Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2AF89DAC94711EF92E2FF7F762E951A.roa
File: B2AF89DAC94711EF92E2FF7F762E951A.roa (raw, json)
Hash identifier: rgcE3sHH32v7pKPTb5mf9/ScVo1WqdRmKc/tZn2KzKI=
Subject key identifier: 4E:9E:9F:EB:61:B1:57:26:0C:51:A5:F2:15:FB:4E:9A:43:92:E1:1F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F36E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2AF89DAC94711EF92E2FF7F762E951A.roa
Signing time: Thu 02 Jan 2025 20:25:25 +0000
ROA not before: Thu 02 Jan 2025 20:25:21 +0000
ROA not after: Mon 13 Dec 2027 20:25:21 +0000
asID: 17561
IP address blocks: 156.225.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62318 (0xf36e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 20:25:21 2025 GMT
Not After : Dec 13 20:25:21 2027 GMT
Subject: CN=6776f635-10a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:86:e4:12:f3:41:6c:98:62:1a:d1:33:65:06:
49:40:d8:d8:fb:38:9d:33:a2:7d:64:27:42:52:aa:
86:6b:bb:30:f5:44:2d:2c:b6:f2:be:ec:9c:97:d7:
cf:86:60:e1:28:b3:ee:bd:35:62:5b:09:27:1a:ec:
0a:b1:3e:a2:27:20:ed:88:bc:14:a1:d7:f4:2f:11:
7d:62:7c:cf:ba:8d:bb:3d:a7:f8:9c:9c:aa:a7:73:
d3:14:45:9f:c4:92:d4:18:67:7f:39:35:9a:b7:71:
3c:4f:fe:b1:18:4e:8d:9f:25:de:8b:47:d3:93:df:
fd:18:e6:a2:a3:f8:9a:3c:e6:05:7b:ba:91:59:cf:
a8:51:2b:47:39:25:d6:23:6e:12:2b:82:f8:8b:7e:
e0:c6:dc:73:3d:df:28:b2:21:60:25:5f:5a:eb:8b:
f1:be:85:48:1c:15:f0:c1:1f:ca:2e:60:2e:ad:c1:
1a:5d:1b:41:bd:dc:b9:28:19:51:5b:96:a1:de:71:
3c:dc:11:95:93:eb:51:24:d4:b0:14:ef:ba:04:cb:
8a:ce:1a:83:b2:78:20:70:6c:4e:df:4e:4e:e4:a1:
90:36:71:34:6c:7f:61:60:19:26:4e:b4:15:49:b9:
38:07:4b:85:78:b7:d1:0f:7b:bd:8f:80:ea:bb:b1:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9E:9F:EB:61:B1:57:26:0C:51:A5:F2:15:FB:4E:9A:43:92:E1:1F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B2AF89DAC94711EF92E2FF7F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.50.0/24
Signature Algorithm: sha256WithRSAEncryption
82:c0:fc:ab:c4:ec:d3:56:bb:34:5d:e1:d6:e6:81:51:cd:72:
2f:36:9a:e0:ec:7f:6b:d9:f8:0a:2c:b0:2d:af:f7:cb:01:ac:
43:12:d4:1f:66:97:b4:c0:6a:8a:39:29:d8:65:41:6e:39:bf:
1f:f1:ea:bb:14:a0:c2:ac:a7:8e:f7:d7:36:1a:cf:b4:46:7a:
6c:7b:d5:c4:8c:d3:99:0b:56:a9:44:d1:fd:60:58:f7:93:e5:
fb:36:58:26:1b:3b:d4:77:03:56:ec:54:bf:af:54:a8:9e:a5:
f8:b1:e0:2e:d0:8d:c0:b6:3a:15:4e:6d:0b:04:c3:ba:2f:a7:
45:d3:12:50:40:bd:3b:18:d6:da:ef:55:bc:68:70:9c:01:c4:
38:6e:ff:6c:4b:fd:a2:69:a5:28:92:6d:4e:e9:6b:90:00:55:
10:fe:3a:3c:f0:e8:72:b3:24:0d:1d:c6:b9:2b:7b:ec:0b:1a:
f3:8d:28:14:10:77:4b:d4:25:2e:15:1f:b8:5f:1d:80:17:4d:
f4:6a:16:df:90:48:5a:1e:fa:62:0b:b6:87:10:41:1b:70:16:
a2:a5:5a:a8:49:51:b3:04:ca:d1:f5:88:b6:fd:9d:47:16:3f:
f9:a7:ad:87:1a:80:8d:47:05:4a:35:9c:ac:66:ee:4d:54:d8:
50:16:2c:0a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPNuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjAyNTIxWhcNMjcxMjEzMjAyNTIxWjAYMRYw
FAYDVQQDEw02Nzc2ZjYzNS0xMGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy4bkEvNBbJhiGtEzZQZJQNjY+zidM6J9ZCdCUqqGa7sw9UQtLLbyvuyc
l9fPhmDhKLPuvTViWwknGuwKsT6iJyDtiLwUodf0LxF9YnzPuo27Paf4nJyqp3PT
FEWfxJLUGGd/OTWat3E8T/6xGE6NnyXei0fTk9/9GOaio/iaPOYFe7qRWc+oUStH
OSXWI24SK4L4i37gxtxzPd8osiFgJV9a64vxvoVIHBXwwR/KLmAurcEaXRtBvdy5
KBlRW5ah3nE83BGVk+tRJNSwFO+6BMuKzhqDsnggcGxO305O5KGQNnE0bH9hYBkm
TrQVSbk4B0uFeLfRD3u9j4Dqu7GRdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE6e
n+thsVcmDFGl8hX7TppDkuEfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMkFGODlEQUM5NDcxMUVGOTJFMkZGN0Y3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOEyMA0GCSqGSIb3DQEBCwUA
A4IBAQCCwPyrxOzTVrs0XeHW5oFRzXIvNprg7H9r2fgKLLAtr/fLAaxDEtQfZpe0
wGqKOSnYZUFuOb8f8eq7FKDCrKeO99c2Gs+0Rnpse9XEjNOZC1apRNH9YFj3k+X7
NlgmGzvUdwNW7FS/r1SonqX4seAu0I3AtjoVTm0LBMO6L6dF0xJQQL07GNba71W8
aHCcAcQ4bv9sS/2iaaUokm1O6WuQAFUQ/jo88OhysyQNHca5K3vsCxrzjSgUEHdL
1CUuFR+4Xx2AF030ahbfkEhaHvpiC7aHEEEbcBaipVqoSVGzBMrR9Yi2/Z1HFj/5
p62HGoCNRwVKNZysZu5NVNhQFiwK
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:42 2025 by rpki-client