Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB5D7578CD1C11EF9469C95E762E951A.roa
File: BB5D7578CD1C11EF9469C95E762E951A.roa (raw, json)
Hash identifier: o9p4OMniBodyMcs08K2DmkYBpYsQyxS0MAEEAebxrMA=
Subject key identifier: 7F:12:1E:B4:AC:1E:B0:85:2E:EB:79:46:F1:8D:F3:15:4A:42:2C:51
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD51
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB5D7578CD1C11EF9469C95E762E951A.roa
Signing time: Tue 07 Jan 2025 17:27:56 +0000
ROA not before: Tue 07 Jan 2025 17:27:52 +0000
ROA not after: Mon 13 Dec 2027 17:27:52 +0000
asID: 17561
IP address blocks: 156.241.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64849 (0xfd51)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:27:52 2025 GMT
Not After : Dec 13 17:27:52 2027 GMT
Subject: CN=677d641c-0804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8f:a0:27:ef:3a:80:f2:99:30:ae:bd:d1:a1:
20:6a:75:8c:88:ed:6e:1e:1c:fd:bb:3a:46:8c:7e:
eb:96:34:fd:d7:bc:1f:17:fc:b7:76:03:08:8e:13:
d5:8d:62:28:c0:dc:35:e0:b3:0a:2c:56:86:33:ba:
ff:85:a9:fb:08:73:f9:31:77:b2:94:69:0c:db:45:
13:ca:23:c1:eb:7a:48:79:f4:ba:db:de:bd:a4:df:
a1:53:40:b9:be:c5:9a:5b:19:b6:96:84:ec:50:30:
2d:46:ad:87:4c:ee:bc:70:d0:4e:da:47:9b:95:4a:
c2:31:cd:3a:51:e3:8d:72:19:8c:c3:a2:51:71:86:
39:95:7c:cd:16:20:b6:de:19:85:40:73:0c:bd:ce:
b7:90:a4:01:92:16:d7:b7:ad:ff:fc:74:2c:80:44:
bd:38:ea:e2:71:3d:95:7b:16:1b:1b:11:8d:dd:53:
9d:35:db:76:28:10:83:cc:63:08:41:5e:a3:d9:5f:
6e:70:f8:d6:24:44:db:21:dd:b1:91:f2:58:fc:dd:
0d:08:5e:7f:d1:d7:46:0d:cc:26:da:4c:9f:54:54:
06:91:bf:c7:14:32:6c:e8:a9:81:13:b3:a8:e6:c5:
4e:57:80:38:14:88:b8:a7:92:13:a3:a9:d5:d7:e7:
86:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:12:1E:B4:AC:1E:B0:85:2E:EB:79:46:F1:8D:F3:15:4A:42:2C:51
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB5D7578CD1C11EF9469C95E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.46.0/24
Signature Algorithm: sha256WithRSAEncryption
40:66:10:45:89:2d:4d:f4:fb:b1:17:d6:6b:8e:18:25:dd:40:
90:2f:66:30:f2:61:e6:db:45:a9:1b:94:19:97:fb:80:0d:7e:
68:57:9b:9f:55:60:41:f6:27:fb:a9:8b:60:d5:75:31:3e:c9:
97:c5:ca:92:d3:88:eb:0d:21:7c:96:b9:f7:6d:52:64:44:3a:
96:2f:95:c9:d4:71:13:f7:07:d5:23:ed:b8:78:4f:4a:ff:9b:
8f:45:2a:51:26:a5:6a:ca:b5:94:18:71:d2:82:98:51:b0:d4:
d6:e2:b0:74:b5:3c:7a:13:51:87:d8:f2:12:2e:10:e1:fa:42:
2c:53:2c:aa:46:21:44:c7:5c:36:21:2b:80:77:87:20:32:94:
c6:81:16:cc:97:1f:4d:db:37:c0:7f:76:b3:88:b2:bd:f3:6d:
7f:f7:3b:ba:ed:be:25:52:a6:21:4d:d1:14:bb:7c:cc:8b:2a:
ee:6b:9c:6e:a9:07:1a:d2:8c:91:d4:07:41:7c:e8:0a:c3:4d:
63:d3:2b:4b:01:a9:44:d7:ac:f0:d7:a2:49:ba:a4:d7:fc:92:
38:d6:23:21:74:e9:53:a5:d6:c5:00:2e:3f:17:20:00:bc:d6:
22:c7:1c:83:f5:4d:b4:5b:2e:a1:e5:f9:56:d6:0d:12:09:3c:
7f:b2:e5:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcyNzUyWhcNMjcxMjEzMTcyNzUyWjAYMRYw
FAYDVQQDEw02NzdkNjQxYy0wODA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuY+gJ+86gPKZMK690aEganWMiO1uHhz9uzpGjH7rljT917wfF/y3dgMI
jhPVjWIowNw14LMKLFaGM7r/han7CHP5MXeylGkM20UTyiPB63pIefS62969pN+h
U0C5vsWaWxm2loTsUDAtRq2HTO68cNBO2keblUrCMc06UeONchmMw6JRcYY5lXzN
FiC23hmFQHMMvc63kKQBkhbXt63//HQsgES9OOricT2VexYbGxGN3VOdNdt2KBCD
zGMIQV6j2V9ucPjWJETbId2xkfJY/N0NCF5/0ddGDcwm2kyfVFQGkb/HFDJs6KmB
E7Oo5sVOV4A4FIi4p5ITo6nV1+eGKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH8S
HrSsHrCFLut5RvGN8xVKQixRMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQjVENzU3OENEMUMxMUVGOTQ2OUM5NUU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEuMA0GCSqGSIb3DQEBCwUA
A4IBAQBAZhBFiS1N9PuxF9Zrjhgl3UCQL2Yw8mHm20WpG5QZl/uADX5oV5ufVWBB
9if7qYtg1XUxPsmXxcqS04jrDSF8lrn3bVJkRDqWL5XJ1HET9wfVI+24eE9K/5uP
RSpRJqVqyrWUGHHSgphRsNTW4rB0tTx6E1GH2PISLhDh+kIsUyyqRiFEx1w2ISuA
d4cgMpTGgRbMlx9N2zfAf3aziLK9821/9zu67b4lUqYhTdEUu3zMiyrua5xuqQca
0oyR1AdBfOgKw01j0ytLAalE16zw16JJuqTX/JI41iMhdOlTpdbFAC4/FyAAvNYi
xxyD9U20Wy6h5flW1g0SCTx/suWp
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:28 2025 by rpki-client