d:fb:2f:9f:
cd:f1:83:e2:5f:52:a1:79:a6:96:50:a6:da:08:13:
3e:42:06:c9:bc:b6:74:57:2b:b6:ef:fe:f2:86:f0:
78:ff:e2:df:00:91:72:95:27:ee:cd:bf:86:6f:7b:
c3:a9:b1:49:3d:f6:05:88:9a:1e:fc:84:17:dd:0f:
79:a7:09:01:1f:50:d4:f7:10:48:c3:a7:43:6d:f6:
29:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:93:99:28:8F:A7:B4:72:62:1A:D0:71:3C:3D:9C:6E:0C:E6:50:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB1A5F22CD7A11EF8D530346762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.250.48.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:91:b5:2e:12:0e:26:de:8a:8b:82:95:25:7c:80:e9:28:55:
36:53:80:ec:9b:bb:3e:a4:4b:ec:5d:13:18:89:00:da:0d:3c:
93:68:7b:1b:34:67:fe:69:f8:c0:99:a2:6b:22:20:bf:98:d6:
5e:2d:be:85:b1:18:f6:ed:9c:12:a8:98:06:20:5e:e9:29:10:
68:2b:a0:d8:28:bb:7d:83:ce:7b:67:82:37:e6:1a:5e:13:5b:
9e:c1:3f:85:9e:01:9d:aa:9b:33:79:b6:e5:eb:50:3f:7c:17:
50:e3:4c:bc:3f:6f:bc:eb:b9:85:c3:04:a6:23:45:7b:6f:a4:
3d:60:e5:f4:c6:3c:15:c1:d6:47:ab:c6:bc:1a:c2:2e:ae:c3:
f4:41:35:a3:cf:73:90:a5:d1:61:f2:4c:11:1d:16:3e:e5:03:
8e:34:2f:3a:43:56:7a:5f:19:39:d0:16:0a:e1:f7:24:2d:db:
de:dd:79:38:c0:c3:88:3f:cb:ff:ba:4f:b5:da:93:ab:45:20:
fb:e7:e6:97:4f:f1:c5:00:97:c4:0d:a6:f3:bc:89:f0:55:a1:
ed:19:19:3d:7b:2c:de:a6:b2:c2:32:a6:77:b0:40:7c:de:3e:
e8:d0:81:3f:b1:b8:f3:54:19:41:ee:8d:6d:1d:2e:7f:e2:c0:
94:22:df:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP/VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDQ0MTExWhcNMjcxMjEzMDQ0MTExWjAYMRYw
FAYDVQQDEw02NzdlMDFlYi01MDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqE2iTnyXTMLjkKa9nq6ro/PTmc6GKv59/uavASTJj8qA566XjvB8MYt7
8pW8mXmVBGruKWioy5AUqZqa3qrWRJBI9T6JZD/Cei2t0mhYVuxlOiu3OeoW+p8a
xTfv5t7kFCs4+057XBCywPrMS+8S808qG39Rfi/3oEuF4s1mrOqKT+SXUIddz6Dz
9m6pKE/tMkHwNuVn3HUrd6bR8tQ2Qji6zAFmOPWxtFx7jx/xeh37L5/N8YPiX1Kh
eaaWUKbaCBM+QgbJvLZ0Vyu27/7yhvB4/+LfAJFylSfuzb+Gb3vDqbFJPfYFiJoe
/IQX3Q95pwkBH1DU9xBIw6dDbfYpjwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH+T
mSiPp7RyYhrQcTw9nG4M5lDWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjFBNUYyMkNEN0ExMUVGOEQ1MzAzNDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPowMA0GCSqGSIb3DQEBCwUA
A4IBAQAekbUuEg4m3oqLgpUlfIDpKFU2U4Dsm7s+pEvsXRMYiQDaDTyTaHsbNGf+
afjAmaJrIiC/mNZeLb6FsRj27ZwSqJgGIF7pKRBoK6DYKLt9g857Z4I35hpeE1ue
wT+FngGdqpszebbl61A/fBdQ40y8P2+867mFwwSmI0V7b6Q9YOX0xjwVwdZHq8a8
GsIursP0QTWjz3OQpdFh8kwRHRY+5QOONC86Q1Z6Xxk50BYK4fckLdve3Xk4wMOI
P8v/uk+12pOrRSD75+aXT/HFAJfEDabzvInwVaHtGRk9eyzeprLCMqZ3sEB83j7o
0IE/sbjzVBlB7o1tHS5/4sCUIt8M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:10 2025 by rpki-client