Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF2AC5E8CD4811EFB9E62773762E951A.roa
File: CF2AC5E8CD4811EFB9E62773762E951A.roa (raw, json)
Hash identifier: uO6e8jsFSub8r8c/5qB6jrei0tSzBGyvnyAW2Hxi6p4=
Subject key identifier: AD:0D:47:0D:C7:BC:06:56:07:9E:DE:FB:F5:07:F0:47:ED:98:B3:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FEAD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF2AC5E8CD4811EFB9E62773762E951A.roa
Signing time: Tue 07 Jan 2025 22:43:27 +0000
ROA not before: Tue 07 Jan 2025 22:43:23 +0000
ROA not after: Mon 13 Dec 2027 22:43:23 +0000
asID: 17561
IP address blocks: 156.246.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65197 (0xfead)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 22:43:23 2025 GMT
Not After : Dec 13 22:43:23 2027 GMT
Subject: CN=677dae0f-e96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e6:28:71:14:d1:57:ce:7c:af:82:1f:28:01:
1f:e1:ae:ca:76:0c:9e:1f:21:78:78:20:bb:a0:d5:
fe:0f:10:00:a4:c1:29:6c:07:dd:13:94:ee:27:f2:
17:20:da:fd:9e:58:63:5c:28:51:3d:92:66:56:77:
d7:15:21:7b:93:ca:90:e0:63:a4:f4:2f:83:1a:8f:
b1:5e:6f:6d:e2:9a:72:2a:bb:b2:5a:d0:71:d9:82:
40:b4:eb:6a:7d:15:62:67:b0:df:7e:7a:4c:77:c2:
2d:70:70:fe:2b:c6:58:2d:8a:d1:20:03:9b:0f:db:
b4:b5:17:cb:96:69:a3:f8:1e:69:e6:05:7a:73:08:
60:ad:a8:54:53:2f:7c:28:4d:f7:48:a8:99:01:f9:
af:a7:48:40:84:02:a5:bd:4a:c4:0d:0c:72:2f:f7:
69:27:82:d8:3d:31:0e:6b:f2:db:22:b9:e0:a1:64:
99:d9:a3:64:d8:23:39:12:d1:7e:0c:eb:45:97:c6:
c8:f9:c4:79:8d:e6:0e:72:5c:11:60:80:0b:83:0a:
d6:d0:61:ee:b6:ee:bf:5d:9f:d5:c1:31:c2:69:fb:
94:1c:46:f8:61:08:b5:ce:9a:fd:f8:2c:ba:9f:8f:
8e:49:03:dd:f3:e3:68:ce:f0:26:fe:93:7d:42:3f:
78:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:0D:47:0D:C7:BC:06:56:07:9E:DE:FB:F5:07:F0:47:ED:98:B3:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF2AC5E8CD4811EFB9E62773762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.246.24.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ed:8c:b9:e1:1b:ab:5e:a1:ee:68:3a:0e:92:6f:d3:fa:b4:
2f:b5:4c:18:37:87:d4:28:b9:f2:4d:fb:e6:5e:da:e5:7d:31:
2d:c6:88:b7:02:ac:35:f0:d8:ac:f9:f5:ac:04:42:e2:f1:f6:
31:d8:2c:0e:ed:4e:90:2d:fc:dd:5a:63:f7:3b:2b:a6:54:cc:
5d:f7:94:1c:cc:7c:37:77:25:77:4b:a3:e9:80:9c:08:d5:13:
00:59:95:70:34:b7:44:15:52:02:37:1f:6d:e4:cb:3a:02:cc:
f5:a4:e6:58:15:24:f0:67:13:00:fa:4f:04:ad:b4:77:42:2c:
0c:57:eb:7b:db:ea:e8:e9:c8:77:75:72:9c:fe:69:85:db:a0:
eb:0e:f1:01:2e:7d:51:b5:d8:43:8e:00:ad:2d:12:8a:1a:9a:
8d:4c:4f:0a:9e:f3:0c:8c:52:c7:34:7d:72:00:02:ba:2a:8e:
71:d8:1b:bc:95:81:b3:87:8d:56:d5:90:f4:34:94:12:e3:c1:
58:c9:c0:a4:6b:90:03:64:a3:20:b9:08:e3:c2:82:21:9a:9f:
de:e0:46:d1:87:fd:04:14:8f:9c:9d:0d:0a:3f:02:1d:ad:c6:
38:f4:5e:c1:77:4b:c2:b4:da:56:72:9e:8c:82:53:5b:6e:31:
46:52:05:5d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP6tMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjI0MzIzWhcNMjcxMjEzMjI0MzIzWjAYMRYw
FAYDVQQDEw02NzdkYWUwZi1lOTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu+YocRTRV858r4IfKAEf4a7KdgyeHyF4eCC7oNX+DxAApMEpbAfdE5Tu
J/IXINr9nlhjXChRPZJmVnfXFSF7k8qQ4GOk9C+DGo+xXm9t4ppyKruyWtBx2YJA
tOtqfRViZ7DffnpMd8ItcHD+K8ZYLYrRIAObD9u0tRfLlmmj+B5p5gV6cwhgrahU
Uy98KE33SKiZAfmvp0hAhAKlvUrEDQxyL/dpJ4LYPTEOa/LbIrngoWSZ2aNk2CM5
EtF+DOtFl8bI+cR5jeYOclwRYIALgwrW0GHutu6/XZ/VwTHCafuUHEb4YQi1zpr9
+Cy6n4+OSQPd8+NozvAm/pN9Qj940wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK0N
Rw3HvAZWB57e+/UH8EftmLNwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjJBQzVFOENENDgxMUVGQjlFNjI3NzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPYYMA0GCSqGSIb3DQEBCwUA
A4IBAQB77Yy54RurXqHuaDoOkm/T+rQvtUwYN4fUKLnyTfvmXtrlfTEtxoi3Aqw1
8Nis+fWsBELi8fYx2CwO7U6QLfzdWmP3OyumVMxd95QczHw3dyV3S6PpgJwI1RMA
WZVwNLdEFVICNx9t5Ms6Asz1pOZYFSTwZxMA+k8ErbR3QiwMV+t72+ro6ch3dXKc
/mmF26DrDvEBLn1RtdhDjgCtLRKKGpqNTE8KnvMMjFLHNH1yAAK6Ko5x2Bu8lYGz
h41W1ZD0NJQS48FYycCka5ADZKMguQjjwoIhmp/e4EbRh/0EFI+cnQ0KPwIdrcY4
9F7Bd0vCtNpWcp6MglNbbjFGUgVd
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:40 2025 by rpki-client