Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA1C816CC34011EFBBDD65BA762E951A.roa
File: BA1C816CC34011EFBBDD65BA762E951A.roa (raw, json)
Hash identifier: Nk+0tPrmzt7EEMT/dhcqwDkFX0L09kkyot8OQKixxWg=
Subject key identifier: D9:60:17:F9:87:82:7B:26:DA:80:1E:1B:EB:DA:CC:8E:C2:6D:F2:57
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBC7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA1C816CC34011EFBBDD65BA762E951A.roa
Signing time: Thu 26 Dec 2024 04:20:24 +0000
ROA not before: Thu 26 Dec 2024 04:20:20 +0000
ROA not after: Fri 10 Dec 2027 04:20:20 +0000
asID: 17561
IP address blocks: 156.244.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60359 (0xebc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:20:20 2024 GMT
Not After : Dec 10 04:20:20 2027 GMT
Subject: CN=676cd988-d73d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:20:7d:38:11:37:2f:27:d4:42:87:32:81:36:
94:7c:3e:68:7e:76:28:83:00:3e:68:ee:85:1f:eb:
bd:8e:64:1b:12:ef:62:23:67:41:6f:25:87:97:42:
ef:0e:59:69:b4:c9:da:02:c1:4c:55:49:08:d6:8c:
2f:1c:33:98:ba:fb:56:5f:a5:ff:e3:ad:e8:59:71:
68:60:b8:7e:c6:6f:a5:fe:a3:3f:ff:69:67:0a:cc:
b3:2f:50:1b:aa:61:e6:7b:af:fd:d9:b4:7e:41:79:
35:4e:19:27:7f:b2:28:a9:2f:c4:c9:cd:4f:0f:fb:
04:2f:19:d0:bc:bb:96:ba:d4:b5:49:eb:29:91:07:
b4:60:28:16:92:b6:89:60:ed:83:44:ef:0e:5e:8d:
64:07:93:ae:5b:06:cf:2b:c7:e9:f6:39:44:fc:e6:
14:ae:87:3f:55:45:9c:cc:9b:e2:b3:19:2a:aa:ae:
bf:b1:a3:38:49:cc:db:7b:ab:37:9f:bd:bb:0b:3f:
5d:f7:46:74:52:c0:63:6c:43:52:34:04:f1:c6:9f:
26:74:e6:64:c1:a0:6b:6e:c5:a1:eb:84:d5:79:bf:
67:af:06:2b:e9:37:ab:ba:53:fc:df:9b:ad:5a:7e:
dc:93:55:1b:6f:d5:17:73:98:20:9d:1f:91:f8:ed:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:60:17:F9:87:82:7B:26:DA:80:1E:1B:EB:DA:CC:8E:C2:6D:F2:57
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA1C816CC34011EFBBDD65BA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:df:99:32:d3:31:6f:fc:f3:fc:24:b7:b3:78:7c:9b:84:19:
c5:42:45:b1:4e:68:fb:e2:36:8c:4e:e4:4d:81:3e:94:81:72:
a0:a4:dc:13:4f:39:bb:3b:70:b2:58:80:61:d8:41:7a:3b:15:
ef:79:f6:f6:f4:41:d4:dd:73:d2:ac:b4:e1:f2:31:7b:d1:39:
e3:01:43:8c:e8:eb:51:ee:47:6d:8c:91:1b:44:8a:06:80:a8:
27:b2:2c:78:4b:ca:13:01:27:3c:bb:8c:69:d4:13:b5:ae:e7:
7d:54:5c:27:a7:82:51:72:3f:98:2d:af:2e:3b:6b:48:4e:01:
ec:d2:ae:48:65:47:ac:7d:4d:c3:c3:98:2d:3e:ee:49:b2:19:
da:e9:2f:98:23:58:94:8c:42:7f:fe:63:82:3e:ff:cc:70:62:
14:29:d0:51:84:1e:88:a5:a0:cc:62:c1:a8:90:c0:e7:fb:68:
53:dd:1d:00:df:e2:2c:32:01:97:6e:91:aa:dc:7e:49:fe:47:
eb:27:3a:f4:8a:83:34:e9:f4:94:d5:e6:8d:00:37:41:e5:ab:
a8:2d:2b:cb:97:87:09:74:28:36:65:4e:8f:e0:e4:73:22:04:
db:c9:7e:74:94:fa:d7:5d:ff:67:f5:f9:b6:65:01:35:90:20:
7a:05:ef:46
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQyMDIwWhcNMjcxMjEwMDQyMDIwWjAYMRYw
FAYDVQQDEw02NzZjZDk4OC1kNzNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3CB9OBE3LyfUQocygTaUfD5ofnYogwA+aO6FH+u9jmQbEu9iI2dBbyWH
l0LvDllptMnaAsFMVUkI1owvHDOYuvtWX6X/463oWXFoYLh+xm+l/qM//2lnCsyz
L1AbqmHme6/92bR+QXk1Thknf7IoqS/Eyc1PD/sELxnQvLuWutS1SespkQe0YCgW
kraJYO2DRO8OXo1kB5OuWwbPK8fp9jlE/OYUroc/VUWczJvisxkqqq6/saM4Sczb
e6s3n727Cz9d90Z0UsBjbENSNATxxp8mdOZkwaBrbsWh64TVeb9nrwYr6TerulP8
35utWn7ck1Ubb9UXc5ggnR+R+O0d+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFNlg
F/mHgnsm2oAeG+vazI7CbfJXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTFDODE2Q0MzNDAxMUVGQkJERDY1QkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTfMA0GCSqGSIb3DQEBCwUA
A4IBAQCe35ky0zFv/PP8JLezeHybhBnFQkWxTmj74jaMTuRNgT6UgXKgpNwTTzm7
O3CyWIBh2EF6OxXvefb29EHU3XPSrLTh8jF70TnjAUOM6OtR7kdtjJEbRIoGgKgn
six4S8oTASc8u4xp1BO1rud9VFwnp4JRcj+YLa8uO2tITgHs0q5IZUesfU3Dw5gt
Pu5Jshna6S+YI1iUjEJ//mOCPv/McGIUKdBRhB6IpaDMYsGokMDn+2hT3R0A3+Is
MgGXbpGq3H5J/kfrJzr0ioM06fSU1eaNADdB5auoLSvLl4cJdCg2ZU6P4ORzIgTb
yX50lPrXXf9n9fm2ZQE1kCB6Be9G
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:14 2025 by rpki-client