Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BEC9B00CD3E11EFA228F0AE762E951A.roa
File: 1BEC9B00CD3E11EFA228F0AE762E951A.roa (raw, json)
Hash identifier: 7dDPwtCoWXfgJzTyX3d8s6wD19y+N3LcOtpIxfGDbc0=
Subject key identifier: 86:03:F2:49:25:2D:CD:CF:2E:91:97:85:BA:8E:0D:9E:3E:F1:EB:F7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE59
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BEC9B00CD3E11EFA228F0AE762E951A.roa
Signing time: Tue 07 Jan 2025 21:26:51 +0000
ROA not before: Tue 07 Jan 2025 21:26:47 +0000
ROA not after: Sat 13 Dec 2025 21:26:47 +0000
asID: 984
IP address blocks: 156.243.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65113 (0xfe59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 21:26:47 2025 GMT
Not After : Dec 13 21:26:47 2025 GMT
Subject: CN=677d9c1b-beed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4a:f9:c7:62:65:cc:3a:93:8d:da:bd:53:5d:
c0:30:d4:d5:bb:07:55:b7:1c:e1:f3:74:ed:da:e1:
4f:19:f2:37:99:c5:44:6a:80:c2:e8:b3:c1:8a:e4:
43:7f:4e:6b:1d:28:48:23:7a:99:f9:ef:73:c8:cd:
7c:01:92:02:22:ca:43:2c:cc:66:da:53:0a:8c:6d:
98:90:02:80:72:d5:2e:70:6b:d8:f9:6a:cf:d8:4f:
6e:6d:d2:a9:74:a6:98:b4:d3:20:91:74:73:33:c1:
b1:48:58:96:af:fa:45:dd:96:86:43:f5:84:00:b0:
0d:46:07:67:2c:e1:3a:f8:f2:3d:b5:17:06:ae:d2:
53:07:70:ae:0b:ed:ba:8f:b9:e0:de:59:07:a7:4e:
53:74:50:1c:30:9b:20:b0:b4:87:b8:25:0a:ac:f0:
4f:6e:6c:62:c9:ed:b9:9f:95:c6:9f:5f:1e:82:62:
16:58:7b:54:33:d2:7e:59:37:74:10:0d:0b:93:04:
dd:73:86:11:3f:cb:22:c3:92:1f:51:8f:1a:8e:c0:
12:5e:b2:08:b6:7e:6c:31:e9:3f:c0:90:ab:a5:d5:
6b:e2:66:29:52:72:cc:b3:17:fc:45:55:be:6e:d3:
14:3a:71:53:71:48:2e:c6:f0:74:89:ac:cb:69:3b:
b6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:03:F2:49:25:2D:CD:CF:2E:91:97:85:BA:8E:0D:9E:3E:F1:EB:F7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1BEC9B00CD3E11EFA228F0AE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.85.0/24
Signature Algorithm: sha256WithRSAEncryption
65:3a:4a:c6:8d:f7:3f:fb:d0:67:b7:05:50:47:cd:57:36:fe:
ae:d3:6d:db:70:66:c1:2d:a8:b4:09:db:27:b6:74:9a:9b:57:
ad:00:58:a9:bd:4f:a5:3e:49:5c:54:9a:c6:7b:19:9f:d1:aa:
e3:a1:ad:03:76:51:8f:9a:52:4f:88:6a:ef:96:d1:34:4d:db:
21:ea:ad:cf:3e:4a:43:79:f5:5e:5c:9b:7c:9c:5a:79:e5:bc:
ef:41:88:a8:59:60:36:c5:1d:e1:fb:96:16:62:ee:f1:eb:63:
aa:cb:50:59:84:33:b3:d1:21:58:66:72:0a:06:03:29:f7:a3:
b5:88:14:35:9d:94:b7:59:6e:7f:4a:52:71:a0:79:f5:28:da:
d7:c6:ac:a1:e0:22:f0:f3:d3:c5:47:18:29:06:46:a7:e8:10:
87:cd:4c:1c:d8:10:11:00:65:18:d0:83:dd:bd:9a:72:05:b4:
74:0b:eb:cf:b7:75:f6:63:c8:1d:ca:75:f8:24:34:d5:5e:de:
16:07:8f:cc:af:17:1a:70:64:c6:30:74:36:f3:69:1d:47:a5:
a5:aa:27:df:e4:52:c2:3a:b2:b8:2f:4d:06:9b:9d:d6:4a:ba:
5b:78:e2:08:b1:3f:56:8b:29:bb:24:8c:df:30:b1:cc:bf:7a:
4e:3f:e0:e4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP5ZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjEyNjQ3WhcNMjUxMjEzMjEyNjQ3WjAYMRYw
FAYDVQQDEw02NzdkOWMxYi1iZWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA60r5x2JlzDqTjdq9U13AMNTVuwdVtxzh83Tt2uFPGfI3mcVEaoDC6LPB
iuRDf05rHShII3qZ+e9zyM18AZICIspDLMxm2lMKjG2YkAKActUucGvY+WrP2E9u
bdKpdKaYtNMgkXRzM8GxSFiWr/pF3ZaGQ/WEALANRgdnLOE6+PI9tRcGrtJTB3Cu
C+26j7ng3lkHp05TdFAcMJsgsLSHuCUKrPBPbmxiye25n5XGn18egmIWWHtUM9J+
WTd0EA0LkwTdc4YRP8siw5IfUY8ajsASXrIItn5sMek/wJCrpdVr4mYpUnLMsxf8
RVW+btMUOnFTcUguxvB0iazLaTu24QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIYD
8kklLc3PLpGXhbqODZ4+8ev3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xQkVDOUIwMENEM0UxMUVGQTIyOEYwQUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNVMA0GCSqGSIb3DQEBCwUA
A4IBAQBlOkrGjfc/+9BntwVQR81XNv6u023bcGbBLai0CdsntnSam1etAFipvU+l
PklcVJrGexmf0arjoa0DdlGPmlJPiGrvltE0Tdsh6q3PPkpDefVeXJt8nFp55bzv
QYioWWA2xR3h+5YWYu7x62Oqy1BZhDOz0SFYZnIKBgMp96O1iBQ1nZS3WW5/SlJx
oHn1KNrXxqyh4CLw89PFRxgpBkan6BCHzUwc2BARAGUY0IPdvZpyBbR0C+vPt3X2
Y8gdynX4JDTVXt4WB4/MrxcacGTGMHQ282kdR6Wlqiff5FLCOrK4L00Gm53WSrpb
eOIIsT9Wiym7JIzfMLHMv3pOP+Dk
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:21 2025 by rpki-client