Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CEF9A370C32D11EF943B72B7762E951A.roa
File: CEF9A370C32D11EF943B72B7762E951A.roa (raw, json)
Hash identifier: eRItAen5xjuEtc8aonZeC69WcfcMiUwW9OVQdqaQm7U=
Subject key identifier: 8A:CD:98:E1:F8:BC:29:2B:22:F4:12:29:EA:F4:EF:DE:A2:B1:D8:EA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAE7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CEF9A370C32D11EF943B72B7762E951A.roa
Signing time: Thu 26 Dec 2024 02:04:59 +0000
ROA not before: Thu 26 Dec 2024 02:04:55 +0000
ROA not after: Wed 10 Dec 2025 02:04:55 +0000
asID: 984
IP address blocks: 156.243.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60135 (0xeae7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 02:04:55 2024 GMT
Not After : Dec 10 02:04:55 2025 GMT
Subject: CN=676cb9ca-35c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ea:38:3a:eb:db:2d:ef:73:11:b3:a4:df:7a:
42:8d:b1:ba:d9:7d:e2:76:9a:66:30:81:29:2a:01:
41:36:69:59:b0:f8:83:75:04:30:71:51:56:3d:bf:
b8:b4:e5:a6:ca:70:43:5f:75:3c:1d:66:72:1a:ed:
03:b0:cd:05:34:90:56:3b:c7:d2:4a:ff:1f:aa:8c:
aa:bd:8d:db:eb:1b:0c:86:3f:00:bb:64:30:96:17:
47:40:f9:09:92:f7:7f:36:40:3b:73:42:fd:14:b6:
61:88:23:c7:b2:db:9b:a4:0e:fa:6c:f8:34:39:34:
2f:91:69:d5:56:a9:c0:3f:58:6f:4e:30:d5:dd:e7:
f4:19:c7:85:fa:7f:4b:aa:86:ad:d5:1d:ae:ab:0f:
7e:43:d7:b2:fc:89:bf:40:b3:be:65:d2:76:dc:28:
22:ec:59:0a:00:a6:b5:c3:d1:81:36:96:10:65:51:
d0:00:aa:a8:39:62:53:0c:a0:94:16:26:e2:cf:7d:
a8:07:97:f8:50:84:07:d4:b5:83:b9:50:8d:a5:9d:
4f:cb:5b:39:79:72:73:ad:e5:6c:03:42:6c:5f:e7:
dc:f5:81:df:d0:6d:5e:4a:d6:8f:d6:85:4b:6e:da:
e3:dc:69:31:d8:1b:45:c6:e9:4f:05:f8:d5:8f:4e:
36:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CD:98:E1:F8:BC:29:2B:22:F4:12:29:EA:F4:EF:DE:A2:B1:D8:EA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CEF9A370C32D11EF943B72B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.212.0/24
Signature Algorithm: sha256WithRSAEncryption
44:ad:fc:be:50:b0:3e:f0:51:f9:44:89:70:16:02:7b:a1:6c:
13:52:05:1b:39:8f:05:e4:0d:2d:fc:55:17:fa:57:27:1d:fc:
a3:aa:6c:03:72:98:65:78:cf:f2:1a:0c:cf:fa:03:47:e2:02:
69:8b:7a:3a:8a:2f:6b:99:2c:ae:51:bf:ef:77:1b:92:16:af:
4e:40:26:af:90:12:8b:ba:66:09:df:3c:9c:77:d2:4c:fb:f2:
7f:ea:31:37:54:5e:85:71:fd:d0:64:ac:9d:35:b3:c7:ad:52:
5d:d2:f7:5c:d2:33:ba:b2:b7:26:d9:81:9d:a1:68:8f:4b:2c:
04:40:41:b5:ea:21:dc:38:6a:67:53:88:3f:e7:92:42:47:61:
ef:62:3c:6b:b7:01:12:bd:86:e5:cf:66:ac:2e:06:68:2f:7b:
73:47:1c:ed:98:67:d5:2a:b4:ff:ca:82:1b:3e:da:ca:c5:f1:
13:80:8b:67:c8:79:5f:30:30:e9:ad:76:5a:11:47:fd:59:bd:
bc:0d:43:09:ba:30:58:c4:cf:4d:d4:8d:57:87:37:80:d6:6f:
49:68:5e:9d:4a:fd:b8:5c:cc:d1:b7:c6:f6:08:1b:41:2f:8d:
ff:b2:b6:0e:67:7e:b8:e3:de:9b:cf:0a:01:0d:79:fe:6f:53:
b8:89:ae:0c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOrnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDIwNDU1WhcNMjUxMjEwMDIwNDU1WjAYMRYw
FAYDVQQDEw02NzZjYjljYS0zNWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwOo4OuvbLe9zEbOk33pCjbG62X3idppmMIEpKgFBNmlZsPiDdQQwcVFW
Pb+4tOWmynBDX3U8HWZyGu0DsM0FNJBWO8fSSv8fqoyqvY3b6xsMhj8Au2QwlhdH
QPkJkvd/NkA7c0L9FLZhiCPHstubpA76bPg0OTQvkWnVVqnAP1hvTjDV3ef0GceF
+n9Lqoat1R2uqw9+Q9ey/Im/QLO+ZdJ23Cgi7FkKAKa1w9GBNpYQZVHQAKqoOWJT
DKCUFibiz32oB5f4UIQH1LWDuVCNpZ1Py1s5eXJzreVsA0JsX+fc9YHf0G1eStaP
1oVLbtrj3Gkx2BtFxulPBfjVj042FwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIrN
mOH4vCkrIvQSKer0796isdjqMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRUY5QTM3MEMzMkQxMUVGOTQzQjcyQjc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPPUMA0GCSqGSIb3DQEBCwUA
A4IBAQBErfy+ULA+8FH5RIlwFgJ7oWwTUgUbOY8F5A0t/FUX+lcnHfyjqmwDcphl
eM/yGgzP+gNH4gJpi3o6ii9rmSyuUb/vdxuSFq9OQCavkBKLumYJ3zycd9JM+/J/
6jE3VF6Fcf3QZKydNbPHrVJd0vdc0jO6srcm2YGdoWiPSywEQEG16iHcOGpnU4g/
55JCR2HvYjxrtwESvYblz2asLgZoL3tzRxztmGfVKrT/yoIbPtrKxfETgItnyHlf
MDDprXZaEUf9Wb28DUMJujBYxM9N1I1XhzeA1m9JaF6dSv24XMzRt8b2CBtBL43/
srYOZ364496bzwoBDXn+b1O4ia4M
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:15 2025 by rpki-client