Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE028490CCCA11EF8BFC8859762E951A.roa
File: CE028490CCCA11EF8BFC8859762E951A.roa (raw, json)
Hash identifier: 8oOUDi5nxm0pzhV64B/TYW3Ygp5Tzhrdj6mw/mKF2yc=
Subject key identifier: 5D:6F:1A:85:B1:EA:DC:8A:6B:A3:0B:32:82:98:2E:35:03:48:E4:E2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA78
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE028490CCCA11EF8BFC8859762E951A.roa
Signing time: Tue 07 Jan 2025 07:41:28 +0000
ROA not before: Tue 07 Jan 2025 07:41:25 +0000
ROA not after: Sat 13 Dec 2025 07:41:25 +0000
asID: 984
IP address blocks: 156.233.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64120 (0xfa78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 07:41:25 2025 GMT
Not After : Dec 13 07:41:25 2025 GMT
Subject: CN=677cdaa8-f533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f3:5c:9a:6d:55:d7:f4:a0:d0:ad:10:6e:36:
80:7b:68:6a:df:a3:96:3f:da:fa:91:61:da:94:2d:
20:4c:64:50:47:20:3c:27:40:88:63:5d:5a:29:3c:
d3:3c:26:0f:35:17:e0:89:b8:f1:c2:73:85:84:2a:
1f:c0:49:e5:fb:63:31:f5:20:91:74:f9:75:03:60:
f6:c8:54:2b:f9:1f:c0:69:fc:e0:0f:40:42:13:2f:
9a:15:0b:51:46:4c:4a:37:5d:77:50:f0:e1:98:73:
d5:c6:43:cb:97:8b:7c:b0:07:89:c0:3f:bf:d6:3e:
89:0d:1a:4f:b3:97:35:90:16:8b:6c:b2:9d:78:4b:
53:81:f0:60:e2:6d:83:43:3b:79:14:81:87:63:04:
ba:92:bb:35:0d:28:b9:6f:4a:b7:0a:41:16:85:db:
aa:45:04:83:07:e4:53:2f:2e:f9:e5:d6:a1:4c:00:
8c:36:e5:30:28:ff:45:eb:cb:14:af:5e:7c:1c:cd:
9f:47:5d:c9:67:d4:31:bf:df:d3:0b:b3:7a:94:9e:
c2:bb:41:67:a0:0f:c7:78:5d:ee:a5:fc:b3:56:b6:
2f:72:51:3c:84:e9:49:ae:63:ef:dc:cf:c3:ee:e3:
a0:ba:b4:c0:24:07:c9:d3:7b:4c:cb:d9:e9:f6:d2:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6F:1A:85:B1:EA:DC:8A:6B:A3:0B:32:82:98:2E:35:03:48:E4:E2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CE028490CCCA11EF8BFC8859762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.105.0/24
Signature Algorithm: sha256WithRSAEncryption
88:17:c7:93:85:5c:94:59:db:1f:41:5f:1f:03:41:55:04:4b:
4c:7e:fe:a3:41:ba:58:1b:5b:be:d1:00:6b:f4:e1:f1:9d:dd:
29:af:99:b5:52:8e:f9:ae:b7:4f:83:4c:80:07:f8:23:21:db:
00:c7:b0:1f:7d:33:ac:76:54:9e:19:df:30:db:fb:49:48:82:
78:2a:e7:ca:10:0a:8e:33:ac:1d:66:e2:92:ae:8b:70:8a:33:
87:51:62:55:c1:fd:43:20:f0:06:2d:76:e5:9e:64:a3:85:4e:
f8:9a:0b:c5:b1:a3:51:50:8d:ac:ca:f9:cd:e8:2b:c8:58:1b:
19:71:1d:ba:f1:91:60:4c:3c:c8:d3:70:4e:92:40:e9:be:ea:
8d:da:49:f2:7c:dc:26:d2:28:29:9a:b8:4b:a9:54:e1:d2:33:
8e:f2:66:73:87:5f:df:4e:55:4b:0a:10:62:e9:57:2e:7c:bd:
b5:9f:2f:d5:72:3c:36:1e:2b:38:22:5a:a5:c4:ea:50:cf:5a:
9f:4b:79:1b:16:e2:7e:25:fb:c7:d3:5a:83:f3:4f:b8:1e:3f:
4c:2f:f7:6c:9f:da:87:e3:8b:5c:bd:cd:9d:b6:4a:e5:ba:b8:
0a:e5:92:be:2c:0d:9e:7a:07:c1:41:7c:90:bc:f5:82:89:cb:
a6:58:1d:97
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPp4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDc0MTI1WhcNMjUxMjEzMDc0MTI1WjAYMRYw
FAYDVQQDEw02NzdjZGFhOC1mNTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvPNcmm1V1/Sg0K0QbjaAe2hq36OWP9r6kWHalC0gTGRQRyA8J0CIY11a
KTzTPCYPNRfgibjxwnOFhCofwEnl+2Mx9SCRdPl1A2D2yFQr+R/AafzgD0BCEy+a
FQtRRkxKN113UPDhmHPVxkPLl4t8sAeJwD+/1j6JDRpPs5c1kBaLbLKdeEtTgfBg
4m2DQzt5FIGHYwS6krs1DSi5b0q3CkEWhduqRQSDB+RTLy755dahTACMNuUwKP9F
68sUr158HM2fR13JZ9Qxv9/TC7N6lJ7Cu0FnoA/HeF3upfyzVrYvclE8hOlJrmPv
3M/D7uOgurTAJAfJ03tMy9np9tJDfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFF1v
GoWx6tyKa6MLMoKYLjUDSOTiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRTAyODQ5MENDQ0ExMUVGOEJGQzg4NTk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlpMA0GCSqGSIb3DQEBCwUA
A4IBAQCIF8eThVyUWdsfQV8fA0FVBEtMfv6jQbpYG1u+0QBr9OHxnd0pr5m1Uo75
rrdPg0yAB/gjIdsAx7AffTOsdlSeGd8w2/tJSIJ4KufKEAqOM6wdZuKSrotwijOH
UWJVwf1DIPAGLXblnmSjhU74mgvFsaNRUI2syvnN6CvIWBsZcR268ZFgTDzI03BO
kkDpvuqN2knyfNwm0igpmrhLqVTh0jOO8mZzh1/fTlVLChBi6VcufL21ny/Vcjw2
His4IlqlxOpQz1qfS3kbFuJ+JfvH01qD80+4Hj9ML/dsn9qH44tcvc2dtkrlurgK
5ZK+LA2eegfBQXyQvPWCicumWB2X
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:24 2025 by rpki-client