Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF2A8EECF5DF11EF8FEB707A762E951A.roa
File: CF2A8EECF5DF11EF8FEB707A762E951A.roa (raw, json)
Hash identifier: YJx3jgBcpvqPRZldU65PPKPRJQpm2+EgUBnaiTMSTvw=
Subject key identifier: C6:99:54:5B:28:FA:DB:1E:94:A2:44:93:41:5F:AB:7F:93:DF:1F:03
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E47
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF2A8EECF5DF11EF8FEB707A762E951A.roa
Signing time: Fri 28 Feb 2025 14:25:07 +0000
ROA not before: Fri 28 Feb 2025 14:25:03 +0000
ROA not after: Sun 13 Apr 2025 14:25:03 +0000
asID: 138915
IP address blocks: 156.244.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81479 (0x13e47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:25:03 2025 GMT
Not After : Apr 13 14:25:03 2025 GMT
Subject: CN=67c1c743-dd9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:77:ff:36:24:14:5f:9c:74:0c:8e:5b:1c:
bd:bc:be:6c:13:d0:1a:d2:2d:e2:ab:fc:28:8d:e1:
14:61:d2:15:2b:25:0d:3b:05:5f:46:6c:4c:d1:ba:
60:c2:7d:c9:ac:d3:47:be:cf:58:57:c0:ce:a2:c8:
c0:95:62:7f:de:d4:25:12:78:ec:49:06:72:7a:5f:
e0:1b:fa:95:2a:26:10:9e:7e:14:82:f7:60:f3:a0:
f1:d0:54:d2:69:d5:d7:48:e0:51:3e:f3:33:8c:0a:
43:e2:0a:36:ca:a8:6c:1e:e7:ba:bf:03:62:e1:de:
60:f9:8d:5e:ba:eb:0d:56:d1:36:ce:f9:1c:4c:6e:
b4:2f:05:a7:da:95:fc:60:1b:1f:f6:fc:0c:e1:2b:
ac:bc:6b:a4:13:f8:23:60:f6:36:31:04:ca:f8:78:
59:ca:41:06:88:83:3a:0f:8a:0b:a1:cb:aa:8a:cb:
8d:79:45:78:a4:07:11:f7:e8:f5:f7:84:a5:81:42:
2a:eb:85:34:a6:25:39:04:c8:91:76:3c:ad:a1:33:
8a:09:72:0b:84:6c:61:ab:c3:5e:bd:0a:30:5a:af:
77:60:91:03:7f:d2:29:73:86:73:10:aa:8c:c7:3c:
17:f0:14:f7:02:c7:5e:7d:ed:04:9f:90:6f:0d:ea:
f8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:99:54:5B:28:FA:DB:1E:94:A2:44:93:41:5F:AB:7F:93:DF:1F:03
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF2A8EECF5DF11EF8FEB707A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.28.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0d:96:80:a5:bc:16:69:30:36:8a:eb:c5:ad:db:07:10:84:
e5:53:95:05:58:37:3d:f9:a3:1c:5a:d0:5e:c4:d5:9e:a7:a6:
d0:2d:9f:87:04:77:56:09:72:2c:45:16:ba:18:97:00:6c:38:
06:ad:db:80:b2:8c:20:9d:b4:d3:93:58:b4:64:a1:95:7f:a7:
f4:88:5c:36:71:82:55:ad:29:ca:c7:ca:1c:f7:8b:af:96:46:
5b:c8:9c:be:84:b5:b3:01:1f:0f:f4:ce:07:89:7d:e6:1d:54:
2c:b2:a5:e1:03:ea:53:b1:3d:af:99:f7:5a:ef:25:8a:e5:c1:
41:ce:cf:6c:5b:9e:46:56:77:ec:bd:33:d2:e6:7d:e3:36:49:
8b:e7:b6:cb:3d:4e:d0:30:a5:2e:03:0c:6e:f4:9b:7b:59:84:
fa:49:4b:07:ff:f5:ed:d9:de:0a:29:59:97:56:84:25:f1:18:
a5:d1:3b:69:6f:04:64:0e:f7:bd:60:7f:96:2c:c7:f5:23:07:
a0:a5:a3:33:30:76:99:79:2e:b2:35:7a:a6:c2:6a:50:ef:ec:
15:d5:eb:33:c1:8f:7d:3c:48:4a:7e:cd:2b:46:37:70:ee:79:
ec:51:80:7b:f3:df:12:27:76:43:f9:03:c5:ac:e3:0e:42:42:
f0:da:88:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT5HMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQyNTAzWhcNMjUwNDEzMTQyNTAzWjAYMRYw
FAYDVQQDEw02N2MxYzc0My1kZDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr/V3/zYkFF+cdAyOWxy9vL5sE9Aa0i3iq/wojeEUYdIVKyUNOwVfRmxM
0bpgwn3JrNNHvs9YV8DOosjAlWJ/3tQlEnjsSQZyel/gG/qVKiYQnn4Ugvdg86Dx
0FTSadXXSOBRPvMzjApD4go2yqhsHue6vwNi4d5g+Y1euusNVtE2zvkcTG60LwWn
2pX8YBsf9vwM4SusvGukE/gjYPY2MQTK+HhZykEGiIM6D4oLocuqisuNeUV4pAcR
9+j194SlgUIq64U0piU5BMiRdjytoTOKCXILhGxhq8NevQowWq93YJEDf9Ipc4Zz
EKqMxzwX8BT3Asdefe0En5BvDer4xwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMaZ
VFso+tselKJEk0Ffq3+T3x8DMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjJBOEVFQ0Y1REYxMUVGOEZFQjcwN0E3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQcMA0GCSqGSIb3DQEBCwUA
A4IBAQCCDZaApbwWaTA2iuvFrdsHEITlU5UFWDc9+aMcWtBexNWep6bQLZ+HBHdW
CXIsRRa6GJcAbDgGrduAsowgnbTTk1i0ZKGVf6f0iFw2cYJVrSnKx8oc94uvlkZb
yJy+hLWzAR8P9M4HiX3mHVQssqXhA+pTsT2vmfda7yWK5cFBzs9sW55GVnfsvTPS
5n3jNkmL57bLPU7QMKUuAwxu9Jt7WYT6SUsH//Xt2d4KKVmXVoQl8Ril0TtpbwRk
Dve9YH+WLMf1IwegpaMzMHaZeS6yNXqmwmpQ7+wV1eszwY99PEhKfs0rRjdw7nns
UYB7898SJ3ZD+QPFrOMOQkLw2oj+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:57 2025 by rpki-client