Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA56B8A8CCD411EFB768C597762E951A.roa
File: BA56B8A8CCD411EFB768C597762E951A.roa (raw, json)
Hash identifier: wAUO8wwpozz22nyeDa1mtJYD4qMtufcu5CVGf8XbVt8=
Subject key identifier: 6E:05:11:98:6D:E7:1B:3E:E7:62:38:67:9D:BD:D4:1A:30:4E:D0:D8
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FAF4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA56B8A8CCD411EFB768C597762E951A.roa
Signing time: Tue 07 Jan 2025 08:52:30 +0000
ROA not before: Tue 07 Jan 2025 08:52:27 +0000
ROA not after: Mon 13 Dec 2027 08:52:27 +0000
asID: 17561
IP address blocks: 156.233.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64244 (0xfaf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 08:52:27 2025 GMT
Not After : Dec 13 08:52:27 2027 GMT
Subject: CN=677ceb4e-9735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:60:09:16:8c:ec:0f:d9:f1:f8:88:53:3a:d7:
96:43:16:13:05:94:fc:c0:05:50:f9:ca:d7:05:dc:
6f:c9:a5:14:3a:d5:7e:2a:ca:77:f3:05:e2:25:30:
39:31:8b:ba:9c:aa:eb:b0:f0:46:c0:f7:5b:16:24:
64:83:d3:66:b2:c6:7e:90:df:4d:8d:19:13:9b:e2:
0e:72:ae:a4:9d:af:fc:3d:15:a9:86:47:bd:06:23:
8f:0a:34:bb:d3:cb:4e:7c:04:9c:c4:23:44:8a:53:
15:59:56:66:dc:09:a5:f4:2b:5d:6d:f7:d4:9c:f7:
b6:f1:21:40:23:a1:4c:39:fd:41:0a:78:0f:8b:17:
e9:34:f2:f0:cb:63:5b:a5:ac:97:98:d8:f8:c6:5b:
ce:e4:0f:1d:42:59:25:ee:b3:df:3d:32:08:bc:bb:
d1:96:e3:46:02:d4:c5:3d:98:19:2d:6d:64:2f:af:
f6:9c:54:b9:38:9f:8a:0c:ff:c2:75:4e:56:82:09:
60:01:aa:35:f4:12:3d:54:c4:51:1d:b3:cb:b5:88:
0b:e6:e0:fd:48:45:b8:3d:9b:59:df:0d:05:19:ca:
6c:90:33:6c:ec:ad:98:cc:47:e7:34:4d:a0:30:1c:
a2:ed:71:19:55:bf:fa:34:ff:72:f8:bc:e4:bf:29:
86:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:05:11:98:6D:E7:1B:3E:E7:62:38:67:9D:BD:D4:1A:30:4E:D0:D8
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA56B8A8CCD411EFB768C597762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.169.0/24
Signature Algorithm: sha256WithRSAEncryption
88:1f:20:92:76:3c:95:96:bd:e2:cf:a6:be:fb:bf:a7:bc:61:
8a:85:79:f7:97:e8:d6:64:3e:a3:79:93:4a:ce:7e:59:59:f9:
58:6d:ba:d3:b5:0f:d3:2f:3a:26:a9:50:21:95:bd:fe:78:82:
f5:63:8b:18:42:3b:56:16:48:e8:e4:88:61:2d:e7:f7:59:d8:
b9:14:c0:c5:32:14:58:11:33:c8:bf:63:37:a6:8e:b8:a2:a4:
80:e1:f6:46:a2:61:d5:be:e6:89:fb:49:44:e0:f1:60:f1:50:
f9:dd:b0:7f:4d:03:27:53:70:d8:27:4f:7c:80:34:4a:0b:15:
38:8a:2d:5b:8f:f6:b1:69:bc:5f:89:6d:a8:66:45:ee:87:3d:
36:e9:8d:ca:be:58:46:31:a5:6c:87:a0:58:e1:12:31:30:b3:
9d:3f:48:17:27:8c:64:62:1a:37:d6:7f:0c:a9:bb:a3:79:fa:
2c:c0:bd:bf:39:ed:4c:1a:81:6a:ed:b8:6f:b0:1f:b3:7c:54:
e5:e9:af:c3:2a:80:0a:61:9b:98:fe:3a:d5:79:15:f4:66:13:
2c:a4:60:f2:b4:ea:f7:2c:16:ea:96:8b:68:16:64:4b:77:bf:
38:16:42:43:8e:fe:9f:e3:cc:ca:95:23:79:8d:94:01:83:6e:
f7:df:51:a8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPr0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDg1MjI3WhcNMjcxMjEzMDg1MjI3WjAYMRYw
FAYDVQQDEw02NzdjZWI0ZS05NzM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2WAJFozsD9nx+IhTOteWQxYTBZT8wAVQ+crXBdxvyaUUOtV+Ksp38wXi
JTA5MYu6nKrrsPBGwPdbFiRkg9NmssZ+kN9NjRkTm+IOcq6kna/8PRWphke9BiOP
CjS708tOfAScxCNEilMVWVZm3Aml9CtdbffUnPe28SFAI6FMOf1BCngPixfpNPLw
y2NbpayXmNj4xlvO5A8dQlkl7rPfPTIIvLvRluNGAtTFPZgZLW1kL6/2nFS5OJ+K
DP/CdU5WgglgAao19BI9VMRRHbPLtYgL5uD9SEW4PZtZ3w0FGcpskDNs7K2YzEfn
NE2gMByi7XEZVb/6NP9y+LzkvymGgwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFG4F
EZht5xs+52I4Z5291BowTtDYMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTU2QjhBOENDRDQxMUVGQjc2OEM1OTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOmpMA0GCSqGSIb3DQEBCwUA
A4IBAQCIHyCSdjyVlr3iz6a++7+nvGGKhXn3l+jWZD6jeZNKzn5ZWflYbbrTtQ/T
LzomqVAhlb3+eIL1Y4sYQjtWFkjo5IhhLef3Wdi5FMDFMhRYETPIv2M3po64oqSA
4fZGomHVvuaJ+0lE4PFg8VD53bB/TQMnU3DYJ098gDRKCxU4ii1bj/axabxfiW2o
ZkXuhz026Y3KvlhGMaVsh6BY4RIxMLOdP0gXJ4xkYho31n8MqbujefoswL2/Oe1M
GoFq7bhvsB+zfFTl6a/DKoAKYZuY/jrVeRX0ZhMspGDytOr3LBbqlotoFmRLd784
FkJDjv6f48zKlSN5jZQBg27331Go
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:55:54 2025 by rpki-client