Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA9DC844CCA511EF8CA80D71762E951A.roa
File: BA9DC844CCA511EF8CA80D71762E951A.roa (raw, json)
Hash identifier: M10GXjLcAnXYkgB301YaPLYDRjso/QJp0pZTPDuczqg=
Subject key identifier: 5C:86:54:97:7D:18:E8:CA:72:26:2B:79:52:72:AF:B5:84:36:14:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F9BC
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA9DC844CCA511EF8CA80D71762E951A.roa
Signing time: Tue 07 Jan 2025 03:16:04 +0000
ROA not before: Tue 07 Jan 2025 03:16:01 +0000
ROA not after: Sat 13 Dec 2025 03:16:01 +0000
asID: 984
IP address blocks: 156.229.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63932 (0xf9bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 03:16:01 2025 GMT
Not After : Dec 13 03:16:01 2025 GMT
Subject: CN=677c9c74-c803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f7:ed:83:bb:d1:a1:9b:77:b5:d0:d1:81:b1:
0e:20:0b:e9:46:6c:22:11:5f:aa:e9:12:9f:23:2f:
ff:f8:c6:6f:7b:55:66:98:fe:4e:dc:c1:8e:f0:42:
e4:01:45:62:90:a6:05:28:a4:92:43:92:05:8c:fd:
ee:9a:4c:4e:24:de:28:be:c5:4f:c8:07:07:f1:bd:
80:f4:41:91:09:71:5e:6d:e5:b7:b2:09:64:f3:f1:
cd:9c:d8:a3:62:0e:c8:37:53:18:42:49:94:9f:0f:
46:c1:b3:14:87:17:0d:82:7d:95:fa:70:ad:58:9c:
54:84:d9:dd:49:69:d4:9e:f9:5b:e9:2c:76:70:95:
92:44:73:e1:6a:fd:4a:4b:2a:fd:e4:b3:55:96:a5:
ce:13:2d:8e:c4:b3:f2:d9:7c:17:78:92:cc:f9:fa:
1f:36:92:79:45:7f:c5:6d:2a:01:77:45:94:e1:e7:
b0:8d:4c:36:9d:93:2a:77:0a:f6:d0:91:26:ea:af:
83:8c:a7:68:30:ad:0e:29:71:a6:9b:26:89:6f:ed:
11:9a:45:95:a1:39:c0:5b:a8:7b:b9:ad:38:82:86:
92:4e:8d:c4:59:bf:fd:52:75:0a:a9:6d:13:33:7a:
e3:bc:6b:29:0f:02:b1:3a:6b:15:5f:23:84:22:4d:
3e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:86:54:97:7D:18:E8:CA:72:26:2B:79:52:72:AF:B5:84:36:14:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BA9DC844CCA511EF8CA80D71762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.229.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:51:45:78:8d:c3:f3:4e:30:35:0e:16:a9:bd:b2:b3:be:8e:
26:59:e7:83:41:52:08:c5:7d:b2:15:76:9c:64:4b:e1:da:20:
68:7b:ea:e9:87:be:0e:84:99:9b:b4:60:09:dd:87:c8:3d:10:
ad:3a:d4:8c:b5:a4:ce:66:47:da:c7:3a:b8:da:66:db:d7:b5:
a5:90:e6:70:12:45:de:54:8d:42:e5:44:bf:46:42:4e:ad:47:
29:3e:ae:62:ae:74:dd:60:36:9e:c4:12:7c:b5:f2:b5:b2:2d:
29:84:cb:70:c7:67:fa:c7:c9:b8:63:8c:cb:24:68:df:a1:e2:
f6:5a:ca:06:71:85:26:64:00:e2:bc:57:c8:2c:b2:7d:63:ca:
12:00:f6:9f:f7:6c:02:2f:b9:06:23:f0:37:50:49:8d:df:52:
bb:ad:79:29:2e:e3:d8:66:04:1d:51:40:cf:9d:03:15:a8:43:
45:22:99:ac:f6:8a:a4:f7:a5:2e:5e:49:5b:a7:f5:18:80:6c:
75:43:20:84:38:d6:ce:a8:ec:6d:80:1a:57:73:ce:ca:c4:40:
14:60:04:66:d3:21:67:41:5a:f5:16:43:89:f4:73:1f:7c:74:
14:c9:17:a4:a4:57:6b:a5:05:47:51:95:86:3c:b3:e9:2e:30:
a1:4b:1f:27
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPm8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDMxNjAxWhcNMjUxMjEzMDMxNjAxWjAYMRYw
FAYDVQQDEw02NzdjOWM3NC1jODAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs/ftg7vRoZt3tdDRgbEOIAvpRmwiEV+q6RKfIy//+MZve1VmmP5O3MGO
8ELkAUVikKYFKKSSQ5IFjP3umkxOJN4ovsVPyAcH8b2A9EGRCXFebeW3sglk8/HN
nNijYg7IN1MYQkmUnw9GwbMUhxcNgn2V+nCtWJxUhNndSWnUnvlb6Sx2cJWSRHPh
av1KSyr95LNVlqXOEy2OxLPy2XwXeJLM+fofNpJ5RX/FbSoBd0WU4eewjUw2nZMq
dwr20JEm6q+DjKdoMK0OKXGmmyaJb+0RmkWVoTnAW6h7ua04goaSTo3EWb/9UnUK
qW0TM3rjvGspDwKxOmsVXyOEIk0++wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFyG
VJd9GOjKciYreVJyr7WENhSZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQTlEQzg0NENDQTUxMUVGOENBODBENzE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOXxMA0GCSqGSIb3DQEBCwUA
A4IBAQALUUV4jcPzTjA1DhapvbKzvo4mWeeDQVIIxX2yFXacZEvh2iBoe+rph74O
hJmbtGAJ3YfIPRCtOtSMtaTOZkfaxzq42mbb17WlkOZwEkXeVI1C5US/RkJOrUcp
Pq5irnTdYDaexBJ8tfK1si0phMtwx2f6x8m4Y4zLJGjfoeL2WsoGcYUmZADivFfI
LLJ9Y8oSAPaf92wCL7kGI/A3UEmN31K7rXkpLuPYZgQdUUDPnQMVqENFIpms9oqk
96UuXklbp/UYgGx1QyCEONbOqOxtgBpXc87KxEAUYARm0yFnQVr1FkOJ9HMffHQU
yRekpFdrpQVHUZWGPLPpLjChSx8n
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:22 2025 by rpki-client