Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF019C00C96911EF81D62256762E951A.roa
File: CF019C00C96911EF81D62256762E951A.roa (raw, json)
Hash identifier: uZNvn5wabeqMXNpLYxzYRqjbQAG4BL/CBfK68aDA3U8=
Subject key identifier: 3B:9C:A4:57:A9:6E:DF:4C:30:DF:7A:A1:D0:80:3A:EC:F1:47:6E:BE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F47E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF019C00C96911EF81D62256762E951A.roa
Signing time: Fri 03 Jan 2025 00:29:35 +0000
ROA not before: Fri 03 Jan 2025 00:00:32 +0000
ROA not after: Sat 13 Dec 2025 00:00:32 +0000
asID: 984
IP address blocks: 156.226.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62590 (0xf47e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 00:00:32 2025 GMT
Not After : Dec 13 00:00:32 2025 GMT
Subject: CN=67772f6f-6e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:df:ec:81:67:5b:da:87:16:ff:a1:12:d2:44:
71:e8:a5:31:26:27:46:4f:e6:2c:51:e2:44:c1:b7:
01:fe:f5:20:a1:c9:2e:00:8c:a9:7f:eb:59:5a:7a:
7f:70:d9:73:2a:0f:c8:35:54:da:80:08:29:17:8b:
bb:a4:e8:bc:bb:b0:9d:b4:65:e6:64:fd:ef:65:83:
18:bb:7e:d0:27:b6:1a:45:61:38:4c:bd:02:1f:cd:
9d:7a:8e:28:ae:6d:47:27:c3:55:72:88:a7:c3:09:
da:7e:3e:1e:9e:74:3e:7f:d8:df:b0:8e:51:55:c6:
15:93:75:e5:ce:0d:04:a6:a9:76:70:93:89:e7:55:
b8:f8:4c:56:cf:1a:1e:66:bf:ed:db:3a:86:48:25:
71:c4:fc:99:5a:9f:79:06:19:0a:b2:26:e1:7f:8a:
52:c1:90:6d:02:f0:83:0c:33:a6:f7:4a:56:98:e9:
3a:7b:97:64:53:e3:7f:b9:35:17:47:c4:bc:b1:55:
43:f9:63:80:29:3f:a1:d5:4f:55:89:bb:ab:e6:30:
b1:c3:4b:98:fd:20:65:92:55:64:5a:29:72:81:11:
22:6a:2b:f8:4d:10:da:42:66:ce:ec:6e:bb:fb:9b:
e1:da:ab:bf:15:c3:ad:1c:cd:45:e8:fc:19:58:a2:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9C:A4:57:A9:6E:DF:4C:30:DF:7A:A1:D0:80:3A:EC:F1:47:6E:BE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF019C00C96911EF81D62256762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.241.0/24
Signature Algorithm: sha256WithRSAEncryption
13:c6:f4:19:93:53:86:49:a0:0e:d1:dc:5f:64:d7:0a:25:4e:
7a:fd:85:1d:6b:66:bb:f1:75:52:4d:67:e1:df:e8:c2:11:61:
e8:ef:f9:ff:13:f6:86:c5:2a:0b:d1:71:74:f1:8b:c4:8d:51:
9a:84:f6:c4:a0:f0:33:6c:6b:0a:b8:7a:16:e6:7a:e1:e2:31:
fb:b8:96:7b:98:03:d0:bb:9f:2a:ef:b1:4a:b7:11:e4:a7:8f:
a1:a7:ae:41:6d:99:8e:bb:ac:41:65:fe:a6:57:e9:bf:de:2d:
e6:b7:fe:9a:8f:db:43:79:d8:d2:1f:eb:d4:04:e9:c6:f2:ee:
39:d8:e3:12:c0:d7:87:23:90:1a:63:4c:46:73:41:f2:e9:cf:
19:56:1e:a6:0a:59:f2:85:a4:a2:6b:47:9d:3c:2a:3b:67:de:
3d:f9:60:70:d0:49:80:a2:f8:08:db:6e:54:45:c2:29:83:0c:
16:8a:c6:5a:0d:a9:b0:33:fc:9a:16:1f:6f:27:63:93:c8:05:
77:6c:ca:c9:55:c7:ab:d1:06:ec:f7:d4:75:f3:a6:8b:e6:f2:
7a:26:d3:33:36:10:e9:32:3c:35:a3:b3:f8:b7:43:99:59:8c:
7d:54:b0:1d:b6:71:9f:40:4d:b4:da:60:ec:ce:77:36:79:c3:
5a:8c:47:7c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPR+MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDAwMDMyWhcNMjUxMjEzMDAwMDMyWjAYMRYw
FAYDVQQDEw02Nzc3MmY2Zi02ZTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzN/sgWdb2ocW/6ES0kRx6KUxJidGT+YsUeJEwbcB/vUgockuAIypf+tZ
Wnp/cNlzKg/INVTagAgpF4u7pOi8u7CdtGXmZP3vZYMYu37QJ7YaRWE4TL0CH82d
eo4orm1HJ8NVcoinwwnafj4ennQ+f9jfsI5RVcYVk3Xlzg0Epql2cJOJ51W4+ExW
zxoeZr/t2zqGSCVxxPyZWp95BhkKsibhf4pSwZBtAvCDDDOm90pWmOk6e5dkU+N/
uTUXR8S8sVVD+WOAKT+h1U9Vibur5jCxw0uY/SBlklVkWilygREiaiv4TRDaQmbO
7G67+5vh2qu/FcOtHM1F6PwZWKLlCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDuc
pFepbt9MMN96odCAOuzxR26+MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjAxOUMwMEM5NjkxMUVGODFENjIyNTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLxMA0GCSqGSIb3DQEBCwUA
A4IBAQATxvQZk1OGSaAO0dxfZNcKJU56/YUda2a78XVSTWfh3+jCEWHo7/n/E/aG
xSoL0XF08YvEjVGahPbEoPAzbGsKuHoW5nrh4jH7uJZ7mAPQu58q77FKtxHkp4+h
p65BbZmOu6xBZf6mV+m/3i3mt/6aj9tDedjSH+vUBOnG8u452OMSwNeHI5AaY0xG
c0Hy6c8ZVh6mClnyhaSia0edPCo7Z949+WBw0EmAovgI225URcIpgwwWisZaDamw
M/yaFh9vJ2OTyAV3bMrJVcer0Qbs99R186aL5vJ6JtMzNhDpMjw1o7P4t0OZWYx9
VLAdtnGfQE202mDsznc2ecNajEd8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:21 2025 by rpki-client