Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDF69B8EF42611EFA751FD94762E951A.roa
File: CDF69B8EF42611EFA751FD94762E951A.roa (raw, json)
Hash identifier: a8Edd3UmZUHOdogYHSOk406gApieukO8mn3iJBb5GzE=
Subject key identifier: A9:2D:59:0C:21:6C:54:C7:84:0F:1A:F1:09:38:71:EB:8A:CC:61:77
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130A6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDF69B8EF42611EFA751FD94762E951A.roa
Signing time: Wed 26 Feb 2025 09:48:17 +0000
ROA not before: Wed 26 Feb 2025 09:48:14 +0000
ROA not after: Thu 19 Feb 2026 09:48:14 +0000
asID: 984
IP address blocks: 156.252.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77990 (0x130a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 09:48:14 2025 GMT
Not After : Feb 19 09:48:14 2026 GMT
Subject: CN=67bee361-c003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a8:e6:fc:85:e7:92:9d:ff:fa:92:1e:8c:32:
cc:d4:cb:ff:d1:55:af:6e:b5:a1:08:50:8d:f5:b5:
82:28:98:97:1b:7b:0f:7f:00:8d:2c:b4:3f:0c:10:
f9:5c:0a:eb:57:42:50:37:92:5b:d0:68:07:67:e5:
a9:a9:ff:49:41:bd:5b:73:75:a9:67:b8:b9:e9:a3:
19:d3:4c:98:54:ef:8b:f2:f5:ed:09:db:a7:09:54:
3d:5d:b5:56:b2:e1:0d:37:2f:9b:c4:83:7f:dd:73:
6f:e2:79:23:bb:da:e2:86:6b:5d:62:98:5e:d1:b3:
da:5e:2d:10:3d:ec:b2:c9:5a:3e:3b:91:60:5b:93:
e3:17:cf:77:a6:24:ab:7e:ff:a2:9a:16:af:fd:cc:
18:62:e9:57:3f:aa:d6:66:d2:26:44:55:74:f3:ec:
91:ef:75:07:24:e1:4d:f9:d0:e3:79:09:28:3a:c0:
ec:18:89:83:1a:7c:19:09:5f:79:e5:f9:77:ec:2f:
09:fc:8e:3c:8d:f0:a0:ed:96:5c:7f:ca:c6:78:32:
7e:04:2e:1b:22:92:4b:a1:0c:35:7e:be:19:3e:21:
ff:cb:0b:dc:f8:01:66:af:8c:27:1a:9f:78:6a:16:
69:c3:63:49:4a:8a:3b:c0:3a:a4:2e:ad:7f:f4:b6:
93:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2D:59:0C:21:6C:54:C7:84:0F:1A:F1:09:38:71:EB:8A:CC:61:77
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CDF69B8EF42611EFA751FD94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.70.0/24
Signature Algorithm: sha256WithRSAEncryption
73:78:1d:c1:8e:ea:60:02:68:a3:2d:a6:94:36:d6:e1:e0:4a:
50:a9:a2:e4:2b:57:91:ad:cc:83:7f:1a:fb:4e:6f:02:f6:71:
29:d2:1f:e5:84:6d:61:3b:b3:7b:da:71:51:db:cb:5b:79:c9:
0d:7e:25:35:9b:fd:39:d1:38:e1:68:b0:68:0c:9c:8b:46:04:
ee:48:0e:29:46:73:0f:89:e2:c1:84:fb:ed:93:cf:54:c5:62:
67:f2:5b:92:d2:f6:ee:54:4d:28:91:ba:fa:4e:05:09:ec:8a:
e9:d0:bf:9a:4d:da:77:da:21:ce:3e:1c:82:48:5a:6b:2e:db:
71:9c:55:a4:77:77:53:00:77:27:92:4f:cd:7c:18:73:b4:21:
f4:7b:57:54:79:22:5a:05:be:dc:35:07:3c:ee:d2:85:4c:50:
c2:d0:b6:1f:00:2a:dd:37:ca:cc:96:8d:e9:d7:f2:cc:58:8a:
e4:7a:e7:68:8e:c1:91:bb:26:bb:a2:c1:9a:26:73:2d:5f:1a:
6c:aa:14:ec:ca:f9:e3:5f:81:47:e5:36:22:cd:99:a3:1e:c4:
3b:30:96:1d:b6:d3:fb:e0:fc:ac:14:a8:ef:11:16:9b:f3:de:
65:70:ce:19:4e:17:6c:7f:b5:39:44:37:65:a7:1c:31:29:a1:
4d:41:57:9b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATCmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MDk0ODE0WhcNMjYwMjE5MDk0ODE0WjAYMRYw
FAYDVQQDEw02N2JlZTM2MS1jMDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuKjm/IXnkp3/+pIejDLM1Mv/0VWvbrWhCFCN9bWCKJiXG3sPfwCNLLQ/
DBD5XArrV0JQN5Jb0GgHZ+Wpqf9JQb1bc3WpZ7i56aMZ00yYVO+L8vXtCdunCVQ9
XbVWsuENNy+bxIN/3XNv4nkju9rihmtdYphe0bPaXi0QPeyyyVo+O5FgW5PjF893
piSrfv+imhav/cwYYulXP6rWZtImRFV08+yR73UHJOFN+dDjeQkoOsDsGImDGnwZ
CV955fl37C8J/I48jfCg7ZZcf8rGeDJ+BC4bIpJLoQw1fr4ZPiH/ywvc+AFmr4wn
Gp94ahZpw2NJSoo7wDqkLq1/9LaTswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKkt
WQwhbFTHhA8a8Qk4ceuKzGF3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DREY2OUI4RUY0MjYxMUVGQTc1MUZEOTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxGMA0GCSqGSIb3DQEBCwUA
A4IBAQBzeB3BjupgAmijLaaUNtbh4EpQqaLkK1eRrcyDfxr7Tm8C9nEp0h/lhG1h
O7N72nFR28tbeckNfiU1m/050TjhaLBoDJyLRgTuSA4pRnMPieLBhPvtk89UxWJn
8luS0vbuVE0okbr6TgUJ7Irp0L+aTdp32iHOPhyCSFprLttxnFWkd3dTAHcnkk/N
fBhztCH0e1dUeSJaBb7cNQc87tKFTFDC0LYfACrdN8rMlo3p1/LMWIrkeudojsGR
uya7osGaJnMtXxpsqhTsyvnjX4FH5TYizZmjHsQ7MJYdttP74PysFKjvERab895l
cM4ZThdsf7U5RDdlpxwxKaFNQVeb
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:35 2025 by rpki-client