Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF23B0B0CDA111EFB8163DBA762E951A.roa
File: CF23B0B0CDA111EFB8163DBA762E951A.roa (raw, json)
Hash identifier: 9RvDJw+zg5K1/7sd0Ap+1tUviOYCGyw3vsVhLIgG1ZM=
Subject key identifier: B4:23:67:5F:2E:47:42:23:D7:07:A5:DF:CB:69:0A:3E:E0:22:E1:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100E7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF23B0B0CDA111EFB8163DBA762E951A.roa
Signing time: Wed 08 Jan 2025 09:20:32 +0000
ROA not before: Wed 08 Jan 2025 09:20:28 +0000
ROA not after: Tue 16 Dec 2025 09:20:28 +0000
asID: 984
IP address blocks: 156.249.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65767 (0x100e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:20:28 2025 GMT
Not After : Dec 16 09:20:28 2025 GMT
Subject: CN=677e4360-cecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:54:ff:fd:54:46:e1:f0:04:3e:66:4e:a7:
19:30:24:a6:5d:48:2b:9e:07:0c:cd:06:ef:a5:9c:
b0:89:56:d3:2d:c3:7d:b8:48:0f:fa:d1:93:d1:78:
f6:71:14:54:eb:d9:9a:c0:3b:08:5c:c6:23:43:22:
19:8b:33:e8:05:fe:95:0b:d6:69:44:18:4c:86:cd:
f0:d5:01:0f:ab:ef:f7:55:4a:98:cf:44:30:3e:ed:
f4:23:63:b7:04:6e:a3:5e:7e:dd:62:90:e6:8b:6c:
cc:34:93:ed:f3:0e:d4:8e:12:5d:94:7d:11:5d:55:
5b:ed:23:db:33:81:82:65:8f:db:92:a4:00:fc:30:
a2:5b:f8:3b:02:0f:cd:bc:7f:f2:56:98:d7:78:a7:
8e:60:74:d6:c7:c3:ae:88:da:44:48:b9:d7:9e:9d:
e0:5c:86:04:32:ad:bb:e9:47:e9:8d:fe:bf:8a:1f:
15:16:81:2b:86:d7:ad:00:03:55:21:26:07:cc:1a:
31:e6:42:bb:72:9f:ea:37:35:eb:a4:27:ac:3f:af:
32:58:9e:79:13:c0:13:53:87:d0:c0:2a:63:c0:2a:
4b:47:4c:52:3b:23:fa:86:86:9d:f3:a2:0e:c8:b2:
1c:fe:d1:7f:a4:11:59:58:9a:17:21:5a:35:17:62:
6e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:23:67:5F:2E:47:42:23:D7:07:A5:DF:CB:69:0A:3E:E0:22:E1:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF23B0B0CDA111EFB8163DBA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:45:8d:ed:2b:85:6f:46:86:3d:59:3e:c4:ac:b4:5a:93:88:
22:b8:3f:8f:20:23:46:03:db:9c:ec:71:bc:7b:04:a8:91:96:
7c:d4:51:92:24:ab:ab:86:50:14:9c:a7:e6:27:90:dd:90:53:
d1:7d:4b:70:d5:0f:51:0c:d0:d0:06:70:73:6b:31:2f:6c:ae:
ee:40:4b:03:39:9f:3e:16:24:c4:03:4b:23:56:7a:dc:a5:7a:
96:bc:0e:65:13:de:c5:87:4e:ac:40:3d:7d:2a:f3:18:ce:1a:
68:68:2d:67:bd:af:cc:b8:0c:eb:b6:ff:2b:c6:c7:48:48:a2:
80:bd:25:24:7e:f3:7b:34:5f:4a:43:7a:67:f3:1a:f0:60:26:
d1:90:e2:b8:04:32:c5:cd:dd:05:6f:29:5e:e4:1f:0a:10:ee:
0b:b4:04:f5:28:a9:f0:aa:f5:49:39:a8:85:9c:92:c7:ea:27:
a5:49:49:e1:f4:1a:fc:e8:05:88:df:4c:c8:37:83:47:7a:b4:
29:f9:7f:63:39:9e:3d:9d:b9:20:15:93:6a:a7:4c:ef:d7:d2:
f6:87:63:b8:cb:4a:b2:2e:31:ce:63:dc:ae:e0:b3:4d:c7:2a:
a9:c7:cd:65:cf:8a:b5:f4:18:9e:2f:bc:ec:f8:9c:a5:0a:bc:
ab:5e:e7:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkyMDI4WhcNMjUxMjE2MDkyMDI4WjAYMRYw
FAYDVQQDEw02NzdlNDM2MC1jZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvxVU//1URuHwBD5mTqcZMCSmXUgrngcMzQbvpZywiVbTLcN9uEgP+tGT
0Xj2cRRU69mawDsIXMYjQyIZizPoBf6VC9ZpRBhMhs3w1QEPq+/3VUqYz0QwPu30
I2O3BG6jXn7dYpDmi2zMNJPt8w7UjhJdlH0RXVVb7SPbM4GCZY/bkqQA/DCiW/g7
Ag/NvH/yVpjXeKeOYHTWx8OuiNpESLnXnp3gXIYEMq276Ufpjf6/ih8VFoErhtet
AANVISYHzBox5kK7cp/qNzXrpCesP68yWJ55E8ATU4fQwCpjwCpLR0xSOyP6hoad
86IOyLIc/tF/pBFZWJoXIVo1F2JubQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLQj
Z18uR0Ij1wel38tpCj7gIuFlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjIzQjBCMENEQTExMUVGQjgxNjNEQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPl3MA0GCSqGSIb3DQEBCwUA
A4IBAQBKRY3tK4VvRoY9WT7ErLRak4giuD+PICNGA9uc7HG8ewSokZZ81FGSJKur
hlAUnKfmJ5DdkFPRfUtw1Q9RDNDQBnBzazEvbK7uQEsDOZ8+FiTEA0sjVnrcpXqW
vA5lE97Fh06sQD19KvMYzhpoaC1nva/MuAzrtv8rxsdISKKAvSUkfvN7NF9KQ3pn
8xrwYCbRkOK4BDLFzd0Fbyle5B8KEO4LtAT1KKnwqvVJOaiFnJLH6ielSUnh9Br8
6AWI30zIN4NHerQp+X9jOZ49nbkgFZNqp0zv19L2h2O4y0qyLjHOY9yu4LNNxyqp
x81lz4q19BieL7zs+JylCryrXudX
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:55 2025 by rpki-client