Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CEF83C5ED31511EFACC10354762E951A.roa
File: CEF83C5ED31511EFACC10354762E951A.roa (raw, json)
Hash identifier: wbbtzitKPiEptjZFM14j3VepkABLhm4FNRszJkuVxDc=
Subject key identifier: 72:48:0A:15:FF:FE:EB:60:A7:FD:08:FA:A5:56:A9:60:C9:8B:18:E8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01086B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CEF83C5ED31511EFACC10354762E951A.roa
Signing time: Wed 15 Jan 2025 07:53:29 +0000
ROA not before: Wed 15 Jan 2025 07:53:26 +0000
ROA not after: Mon 03 Jan 2028 07:53:26 +0000
asID: 17561
IP address blocks: 156.254.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67691 (0x1086b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:53:26 2025 GMT
Not After : Jan 3 07:53:26 2028 GMT
Subject: CN=67876979-10d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2c:d3:ca:75:74:97:e2:3e:69:a7:60:2f:43:
f4:65:70:32:4e:10:8e:9a:0e:3f:31:24:3d:ad:f0:
23:1e:7c:e1:b9:a6:87:42:29:d0:8f:f5:31:55:c7:
ac:2c:11:16:ce:17:4c:68:26:ff:6d:54:34:36:c8:
75:8c:44:d8:3c:14:84:f2:be:fd:26:3e:8f:3c:b1:
1a:87:ef:67:f1:56:e7:75:dc:6d:7b:c4:a6:a2:cd:
6c:14:98:8d:9b:94:d7:af:9a:c4:2f:c0:13:f8:91:
8d:b2:49:f5:12:a7:bf:72:e5:26:b5:ad:a2:6a:57:
ea:02:3f:dd:2a:5a:95:90:c1:bc:2e:2f:fe:58:17:
a6:0c:5c:1f:2c:01:b1:f0:e4:a7:86:a2:a8:e2:fc:
09:b4:97:42:d6:1b:27:38:0d:ca:90:5d:b7:95:f3:
6e:e8:7b:11:55:b3:a3:2e:43:29:d6:45:6a:01:ab:
b9:9a:50:b3:54:a3:8f:ef:00:33:6d:51:a8:7e:7e:
1e:0e:74:ff:09:a3:71:b2:2a:94:27:66:ff:60:6b:
49:4d:52:05:40:e0:67:5a:be:ce:51:e1:b8:dd:f9:
0a:2f:a9:35:31:6f:b6:14:b5:95:26:03:e9:e3:ee:
24:b3:b9:0a:4b:96:52:65:61:cf:7e:f5:53:fd:f9:
c9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:48:0A:15:FF:FE:EB:60:A7:FD:08:FA:A5:56:A9:60:C9:8B:18:E8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CEF83C5ED31511EFACC10354762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.75.0/24
Signature Algorithm: sha256WithRSAEncryption
86:e9:b7:2e:15:85:4e:a4:8f:4f:d2:eb:b3:96:e8:a5:90:26:
a4:98:11:40:b1:0a:a5:b5:bd:20:a6:45:3c:3b:71:90:f3:19:
7e:ef:6b:99:32:75:9b:cd:99:41:e6:1a:07:68:5f:7c:9d:16:
10:06:30:4e:5d:59:c5:5d:b6:2e:88:a3:39:3f:29:01:24:da:
8c:8f:b1:21:38:c1:8e:b1:63:71:ef:9b:5a:48:54:a3:6b:d6:
ed:6d:74:e8:49:0f:71:8b:b5:47:c3:91:70:b5:cb:e2:6d:f5:
9f:cd:9a:b4:6e:98:fc:bd:70:bb:b6:f7:7f:b3:84:ed:d8:9b:
25:dd:cd:be:67:2c:46:a8:eb:35:c0:ab:02:04:2e:e2:72:27:
13:d9:98:cc:50:0b:3b:8c:1b:f4:ba:8c:a0:9d:41:2f:8b:2e:
c0:62:54:82:eb:18:f6:f8:f7:a4:1e:6b:bc:bc:33:02:f3:a0:
75:22:b8:88:1b:cb:62:ec:6f:70:cd:ed:e6:3c:15:9a:8b:66:
f9:1f:99:e6:58:fd:16:d5:65:c3:2b:b3:b2:9e:59:85:5a:d0:
e3:fb:31:1e:3e:7d:b8:ea:f7:9e:14:fe:d8:b5:b5:7d:6b:02:
ad:6a:c0:ca:d6:93:df:53:b9:97:4f:79:7a:e7:db:4a:5f:95:
02:5f:69:13
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDc1MzI2WhcNMjgwMTAzMDc1MzI2WjAYMRYw
FAYDVQQDEw02Nzg3Njk3OS0xMGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzyzTynV0l+I+aadgL0P0ZXAyThCOmg4/MSQ9rfAjHnzhuaaHQinQj/Ux
VcesLBEWzhdMaCb/bVQ0Nsh1jETYPBSE8r79Jj6PPLEah+9n8Vbnddxte8Smos1s
FJiNm5TXr5rEL8AT+JGNskn1Eqe/cuUmta2ialfqAj/dKlqVkMG8Li/+WBemDFwf
LAGx8OSnhqKo4vwJtJdC1hsnOA3KkF23lfNu6HsRVbOjLkMp1kVqAau5mlCzVKOP
7wAzbVGofn4eDnT/CaNxsiqUJ2b/YGtJTVIFQOBnWr7OUeG43fkKL6k1MW+2FLWV
JgPp4+4ks7kKS5ZSZWHPfvVT/fnJeQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHJI
ChX//utgp/0I+qVWqWDJixjoMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRUY4M0M1RUQzMTUxMUVGQUNDMTAzNTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5LMA0GCSqGSIb3DQEBCwUA
A4IBAQCG6bcuFYVOpI9P0uuzluilkCakmBFAsQqltb0gpkU8O3GQ8xl+72uZMnWb
zZlB5hoHaF98nRYQBjBOXVnFXbYuiKM5PykBJNqMj7EhOMGOsWNx75taSFSja9bt
bXToSQ9xi7VHw5FwtcvibfWfzZq0bpj8vXC7tvd/s4Tt2Jsl3c2+ZyxGqOs1wKsC
BC7icicT2ZjMUAs7jBv0uoygnUEviy7AYlSC6xj2+PekHmu8vDMC86B1IriIG8ti
7G9wze3mPBWai2b5H5nmWP0W1WXDK7OynlmFWtDj+zEePn246veeFP7YtbV9awKt
asDK1pPfU7mXT3l659tKX5UCX2kT
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:12 2025 by rpki-client