Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDA0BD92CC9211EF90735563762E951A.roa
File: CDA0BD92CC9211EF90735563762E951A.roa (raw, json)
Hash identifier: tEMcUiSU5cau01msEdh9WTVN1ylP5sC4MDUpgTImcZI=
Subject key identifier: 43:0C:34:9B:05:93:AE:48:B9:4A:FB:59:00:BA:6C:7C:57:0A:2E:0B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F919
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDA0BD92CC9211EF90735563762E951A.roa
Signing time: Tue 07 Jan 2025 01:00:36 +0000
ROA not before: Tue 07 Jan 2025 01:00:32 +0000
ROA not after: Mon 13 Dec 2027 01:00:32 +0000
asID: 17561
IP address blocks: 156.227.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63769 (0xf919)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 01:00:32 2025 GMT
Not After : Dec 13 01:00:32 2027 GMT
Subject: CN=677c7cb4-628d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fe:ac:c7:fb:54:24:74:a1:46:83:0e:90:22:
dc:bc:0d:70:eb:ad:76:21:d5:04:80:1b:27:28:6d:
f5:d3:94:92:13:20:84:5f:25:f9:cf:37:9c:64:a1:
b0:b0:2a:2c:a1:6e:7e:61:fb:16:22:e3:6f:66:83:
7c:37:a7:d5:4c:4e:b6:2c:31:26:7a:72:35:48:ed:
52:32:5d:6c:c4:28:75:80:88:76:87:68:0a:03:62:
41:b6:83:be:74:c4:3a:fd:eb:c9:21:95:a2:da:24:
9f:77:b5:2d:7f:8c:f1:b7:6b:87:e3:be:98:2a:41:
7c:6d:cc:ea:b8:ae:c0:08:d6:c0:75:2a:f4:0c:06:
a8:3c:ac:c2:0e:f7:c0:90:78:47:92:9b:a7:ff:31:
d5:76:01:14:b6:8f:a8:94:2f:9a:ba:3e:a2:9e:a2:
86:39:b7:4f:f8:cf:82:2f:1f:f7:57:21:ff:e0:38:
64:77:0e:9f:77:fc:24:ca:fb:5d:5b:16:8b:1a:4d:
47:87:9f:2b:bf:52:11:ec:30:e9:86:ff:51:be:a4:
f4:4e:83:a7:85:6f:c8:57:5d:95:14:26:75:02:17:
7b:7b:6b:44:2b:db:81:ae:d9:75:d5:01:ad:95:7d:
cc:1c:a6:0a:f3:bf:84:31:5d:01:bd:19:61:f1:e1:
a1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:0C:34:9B:05:93:AE:48:B9:4A:FB:59:00:BA:6C:7C:57:0A:2E:0B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDA0BD92CC9211EF90735563762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.65.0/24
Signature Algorithm: sha256WithRSAEncryption
67:74:81:ae:25:0e:c7:bb:82:f9:ec:eb:75:ed:ef:00:a9:da:
68:0c:ae:65:51:1f:c8:d6:f8:b1:53:d9:ba:5b:30:6a:7c:8d:
d8:0c:d5:4a:85:cb:86:ac:23:c2:ac:0d:e2:0d:c4:12:20:4f:
fd:10:f5:56:17:48:aa:32:54:59:36:8c:0b:8b:fc:74:ef:f7:
bf:be:b6:18:ca:7c:bf:0c:5d:56:6e:e5:90:3d:33:7b:94:84:
b1:3e:96:84:e8:4e:53:d2:e6:fb:c6:08:66:1c:28:4a:cd:e7:
d9:ef:10:99:02:7d:6e:6a:79:70:7f:30:5b:2c:87:9d:ed:50:
21:c1:13:74:f0:67:4b:04:0a:9b:f1:44:d0:e5:78:2c:6f:5a:
8d:97:ea:c6:dc:38:58:be:9a:b5:c9:3a:e1:c7:8c:07:00:9c:
96:83:08:98:ef:b5:94:d0:8d:e3:81:dd:27:ba:c7:5a:49:b7:
27:c1:74:95:9d:14:43:a3:35:11:be:a3:0a:b0:07:f4:17:73:
fd:c1:94:89:76:19:92:00:f4:91:58:29:1f:fd:bc:b7:01:6b:
8e:5d:25:23:62:af:ad:4b:92:71:b2:a7:e3:2b:f7:1e:12:45:
e9:08:65:af:85:0f:ac:1b:03:a6:ef:fa:77:5e:66:57:a5:ec:
03:6b:be:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPkZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDEwMDMyWhcNMjcxMjEzMDEwMDMyWjAYMRYw
FAYDVQQDEw02NzdjN2NiNC02MjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2v6sx/tUJHShRoMOkCLcvA1w6612IdUEgBsnKG3105SSEyCEXyX5zzec
ZKGwsCosoW5+YfsWIuNvZoN8N6fVTE62LDEmenI1SO1SMl1sxCh1gIh2h2gKA2JB
toO+dMQ6/evJIZWi2iSfd7Utf4zxt2uH476YKkF8bczquK7ACNbAdSr0DAaoPKzC
DvfAkHhHkpun/zHVdgEUto+olC+auj6inqKGObdP+M+CLx/3VyH/4Dhkdw6fd/wk
yvtdWxaLGk1Hh58rv1IR7DDphv9RvqT0ToOnhW/IV12VFCZ1Ahd7e2tEK9uBrtl1
1QGtlX3MHKYK87+EMV0BvRlh8eGhPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEMM
NJsFk65IuUr7WQC6bHxXCi4LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DREEwQkQ5MkNDOTIxMUVGOTA3MzU1NjM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnONBMA0GCSqGSIb3DQEBCwUA
A4IBAQBndIGuJQ7Hu4L57Ot17e8AqdpoDK5lUR/I1vixU9m6WzBqfI3YDNVKhcuG
rCPCrA3iDcQSIE/9EPVWF0iqMlRZNowLi/x07/e/vrYYyny/DF1WbuWQPTN7lISx
PpaE6E5T0ub7xghmHChKzefZ7xCZAn1uanlwfzBbLIed7VAhwRN08GdLBAqb8UTQ
5Xgsb1qNl+rG3DhYvpq1yTrhx4wHAJyWgwiY77WU0I3jgd0nusdaSbcnwXSVnRRD
ozURvqMKsAf0F3P9wZSJdhmSAPSRWCkf/by3AWuOXSUjYq+tS5JxsqfjK/ceEkXp
CGWvhQ+sGwOm7/p3XmZXpewDa77C
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:49:34 2025 by rpki-client