Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB6E100ACD0C11EFA9190579762E951A.roa
File: BB6E100ACD0C11EFA9190579762E951A.roa (raw, json)
Hash identifier: GiJ/t/Mxo+o3vPAC5/AuKYYR8p4oYjFL4v1SRCLeEPs=
Subject key identifier: 02:AF:55:F1:55:B4:81:A6:CE:78:73:19:3E:8E:4F:9F:CF:A7:6E:91
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FCCF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB6E100ACD0C11EFA9190579762E951A.roa
Signing time: Tue 07 Jan 2025 15:33:24 +0000
ROA not before: Tue 07 Jan 2025 15:33:20 +0000
ROA not after: Mon 13 Dec 2027 15:33:20 +0000
asID: 17561
IP address blocks: 156.239.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64719 (0xfccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 15:33:20 2025 GMT
Not After : Dec 13 15:33:20 2027 GMT
Subject: CN=677d4944-0ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c3:85:44:38:e7:ee:47:71:6f:1e:cb:4d:f4:
97:a0:c4:90:93:55:e4:c6:2f:b0:c1:12:97:36:6d:
da:7a:c3:3e:89:55:1c:21:14:5d:fc:41:37:52:7c:
74:25:65:2a:e5:93:c7:b6:d8:7b:91:60:30:f7:02:
ee:dc:4a:81:65:53:ac:5e:20:47:b5:37:ec:66:82:
e1:6f:2d:b4:ba:4c:69:70:34:71:a8:97:28:ae:aa:
be:83:90:be:77:84:82:92:b8:9d:37:c8:dc:24:93:
83:42:38:54:18:ea:15:12:41:20:9f:dc:f3:cc:7f:
5e:51:58:d3:dc:77:38:73:cb:d5:36:46:ec:c3:31:
1a:d8:b3:ea:83:ac:9b:33:3f:11:5b:82:1e:7e:56:
9c:46:f5:13:f9:43:1e:4b:a3:c7:88:81:a4:fb:6f:
bb:02:af:69:07:86:65:5b:1f:71:5b:24:b9:19:3f:
c1:d7:f7:1f:67:4f:92:a4:5a:02:8e:16:4d:07:d0:
15:95:74:07:78:90:cf:43:c0:17:e3:73:de:a8:c3:
55:ff:5e:1f:69:c6:28:f8:07:26:ad:1f:0b:c8:48:
82:19:ae:c6:a8:70:c5:ef:22:ca:c6:32:ca:95:bc:
91:44:46:af:d7:23:91:60:16:ff:96:9a:5b:88:e9:
89:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AF:55:F1:55:B4:81:A6:CE:78:73:19:3E:8E:4F:9F:CF:A7:6E:91
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BB6E100ACD0C11EFA9190579762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.58.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:8f:ef:50:6e:49:d3:be:fb:bf:ed:c4:5a:2c:ba:73:f0:d1:
80:1a:80:05:86:b8:4c:4a:11:a0:f9:a1:a9:1f:97:80:04:08:
5b:19:0d:b6:fa:71:04:58:c7:16:b3:c7:ff:4b:29:ab:33:dc:
43:38:07:3b:47:fa:b8:10:70:b8:cd:82:77:aa:33:2d:28:51:
15:3f:b6:7f:28:25:c0:00:db:8e:96:4b:d0:ac:47:3e:81:1c:
a4:71:15:df:64:e8:bb:3e:ab:e1:0f:0c:cb:52:de:fc:79:4d:
5b:f6:f5:f6:8c:a0:ad:2d:ce:fd:86:64:fa:2d:89:64:25:72:
a9:05:e1:ba:1c:34:aa:0e:e9:25:0d:8b:9e:9d:a4:f6:5e:11:
bd:cb:e5:b2:62:2d:e7:3a:73:1d:37:b3:fe:e5:7d:44:71:3f:
bf:df:81:67:19:82:d5:ac:d4:17:45:bc:9f:55:d6:fe:cf:2d:
34:f8:df:92:05:ca:f0:72:e4:57:24:09:ad:9f:9a:c4:37:21:
85:42:bd:fc:d7:0e:cf:24:44:29:12:7b:c9:95:29:47:44:16:
28:f4:43:b6:25:cf:2d:3f:7d:d7:ce:87:3e:6d:59:e7:e8:38:
46:a3:42:f0:bc:86:c5:17:fb:38:96:63:40:e1:7a:14:fa:21:
2c:3c:15:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPzPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTUzMzIwWhcNMjcxMjEzMTUzMzIwWjAYMRYw
FAYDVQQDEw02NzdkNDk0NC0wZWE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAosOFRDjn7kdxbx7LTfSXoMSQk1Xkxi+wwRKXNm3aesM+iVUcIRRd/EE3
Unx0JWUq5ZPHtth7kWAw9wLu3EqBZVOsXiBHtTfsZoLhby20ukxpcDRxqJcorqq+
g5C+d4SCkridN8jcJJODQjhUGOoVEkEgn9zzzH9eUVjT3Hc4c8vVNkbswzEa2LPq
g6ybMz8RW4IeflacRvUT+UMeS6PHiIGk+2+7Aq9pB4ZlWx9xWyS5GT/B1/cfZ0+S
pFoCjhZNB9AVlXQHeJDPQ8AX43PeqMNV/14facYo+AcmrR8LyEiCGa7GqHDF7yLK
xjLKlbyRREav1yORYBb/lppbiOmJRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAKv
VfFVtIGmznhzGT6OT5/Pp26RMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQjZFMTAwQUNEMEMxMUVGQTkxOTA1Nzk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO86MA0GCSqGSIb3DQEBCwUA
A4IBAQChj+9QbknTvvu/7cRaLLpz8NGAGoAFhrhMShGg+aGpH5eABAhbGQ22+nEE
WMcWs8f/SymrM9xDOAc7R/q4EHC4zYJ3qjMtKFEVP7Z/KCXAANuOlkvQrEc+gRyk
cRXfZOi7PqvhDwzLUt78eU1b9vX2jKCtLc79hmT6LYlkJXKpBeG6HDSqDuklDYue
naT2XhG9y+WyYi3nOnMdN7P+5X1EcT+/34FnGYLVrNQXRbyfVdb+zy00+N+SBcrw
cuRXJAmtn5rENyGFQr381w7PJEQpEnvJlSlHRBYo9EO2Jc8tP33Xzoc+bVnn6DhG
o0LwvIbFF/s4lmNA4XoU+iEsPBX/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:38 2025 by rpki-client