Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFB5E166C33C11EFBF54F59F762E951A.roa
File: CFB5E166C33C11EFBF54F59F762E951A.roa (raw, json)
Hash identifier: BvVMx8MwH6Zz5QMtT/8K7VazoHuJYhHv5Kgyag98wqE=
Subject key identifier: AE:D6:D5:12:35:B7:4A:EE:06:9F:AE:C5:9E:2B:89:FB:BC:F9:91:FF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EB99
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFB5E166C33C11EFBF54F59F762E951A.roa
Signing time: Thu 26 Dec 2024 03:52:22 +0000
ROA not before: Thu 26 Dec 2024 03:52:18 +0000
ROA not after: Fri 10 Dec 2027 03:52:18 +0000
asID: 17561
IP address blocks: 156.244.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60313 (0xeb99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 03:52:18 2024 GMT
Not After : Dec 10 03:52:18 2027 GMT
Subject: CN=676cd2f6-816e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:51:6f:20:e6:a3:f4:2a:2b:df:ae:a8:59:02:
c7:55:6f:47:7f:23:16:07:95:70:e7:1f:24:a7:41:
b3:ef:2c:ff:54:b1:ce:97:ac:59:4f:d3:8f:af:62:
1a:13:ca:12:09:5f:20:78:22:f5:8a:2c:dc:f1:3c:
be:1a:29:64:74:08:36:42:ec:6a:42:a3:71:52:5d:
46:b6:2f:b1:f9:c0:4c:ce:f5:f7:3e:5b:86:17:86:
a1:2d:68:e3:97:81:a8:27:e9:d5:55:32:34:bf:0e:
97:f8:e8:4d:b8:03:4f:ba:98:8e:44:3f:8e:47:47:
78:ff:7d:bb:06:e6:32:05:16:d9:59:50:00:d4:cb:
a8:67:55:3f:89:fc:03:a9:26:99:b8:3e:e5:38:20:
fb:71:4e:1e:e7:99:dc:fe:b1:9c:81:95:e9:23:47:
e2:55:3d:a1:55:19:df:47:44:49:5f:cc:8b:00:7e:
8c:04:3d:b8:e2:f2:f8:2e:52:c1:90:2e:da:d4:d7:
e2:36:60:6b:5e:62:19:9d:03:64:42:59:43:ba:8c:
a7:4a:8e:87:c5:60:a9:06:22:54:50:b9:95:d8:76:
3b:ad:71:de:44:0a:69:97:46:eb:bc:ed:9f:41:35:
4b:0c:71:33:bc:db:b2:c4:c7:aa:3c:4c:6a:1d:fa:
09:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D6:D5:12:35:B7:4A:EE:06:9F:AE:C5:9E:2B:89:FB:BC:F9:91:FF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFB5E166C33C11EFBF54F59F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.200.0/24
Signature Algorithm: sha256WithRSAEncryption
06:2c:81:bc:a2:45:51:8c:3a:f8:38:44:d0:cb:94:47:dc:3b:
a1:2c:8e:3d:a9:b2:78:b2:87:3e:e4:0f:5c:b7:ef:2f:98:6a:
9b:e8:90:8e:db:25:16:dd:e1:da:68:ee:f2:5a:31:0f:ee:ce:
d0:fd:65:30:7b:cc:1e:b8:6f:ac:42:ee:cc:45:12:33:3a:f5:
8d:23:25:0e:04:1c:9e:4d:94:bf:d7:86:23:b0:99:93:bb:ee:
3c:c7:2a:01:ea:30:36:13:29:af:dd:71:98:75:4c:5d:f6:fd:
70:1a:7b:09:c7:e3:ba:fd:a6:5a:d0:8a:7b:a1:23:17:d9:07:
9e:9b:cc:76:90:94:f5:a5:5a:35:37:1f:17:dd:4c:22:4a:79:
8a:15:73:a0:bf:80:42:1b:86:d6:ae:ad:66:9b:e3:77:3a:f7:
4a:c2:bb:5b:4c:fd:9d:d2:f1:e8:77:a7:de:fa:8f:5f:2d:be:
bd:c5:62:38:6e:60:cc:e9:25:69:ad:6d:73:a1:7c:b6:5c:2c:
92:7f:04:19:8d:8f:3e:47:f1:d3:4b:a7:09:39:43:b8:8b:d3:
a5:42:6d:bd:50:d4:28:96:a9:ce:fd:11:23:65:11:5c:b4:a3:
15:9c:ba:bc:4c:15:bb:1d:8f:54:01:75:80:e0:08:8d:4e:2a:
b2:e9:20:6c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOuZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDM1MjE4WhcNMjcxMjEwMDM1MjE4WjAYMRYw
FAYDVQQDEw02NzZjZDJmNi04MTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA31FvIOaj9Cor366oWQLHVW9HfyMWB5Vw5x8kp0Gz7yz/VLHOl6xZT9OP
r2IaE8oSCV8geCL1iizc8Ty+GilkdAg2QuxqQqNxUl1Gti+x+cBMzvX3PluGF4ah
LWjjl4GoJ+nVVTI0vw6X+OhNuANPupiORD+OR0d4/327BuYyBRbZWVAA1MuoZ1U/
ifwDqSaZuD7lOCD7cU4e55nc/rGcgZXpI0fiVT2hVRnfR0RJX8yLAH6MBD244vL4
LlLBkC7a1NfiNmBrXmIZnQNkQllDuoynSo6HxWCpBiJUULmV2HY7rXHeRAppl0br
vO2fQTVLDHEzvNuyxMeqPExqHfoJaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFK7W
1RI1t0ruBp+uxZ4rifu8+ZH/MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRkI1RTE2NkMzM0MxMUVGQkY1NEY1OUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTIMA0GCSqGSIb3DQEBCwUA
A4IBAQAGLIG8okVRjDr4OETQy5RH3DuhLI49qbJ4soc+5A9ct+8vmGqb6JCO2yUW
3eHaaO7yWjEP7s7Q/WUwe8weuG+sQu7MRRIzOvWNIyUOBByeTZS/14YjsJmTu+48
xyoB6jA2Eymv3XGYdUxd9v1wGnsJx+O6/aZa0Ip7oSMX2Qeem8x2kJT1pVo1Nx8X
3UwiSnmKFXOgv4BCG4bWrq1mm+N3OvdKwrtbTP2d0vHod6fe+o9fLb69xWI4bmDM
6SVprW1zoXy2XCySfwQZjY8+R/HTS6cJOUO4i9OlQm29UNQolqnO/REjZRFctKMV
nLq8TBW7HY9UAXWA4AiNTiqy6SBs
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:13 2025 by rpki-client