Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB55CC42C95111EF983A69BF762E951A.roa
File: CB55CC42C95111EF983A69BF762E951A.roa (raw, json)
Hash identifier: zOtO7U5BAhUF8j7KQ2vDALIsbdYED+vZHKMw8zs+M1A=
Subject key identifier: AC:C2:B5:EA:E9:8B:59:2F:07:CC:71:E2:DF:04:1D:2D:BD:96:7F:0A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3CE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB55CC42C95111EF983A69BF762E951A.roa
Signing time: Thu 02 Jan 2025 21:37:41 +0000
ROA not before: Thu 02 Jan 2025 21:37:38 +0000
ROA not after: Sat 13 Dec 2025 21:37:38 +0000
asID: 984
IP address blocks: 156.225.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62414 (0xf3ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:37:38 2025 GMT
Not After : Dec 13 21:37:38 2025 GMT
Subject: CN=67770725-32d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c7:e2:f1:b5:94:71:ee:94:56:09:37:7f:91:
b6:b4:fe:31:e4:0f:33:c5:76:5a:e5:97:44:0e:0b:
fd:b4:46:a3:f2:0a:b9:a9:85:76:72:9b:b5:71:5a:
97:54:55:0b:53:29:d7:3a:8d:00:4f:0e:c2:e2:a6:
75:dc:4c:6c:20:91:a3:56:33:ff:fd:86:2e:9f:19:
78:c3:30:54:9c:07:16:83:59:57:b7:65:9e:e2:f0:
af:1d:9a:e3:2e:15:59:f4:d7:4a:65:87:30:7c:0f:
36:11:23:2d:a1:8c:68:19:2e:31:40:ec:9a:d9:45:
f3:cd:f5:cf:00:c3:07:37:5d:91:15:11:00:d7:8f:
a2:f0:b5:98:1b:02:c6:45:06:0e:ba:07:97:ef:34:
3a:97:15:8a:47:48:a5:04:e0:88:39:76:3b:3b:23:
64:2a:bb:24:e8:e6:5d:bf:fc:30:62:a8:6f:aa:89:
c1:6a:5b:d9:99:6b:1c:f9:31:d5:21:63:f0:32:da:
b7:a7:4d:f4:f7:e8:1e:0a:e5:b7:2c:e8:f6:0e:f3:
e5:31:71:a8:a7:82:76:fe:bd:3a:80:8b:bc:e9:f7:
45:2a:39:56:38:a0:ce:ce:2d:04:9d:dd:2f:76:ad:
c5:e4:f2:bf:1b:71:fd:74:98:cd:05:c0:ff:d8:d0:
6b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C2:B5:EA:E9:8B:59:2F:07:CC:71:E2:DF:04:1D:2D:BD:96:7F:0A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB55CC42C95111EF983A69BF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.190.0/24
Signature Algorithm: sha256WithRSAEncryption
58:dd:d5:ea:75:86:73:f6:03:3a:b3:23:46:9a:bb:28:65:15:
82:08:08:aa:3a:b9:1d:b3:be:c1:94:8e:fc:e6:e4:89:f8:5e:
c9:e6:a0:77:22:0c:f8:10:7f:02:92:c6:a0:46:46:d8:e3:65:
cb:d9:1f:d4:d4:f9:e0:8d:3e:67:1d:1f:78:e8:36:50:41:99:
72:67:6b:d9:77:8b:2b:fb:65:4a:df:37:85:18:34:82:8e:10:
39:91:82:18:4c:51:bf:88:56:f6:d1:23:a1:d1:81:b0:49:69:
07:d1:37:fe:58:2f:dc:46:91:f8:45:12:f1:d2:50:e4:a0:88:
2c:54:3c:a8:07:ef:b2:9d:5b:94:a0:f1:86:48:67:1d:7b:f5:
1c:f4:66:37:59:d5:a7:0c:24:8e:4f:39:e4:f8:61:69:41:9f:
24:89:34:3b:88:4d:d2:b5:46:6d:4b:20:ca:e4:30:fb:6f:ff:
30:1e:e8:59:f3:0e:5d:9e:74:96:9b:e9:3a:30:fe:7f:9c:36:
fa:86:ea:b9:d1:bc:2e:37:7b:3a:66:ae:a3:ca:74:87:6d:76:
e4:c7:c4:d1:1c:d3:6b:69:32:bf:c2:99:17:64:fc:ed:55:f8:
3a:9d:20:d6:a7:57:f3:62:c4:63:bd:5d:4e:c3:9f:6e:75:ac:
0e:a3:ac:c0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjEzNzM4WhcNMjUxMjEzMjEzNzM4WjAYMRYw
FAYDVQQDEw02Nzc3MDcyNS0zMmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw8fi8bWUce6UVgk3f5G2tP4x5A8zxXZa5ZdEDgv9tEaj8gq5qYV2cpu1
cVqXVFULUynXOo0ATw7C4qZ13ExsIJGjVjP//YYunxl4wzBUnAcWg1lXt2We4vCv
HZrjLhVZ9NdKZYcwfA82ESMtoYxoGS4xQOya2UXzzfXPAMMHN12RFREA14+i8LWY
GwLGRQYOugeX7zQ6lxWKR0ilBOCIOXY7OyNkKrsk6OZdv/wwYqhvqonBalvZmWsc
+THVIWPwMtq3p0309+geCuW3LOj2DvPlMXGop4J2/r06gIu86fdFKjlWOKDOzi0E
nd0vdq3F5PK/G3H9dJjNBcD/2NBrXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKzC
terpi1kvB8xx4t8EHS29ln8KMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjU1Q0M0MkM5NTExMUVGOTgzQTY5QkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOG+MA0GCSqGSIb3DQEBCwUA
A4IBAQBY3dXqdYZz9gM6syNGmrsoZRWCCAiqOrkds77BlI785uSJ+F7J5qB3Igz4
EH8CksagRkbY42XL2R/U1PngjT5nHR946DZQQZlyZ2vZd4sr+2VK3zeFGDSCjhA5
kYIYTFG/iFb20SOh0YGwSWkH0Tf+WC/cRpH4RRLx0lDkoIgsVDyoB++ynVuUoPGG
SGcde/Uc9GY3WdWnDCSOTznk+GFpQZ8kiTQ7iE3StUZtSyDK5DD7b/8wHuhZ8w5d
nnSWm+k6MP5/nDb6huq50bwuN3s6Zq6jynSHbXbkx8TRHNNraTK/wpkXZPztVfg6
nSDWp1fzYsRjvV1Ow59udawOo6zA
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:37:17 2025 by rpki-client