Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDCD3622F44E11EF93362AAD762E951A.roa
File: CDCD3622F44E11EF93362AAD762E951A.roa (raw, json)
Hash identifier: Pvcid/ApbIXuibPGDGkKrdJ2+fpppUZ7Jw4hCGqY6lU=
Subject key identifier: 00:C9:DB:5C:E7:CF:A7:71:08:DE:EC:A5:55:82:D2:B9:AB:B4:13:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0133CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDCD3622F44E11EF93362AAD762E951A.roa
Signing time: Wed 26 Feb 2025 14:34:37 +0000
ROA not before: Wed 26 Feb 2025 14:34:33 +0000
ROA not after: Thu 19 Feb 2026 14:34:33 +0000
asID: 984
IP address blocks: 156.231.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78799 (0x133cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 14:34:33 2025 GMT
Not After : Feb 19 14:34:33 2026 GMT
Subject: CN=67bf267d-3903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:41:6f:68:9a:89:89:3f:ad:2f:3b:35:91:29:
23:db:5c:85:ca:fd:ac:75:f6:a8:1f:d4:4f:14:e7:
c2:d3:5a:5f:25:e6:4d:ac:7b:4d:9d:f5:7d:9b:7c:
e7:40:f8:d5:3f:b2:86:50:e2:f9:6d:72:4c:e7:b5:
98:f8:a4:fa:4e:cd:ca:98:a7:83:d4:5e:a0:3f:48:
5f:4d:36:24:a2:ce:10:92:02:b7:45:d7:3f:12:2e:
b7:98:f2:d3:d5:eb:a5:18:97:ed:00:1b:64:93:64:
0f:80:68:ea:b7:e8:3f:67:d8:1b:2c:a0:75:51:96:
90:00:fa:13:5c:d2:b2:91:55:ac:b1:d2:65:df:25:
eb:39:53:64:bf:86:74:8e:47:68:94:96:43:99:9d:
01:f4:72:85:e7:3a:2f:0e:cd:5e:c7:35:35:c7:7f:
d0:42:5b:19:19:d5:6f:f5:bb:8d:55:bc:c6:84:f5:
25:b9:6d:c9:cd:42:42:4b:8e:e3:47:1c:13:f7:f7:
95:c4:b9:e1:08:77:9a:ac:0e:99:de:7e:c8:e5:0f:
cd:54:6f:4f:3d:3f:9a:77:5f:f6:bf:3a:f0:5c:70:
f9:4a:21:e9:5c:0d:b0:67:30:02:93:cf:f5:56:30:
d0:97:a0:83:25:7e:f8:2c:ee:6c:fd:08:dc:39:94:
89:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C9:DB:5C:E7:CF:A7:71:08:DE:EC:A5:55:82:D2:B9:AB:B4:13:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDCD3622F44E11EF93362AAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.231.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f1:88:c6:c2:7f:19:bc:9d:7d:f8:a2:7a:6b:04:1f:e6:f5:
55:3c:77:c7:3a:7a:67:59:42:fc:bc:93:a9:0b:b3:3b:58:e1:
79:66:ee:5d:98:2a:8f:4f:88:bd:c0:70:5e:90:f6:fc:1a:47:
8c:a3:bd:cb:9a:e5:80:12:4d:d3:2c:9a:07:31:5d:4e:58:60:
67:94:57:d6:b9:36:4f:1d:fe:c4:a1:1e:60:a2:e9:83:4f:61:
92:54:af:ac:e4:ef:18:ac:4a:b2:5b:f4:8c:d5:84:be:57:66:
1a:68:e7:c2:c8:83:2f:e5:ce:f3:c5:1c:b7:85:f5:62:50:14:
a7:6a:4f:5a:a5:a2:03:c7:da:e0:0e:24:dc:47:5b:1f:4c:3f:
84:af:9d:9e:4e:28:c0:ad:6e:fe:98:b5:5a:84:de:7d:3a:99:
46:4c:8b:c5:2e:d7:30:fe:6a:0b:0b:e7:be:50:b0:0e:ae:9f:
af:a7:53:14:4c:79:fc:65:26:6e:67:83:55:77:eb:d2:3c:17:
1d:3b:98:50:7d:33:ec:c6:0f:c4:b8:3e:05:0a:a9:53:5e:fc:
c5:93:64:64:25:66:f2:e0:1e:d0:52:91:32:8e:af:21:4e:46:
bb:63:b2:cb:88:0a:dd:6e:6e:83:3f:b0:a2:43:1d:8d:71:62:
5b:87:91:00
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATPPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTQzNDMzWhcNMjYwMjE5MTQzNDMzWjAYMRYw
FAYDVQQDEw02N2JmMjY3ZC0zOTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy0FvaJqJiT+tLzs1kSkj21yFyv2sdfaoH9RPFOfC01pfJeZNrHtNnfV9
m3znQPjVP7KGUOL5bXJM57WY+KT6Ts3KmKeD1F6gP0hfTTYkos4QkgK3Rdc/Ei63
mPLT1eulGJftABtkk2QPgGjqt+g/Z9gbLKB1UZaQAPoTXNKykVWssdJl3yXrOVNk
v4Z0jkdolJZDmZ0B9HKF5zovDs1exzU1x3/QQlsZGdVv9buNVbzGhPUluW3JzUJC
S47jRxwT9/eVxLnhCHearA6Z3n7I5Q/NVG9PPT+ad1/2vzrwXHD5SiHpXA2wZzAC
k8/1VjDQl6CDJX74LO5s/QjcOZSJuQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFADJ
21znz6dxCN7spVWC0rmrtBORMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRENEMzYyMkY0NEUxMUVGOTMzNjJBQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOe9MA0GCSqGSIb3DQEBCwUA
A4IBAQAc8YjGwn8ZvJ19+KJ6awQf5vVVPHfHOnpnWUL8vJOpC7M7WOF5Zu5dmCqP
T4i9wHBekPb8GkeMo73LmuWAEk3TLJoHMV1OWGBnlFfWuTZPHf7EoR5goumDT2GS
VK+s5O8YrEqyW/SM1YS+V2YaaOfCyIMv5c7zxRy3hfViUBSnak9apaIDx9rgDiTc
R1sfTD+Er52eTijArW7+mLVahN59OplGTIvFLtcw/moLC+e+ULAOrp+vp1MUTHn8
ZSZuZ4NVd+vSPBcdO5hQfTPsxg/EuD4FCqlTXvzFk2RkJWby4B7QUpEyjq8hTka7
Y7LLiArdbm6DP7CiQx2NcWJbh5EA
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:09:11 2025 by rpki-client