Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA4F06BCCCAC11EFA150B29C762E951A.roa
File: BA4F06BCCCAC11EFA150B29C762E951A.roa (raw, json)
Hash identifier: +oqyQX+w2AUFQxwLKB5Hw9sQCFMA8k8i98toaQukyZg=
Subject key identifier: A9:BE:9D:04:3B:43:5F:B3:F4:6C:AB:F1:4A:E8:DF:A9:37:E5:84:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9D4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA4F06BCCCAC11EFA150B29C762E951A.roa
Signing time: Tue 07 Jan 2025 04:06:10 +0000
ROA not before: Tue 07 Jan 2025 04:06:07 +0000
ROA not after: Mon 13 Dec 2027 04:06:07 +0000
asID: 17561
IP address blocks: 156.230.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63956 (0xf9d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 04:06:07 2025 GMT
Not After : Dec 13 04:06:07 2027 GMT
Subject: CN=677ca832-a497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f4:4b:1a:b2:18:dc:96:cc:2b:cd:89:1b:12:
96:4c:b6:f7:cb:9e:e8:58:4e:8d:ee:51:3d:f6:f9:
0d:ba:83:61:b9:c9:c2:26:08:91:67:92:8a:00:12:
cd:8a:62:5a:e6:75:75:39:48:67:4a:a1:e9:25:51:
80:a4:13:82:05:ee:08:c4:2e:aa:69:7e:68:58:b4:
c2:de:f6:f1:ca:c3:72:5c:c4:74:dd:05:2d:e6:ba:
a4:c3:88:d5:e9:e0:a7:20:9b:29:4a:86:e5:34:a0:
37:62:96:98:f0:67:19:cc:c7:88:14:77:6f:b6:6e:
2d:49:a6:40:fe:45:d9:db:b4:1e:ae:25:18:a0:12:
95:d3:fd:ec:d0:06:03:29:9a:85:db:8f:94:e1:44:
1b:a9:29:48:f3:99:43:a9:a0:6a:76:65:c7:59:15:
dd:1a:85:30:3f:98:19:df:02:69:21:ef:4d:fb:d9:
9f:08:05:50:43:20:cf:1e:28:72:7c:55:bf:07:cf:
53:3d:94:7d:c2:15:03:f9:5b:c7:7f:4f:ac:9b:27:
3a:e3:f1:83:a0:f7:1d:5c:13:15:b9:78:ad:87:68:
e9:9b:f9:b2:66:7c:71:36:d4:a9:7d:ff:5d:c7:04:
d0:29:94:62:bc:12:dc:ae:ce:8a:2e:ef:d6:7f:63:
f6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:BE:9D:04:3B:43:5F:B3:F4:6C:AB:F1:4A:E8:DF:A9:37:E5:84:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA4F06BCCCAC11EFA150B29C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.230.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:7a:42:e6:0b:9d:6a:49:3b:67:e1:73:bf:8a:82:79:0d:7f:
8f:27:7e:a2:b0:f8:6d:b1:a3:b9:51:04:bd:8c:52:6b:37:ea:
47:54:7d:21:e8:11:63:fb:f3:81:70:98:1d:4c:e1:ca:ad:d1:
6c:0a:25:d0:a9:cb:d8:e6:b5:88:07:ed:ae:10:d5:df:f4:41:
33:3d:e2:21:13:7a:5c:0e:5a:51:b2:3d:dc:65:9f:2c:f9:77:
e0:3e:ac:3a:9d:a3:e5:f6:9c:bf:40:fc:53:15:4f:d7:14:5a:
dc:84:47:72:e4:56:78:66:13:61:d4:74:2c:38:37:8e:8b:1b:
2c:60:0d:29:44:47:80:6d:f0:35:fe:72:5b:63:0b:56:a6:bc:
91:e9:da:cb:43:e8:69:b2:cc:63:09:a1:a8:67:a9:15:0d:62:
e0:9e:83:04:d5:16:59:72:a3:a9:56:1f:37:77:31:0f:df:de:
bc:65:29:09:58:9b:fc:ac:99:90:5d:54:49:11:bc:01:b3:a3:
87:61:a9:5c:d4:ce:4c:3a:11:cc:90:67:a8:0d:9b:5f:8a:81:
dd:f5:ef:e6:0b:65:a1:1f:65:7b:77:f0:7e:97:37:32:f6:29:
f6:3d:d6:d8:d9:b9:f0:e4:ac:c5:f6:25:5e:c5:3d:df:68:42:
3e:29:f3:75
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPnUMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDQwNjA3WhcNMjcxMjEzMDQwNjA3WjAYMRYw
FAYDVQQDEw02NzdjYTgzMi1hNDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp/RLGrIY3JbMK82JGxKWTLb3y57oWE6N7lE99vkNuoNhucnCJgiRZ5KK
ABLNimJa5nV1OUhnSqHpJVGApBOCBe4IxC6qaX5oWLTC3vbxysNyXMR03QUt5rqk
w4jV6eCnIJspSoblNKA3YpaY8GcZzMeIFHdvtm4tSaZA/kXZ27QeriUYoBKV0/3s
0AYDKZqF24+U4UQbqSlI85lDqaBqdmXHWRXdGoUwP5gZ3wJpIe9N+9mfCAVQQyDP
HihyfFW/B89TPZR9whUD+VvHf0+smyc64/GDoPcdXBMVuXith2jpm/myZnxxNtSp
ff9dxwTQKZRivBLcrs6KLu/Wf2P2+QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKm+
nQQ7Q1+z9Gyr8Uro36k35YRSMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTRGMDZCQ0NDQUMxMUVGQTE1MEIyOUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOYUMA0GCSqGSIb3DQEBCwUA
A4IBAQChekLmC51qSTtn4XO/ioJ5DX+PJ36isPhtsaO5UQS9jFJrN+pHVH0h6BFj
+/OBcJgdTOHKrdFsCiXQqcvY5rWIB+2uENXf9EEzPeIhE3pcDlpRsj3cZZ8s+Xfg
Pqw6naPl9py/QPxTFU/XFFrchEdy5FZ4ZhNh1HQsODeOixssYA0pREeAbfA1/nJb
YwtWpryR6drLQ+hpssxjCaGoZ6kVDWLgnoME1RZZcqOpVh83dzEP3968ZSkJWJv8
rJmQXVRJEbwBs6OHYalc1M5MOhHMkGeoDZtfioHd9e/mC2WhH2V7d/B+lzcy9in2
PdbY2bnw5KzF9iVexT3faEI+KfN1
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:33 2025 by rpki-client