Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAA16DD4CDB111EFB7E1779E762E951A.roa
File: BAA16DD4CDB111EFB7E1779E762E951A.roa (raw, json)
Hash identifier: v8o9/nb383j8LQJWbzMcVRzVGWxBkhRACASyHgGeO2s=
Subject key identifier: C3:0C:97:91:E0:5D:F3:E6:8B:64:47:04:13:F1:54:54:61:CD:3E:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010185
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAA16DD4CDB111EFB7E1779E762E951A.roa
Signing time: Wed 08 Jan 2025 11:14:30 +0000
ROA not before: Wed 08 Jan 2025 11:14:26 +0000
ROA not after: Mon 13 Dec 2027 11:14:26 +0000
asID: 17561
IP address blocks: 156.255.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65925 (0x10185)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 11:14:26 2025 GMT
Not After : Dec 13 11:14:26 2027 GMT
Subject: CN=677e5e15-e31a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9e:6a:5b:95:ea:64:5e:41:22:ca:ee:06:46:
eb:2e:c4:ce:7b:64:9c:02:94:3a:ea:7b:54:8f:22:
45:a4:d3:35:cb:4a:85:74:b6:c4:bb:29:6b:2c:93:
5f:9e:37:99:fc:4b:19:72:c5:ac:59:a4:3d:1c:39:
cb:46:e1:51:51:d8:1d:29:e2:95:0c:20:13:e4:8b:
af:35:9b:73:97:8e:a9:b4:22:ce:e4:75:1b:71:9d:
a0:a3:e9:d9:dc:50:42:51:5a:63:bc:02:aa:e4:a6:
a6:ab:aa:88:84:58:41:dd:0f:2b:61:df:47:4e:d4:
fa:72:11:97:ca:b0:a8:cb:2d:07:40:91:59:b8:84:
53:76:ff:e1:ff:16:10:ae:2a:63:e2:95:22:2e:36:
09:16:57:99:44:f9:31:de:03:fd:ea:e5:08:25:83:
e0:9c:df:1a:7e:a1:5f:6b:a8:92:62:41:66:45:a3:
21:c0:35:bf:1d:67:74:3f:dd:c6:ce:17:eb:01:5c:
6e:72:da:97:0c:8c:64:7b:56:0f:d4:ff:18:3e:24:
d5:75:b1:fa:ba:0f:63:83:16:56:04:c1:a2:16:ad:
69:33:d3:fd:d4:ca:c2:8f:9f:d6:78:04:65:37:ee:
54:bb:a7:f3:3b:60:56:f9:08:7e:15:7f:b9:cb:20:
dc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:0C:97:91:E0:5D:F3:E6:8B:64:47:04:13:F1:54:54:61:CD:3E:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BAA16DD4CDB111EFB7E1779E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.78.0/24
Signature Algorithm: sha256WithRSAEncryption
45:b3:1b:bc:b8:ff:40:34:05:3b:f7:10:69:55:10:90:71:59:
2c:f4:8d:8c:0e:14:eb:80:0b:7a:f7:e4:54:02:9e:1e:ed:03:
61:6c:29:da:b9:a6:f9:40:23:6b:18:2b:b5:22:27:a6:5a:79:
6c:08:34:dc:bc:dc:e3:1f:7a:4f:b1:ef:7f:a5:98:b9:7d:b6:
fe:20:8b:ce:10:de:13:53:1b:a9:3a:72:e4:44:bf:ba:49:dd:
33:9b:6c:32:15:0b:3e:a7:04:5d:6c:bd:cc:ca:9f:0d:f3:95:
be:92:66:f8:3b:97:6e:30:90:20:be:fd:16:87:88:9d:24:01:
ad:17:4e:72:ae:ae:d1:a5:d1:b4:4b:ac:27:1b:c1:2c:54:26:
e3:ce:c5:99:fa:99:09:13:98:18:61:30:41:51:e4:3d:7b:43:
f3:2b:ac:72:4c:6a:ab:e5:c8:c7:0c:6b:57:e5:bf:9b:5a:8a:
90:1f:64:d6:f3:f8:53:4d:ac:1b:b3:71:e0:02:11:f4:c3:cc:
de:c7:32:a9:23:26:a0:61:8f:91:dc:a9:b1:73:37:51:1f:b2:
a4:7a:7c:da:38:38:d0:5f:be:d2:c4:1d:b1:26:15:c2:ad:50:
d3:d5:52:3d:33:2a:82:7d:25:22:6c:0d:9f:19:e9:39:d8:7b:
c0:12:29:40
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQGFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTExNDI2WhcNMjcxMjEzMTExNDI2WjAYMRYw
FAYDVQQDEw02NzdlNWUxNS1lMzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAv55qW5XqZF5BIsruBkbrLsTOe2ScApQ66ntUjyJFpNM1y0qFdLbEuylr
LJNfnjeZ/EsZcsWsWaQ9HDnLRuFRUdgdKeKVDCAT5IuvNZtzl46ptCLO5HUbcZ2g
o+nZ3FBCUVpjvAKq5Kamq6qIhFhB3Q8rYd9HTtT6chGXyrCoyy0HQJFZuIRTdv/h
/xYQripj4pUiLjYJFleZRPkx3gP96uUIJYPgnN8afqFfa6iSYkFmRaMhwDW/HWd0
P93GzhfrAVxuctqXDIxke1YP1P8YPiTVdbH6ug9jgxZWBMGiFq1pM9P91MrCj5/W
eARlN+5Uu6fzO2BW+Qh+FX+5yyDcdQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMMM
l5HgXfPmi2RHBBPxVFRhzT4eMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQUExNkRENENEQjExMUVGQjdFMTc3OUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP9OMA0GCSqGSIb3DQEBCwUA
A4IBAQBFsxu8uP9ANAU79xBpVRCQcVks9I2MDhTrgAt69+RUAp4e7QNhbCnauab5
QCNrGCu1IiemWnlsCDTcvNzjH3pPse9/pZi5fbb+IIvOEN4TUxupOnLkRL+6Sd0z
m2wyFQs+pwRdbL3Myp8N85W+kmb4O5duMJAgvv0Wh4idJAGtF05yrq7RpdG0S6wn
G8EsVCbjzsWZ+pkJE5gYYTBBUeQ9e0PzK6xyTGqr5cjHDGtX5b+bWoqQH2TW8/hT
Tawbs3HgAhH0w8zexzKpIyagYY+R3KmxczdRH7KkenzaODjQX77SxB2xJhXCrVDT
1VI9MyqCfSUibA2fGek52HvAEilA
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:35 2025 by rpki-client