Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCA0753ACD1511EF9FF1E7B1762E951A.roa
File: CCA0753ACD1511EF9FF1E7B1762E951A.roa (raw, json)
Hash identifier: 9VE9W7EoA/hEs+lI6h5xvgnN1rxQfCdsSVx8fPgDQco=
Subject key identifier: 21:77:F5:D6:10:90:A8:6B:C9:0E:FF:36:FF:EF:45:00:DD:59:B4:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD19
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCA0753ACD1511EF9FF1E7B1762E951A.roa
Signing time: Tue 07 Jan 2025 16:38:18 +0000
ROA not before: Tue 07 Jan 2025 16:38:14 +0000
ROA not after: Mon 13 Dec 2027 16:38:14 +0000
asID: 17561
IP address blocks: 156.241.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64793 (0xfd19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:38:14 2025 GMT
Not After : Dec 13 16:38:14 2027 GMT
Subject: CN=677d587a-4e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3f:e7:5b:6f:67:6a:5a:80:28:bb:a3:2e:9e:
e4:fc:e8:6c:84:f6:69:a7:7f:7c:55:39:34:ce:4f:
53:1a:7e:97:29:05:6a:1d:c9:d0:3d:ba:6a:1e:d8:
07:68:b9:16:8b:e0:88:db:05:c6:87:1c:2e:d2:f5:
ec:19:de:09:9c:76:c4:01:74:45:5e:4e:62:5d:94:
df:ef:71:9d:41:51:07:90:94:c8:f8:9a:e5:21:d7:
33:d1:d7:89:37:41:81:dd:c3:21:4d:92:3c:48:85:
bd:c6:25:af:fb:05:8e:61:42:7f:82:5e:a7:3e:c2:
04:8b:f7:a2:07:4f:2e:28:ef:ce:29:6b:81:2f:b1:
2c:b8:f6:f1:b1:9b:a8:a6:47:3a:b2:66:6d:6b:53:
9e:57:a2:dd:44:8e:62:ab:34:66:56:86:3a:7d:fc:
8d:05:8b:44:39:25:10:70:32:ac:df:b1:d1:eb:52:
56:5c:9f:d3:41:4e:42:61:61:bf:64:3d:a3:f0:97:
e2:98:ce:d8:f5:e8:5c:2e:4a:b1:e8:f8:58:8a:0d:
6a:ea:9e:21:3a:75:1b:89:65:b6:83:20:06:90:fc:
63:89:cc:81:e9:6c:d2:59:70:6c:e6:75:1d:f8:76:
e6:00:5a:a5:a4:10:94:87:4e:db:7d:55:da:f0:bd:
09:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:77:F5:D6:10:90:A8:6B:C9:0E:FF:36:FF:EF:45:00:DD:59:B4:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CCA0753ACD1511EF9FF1E7B1762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.16.0/24
Signature Algorithm: sha256WithRSAEncryption
02:11:4d:93:b4:2d:da:1f:98:0a:2e:40:dd:50:92:f5:c8:be:
11:b0:5b:94:a5:7d:f8:65:20:53:4b:c8:ca:d4:25:96:d6:e3:
82:09:ce:c8:00:25:67:eb:d2:b0:18:77:9f:52:e3:74:6c:c2:
f9:9b:db:58:25:2a:65:96:54:40:1e:d8:5a:bd:e2:0f:28:01:
65:a0:3f:8c:f2:21:a4:5e:ef:b2:c9:ae:09:6f:95:11:5c:5d:
19:c8:46:50:67:30:2c:77:39:c8:f6:86:ab:a0:e5:98:c9:e5:
53:35:73:ae:4a:86:5f:33:f9:2e:12:eb:d1:97:f5:1f:dd:2a:
d3:56:28:f7:bd:13:4a:5c:e4:46:9e:23:e0:a7:51:4a:5f:d5:
92:a8:1d:0f:bd:5a:9e:6f:52:63:d0:b4:94:8a:4a:e7:c5:2b:
93:9d:a4:51:11:ee:f4:c2:22:5f:3a:78:3b:02:0d:68:b3:ce:
b8:2e:8c:38:ff:96:5c:cd:78:2a:ae:50:09:76:3c:48:34:79:
ed:3b:88:4e:1a:79:c0:e0:ff:51:98:73:e1:e3:f3:43:f5:cb:
1b:7f:24:c9:88:c3:27:6a:bf:b3:63:24:5a:d0:11:34:b9:e3:
34:be:fb:0b:cf:c7:97:a6:e8:b2:b3:6f:3f:8a:bc:0d:c8:d4:
76:4c:15:22
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTYzODE0WhcNMjcxMjEzMTYzODE0WjAYMRYw
FAYDVQQDEw02NzdkNTg3YS00ZTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsT/nW29nalqAKLujLp7k/OhshPZpp398VTk0zk9TGn6XKQVqHcnQPbpq
HtgHaLkWi+CI2wXGhxwu0vXsGd4JnHbEAXRFXk5iXZTf73GdQVEHkJTI+JrlIdcz
0deJN0GB3cMhTZI8SIW9xiWv+wWOYUJ/gl6nPsIEi/eiB08uKO/OKWuBL7EsuPbx
sZuopkc6smZta1OeV6LdRI5iqzRmVoY6ffyNBYtEOSUQcDKs37HR61JWXJ/TQU5C
YWG/ZD2j8JfimM7Y9ehcLkqx6PhYig1q6p4hOnUbiWW2gyAGkPxjicyB6WzSWXBs
5nUd+HbmAFqlpBCUh07bfVXa8L0J+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFCF3
9dYQkKhryQ7/Nv/vRQDdWbRfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQ0EwNzUzQUNEMTUxMUVGOUZGMUU3QjE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEQMA0GCSqGSIb3DQEBCwUA
A4IBAQACEU2TtC3aH5gKLkDdUJL1yL4RsFuUpX34ZSBTS8jK1CWW1uOCCc7IACVn
69KwGHefUuN0bML5m9tYJSplllRAHthaveIPKAFloD+M8iGkXu+yya4Jb5URXF0Z
yEZQZzAsdznI9oaroOWYyeVTNXOuSoZfM/kuEuvRl/Uf3SrTVij3vRNKXORGniPg
p1FKX9WSqB0PvVqeb1Jj0LSUikrnxSuTnaRREe70wiJfOng7Ag1os864Low4/5Zc
zXgqrlAJdjxINHntO4hOGnnA4P9RmHPh4/ND9csbfyTJiMMnar+zYyRa0BE0ueM0
vvsLz8eXpuiys28/irwNyNR2TBUi
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:15 2025 by rpki-client