Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF706392F46B11EFA58BAC78762E951A.roa
File: CF706392F46B11EFA58BAC78762E951A.roa (raw, json)
Hash identifier: k3Rm25ssIIvZcAI/g+1D7q07oUU6Mdp1H/EUCvsdsB8=
Subject key identifier: A4:FA:77:35:7F:37:33:FE:99:88:47:40:A8:19:6A:B9:76:3A:6F:C8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013610
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF706392F46B11EFA58BAC78762E951A.roa
Signing time: Wed 26 Feb 2025 18:02:15 +0000
ROA not before: Wed 26 Feb 2025 18:02:11 +0000
ROA not after: Sat 19 Feb 2028 18:02:11 +0000
asID: 17561
IP address blocks: 156.233.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79376 (0x13610)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 18:02:11 2025 GMT
Not After : Feb 19 18:02:11 2028 GMT
Subject: CN=67bf5727-1a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:68:4c:db:d3:cc:61:01:35:d4:06:45:b2:97:
10:62:66:ec:9e:36:ef:66:ba:0f:25:75:1f:73:05:
29:6d:60:f4:0d:9a:4f:e9:20:77:7a:15:f3:40:41:
1d:85:99:20:30:58:d9:36:f9:5e:93:15:b6:32:9c:
fa:98:7a:8a:f8:37:dd:a7:83:ce:01:2b:f5:99:d5:
7b:51:69:12:53:4c:f6:44:d6:b5:15:7a:8f:27:74:
4b:c9:72:ab:84:21:58:82:15:33:da:88:34:b5:74:
44:d9:72:be:92:8f:d0:39:28:41:dd:43:bb:68:30:
6a:b0:94:c5:05:e5:90:03:2e:0e:d3:47:bf:f5:48:
02:8e:dd:e5:0b:78:25:75:0b:6d:91:62:a3:1e:f9:
39:1f:06:8f:15:c4:de:49:9e:c9:41:b1:f2:23:f1:
5e:fe:88:8f:5c:ea:73:8a:81:5e:6e:24:9d:5a:c9:
32:a1:7f:52:8a:17:3b:34:87:f4:5a:8a:df:1a:23:
66:85:ee:7e:02:48:59:76:c1:7a:2c:9c:c5:c6:5a:
9b:0d:54:e6:c9:e4:97:62:86:f3:a2:54:f6:ce:87:
db:7e:83:54:91:8c:dd:fb:11:94:64:88:33:15:ad:
74:d7:0c:95:d6:f3:fd:0d:b7:37:2b:a7:d7:6e:5f:
fc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FA:77:35:7F:37:33:FE:99:88:47:40:A8:19:6A:B9:76:3A:6F:C8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF706392F46B11EFA58BAC78762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.114.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:29:28:2e:30:e4:a2:72:ae:41:cb:82:24:84:f5:00:e4:90:
cf:cc:2b:e3:62:ca:f9:bd:26:42:81:2d:38:a9:f6:27:a6:55:
77:10:8e:df:64:95:98:81:7f:c2:52:10:e8:85:3e:d3:f4:0f:
ed:12:73:86:84:e1:ae:e8:0e:be:51:5e:3e:ac:25:3d:ab:5f:
03:01:81:a1:f3:c2:a9:9c:d3:32:b9:46:af:64:f4:bf:6a:f1:
fa:ac:59:1d:5e:02:c9:a2:d4:a4:ce:77:ae:d4:95:0b:e3:f6:
f7:63:de:ef:7f:82:b9:8b:ac:62:15:5b:d0:f7:0f:40:85:66:
79:4a:46:d2:05:6d:e6:cf:52:1d:2d:fc:be:8f:06:55:24:db:
27:1d:c5:db:bd:ab:f3:2a:4b:bc:e8:ec:6d:46:3e:68:8e:e3:
48:57:c9:03:7f:a9:55:64:5f:e8:7f:af:d1:79:d8:60:f3:cc:
6b:b1:8c:2f:02:27:7b:a1:dd:f1:0d:d2:8a:a4:d8:24:2f:11:
a8:67:41:54:22:ab:27:4e:1d:d4:a4:62:72:3f:b4:a9:65:5c:
55:13:25:a9:90:a5:2c:ae:d1:6e:82:0e:54:1b:14:b6:5b:b0:
68:b7:fa:58:e7:d7:32:e9:9a:2e:85:df:cc:03:78:c5:a6:ae:
44:2a:55:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATYQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTgwMjExWhcNMjgwMjE5MTgwMjExWjAYMRYw
FAYDVQQDEw02N2JmNTcyNy0xYTM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA12hM29PMYQE11AZFspcQYmbsnjbvZroPJXUfcwUpbWD0DZpP6SB3ehXz
QEEdhZkgMFjZNvlekxW2Mpz6mHqK+Dfdp4POASv1mdV7UWkSU0z2RNa1FXqPJ3RL
yXKrhCFYghUz2og0tXRE2XK+ko/QOShB3UO7aDBqsJTFBeWQAy4O00e/9UgCjt3l
C3gldQttkWKjHvk5HwaPFcTeSZ7JQbHyI/Fe/oiPXOpzioFebiSdWskyoX9Sihc7
NIf0WorfGiNmhe5+AkhZdsF6LJzFxlqbDVTmyeSXYobzolT2zofbfoNUkYzd+xGU
ZIgzFa101wyV1vP9Dbc3K6fXbl/8BwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKT6
dzV/NzP+mYhHQKgZarl2Om/IMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjcwNjM5MkY0NkIxMUVGQTU4QkFDNzg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlyMA0GCSqGSIb3DQEBCwUA
A4IBAQC6KSguMOSicq5By4IkhPUA5JDPzCvjYsr5vSZCgS04qfYnplV3EI7fZJWY
gX/CUhDohT7T9A/tEnOGhOGu6A6+UV4+rCU9q18DAYGh88KpnNMyuUavZPS/avH6
rFkdXgLJotSkzneu1JUL4/b3Y97vf4K5i6xiFVvQ9w9AhWZ5SkbSBW3mz1IdLfy+
jwZVJNsnHcXbvavzKku86OxtRj5ojuNIV8kDf6lVZF/of6/Redhg88xrsYwvAid7
od3xDdKKpNgkLxGoZ0FUIqsnTh3UpGJyP7SpZVxVEyWpkKUsrtFugg5UGxS2W7Bo
t/pY59cy6Zouhd/MA3jFpq5EKlWp
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:14:38 2025 by rpki-client