Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC094666CD7411EF99E9BD9F762E951A.roa
File: BC094666CD7411EF99E9BD9F762E951A.roa (raw, json)
Hash identifier: GFC2EBR8QuXhDmowhFlqkdmhLPE9wSFHp+k1uJIQTrg=
Subject key identifier: 8A:84:49:7C:90:84:35:1D:A1:03:3C:D6:88:C4:DD:88:69:64:F9:B0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FFA7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC094666CD7411EF99E9BD9F762E951A.roa
Signing time: Wed 08 Jan 2025 03:57:53 +0000
ROA not before: Wed 08 Jan 2025 03:57:49 +0000
ROA not after: Mon 13 Dec 2027 03:57:49 +0000
asID: 17561
IP address blocks: 156.248.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65447 (0xffa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 03:57:49 2025 GMT
Not After : Dec 13 03:57:49 2027 GMT
Subject: CN=677df7c1-0f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:50:ac:93:7d:3d:df:43:7d:7c:1a:43:e4:
dc:c6:14:82:5b:8d:3e:2c:55:1c:88:37:b9:f0:90:
cb:5c:b2:39:58:9e:3f:c1:ce:63:24:18:fa:61:5e:
b2:c7:f8:ac:a8:32:b5:71:01:34:15:f0:d0:81:80:
f6:7e:a9:cf:5b:d3:1b:59:b2:c4:da:6d:b8:32:d8:
9a:78:84:87:89:84:3b:71:81:b5:38:8e:63:ba:a7:
7a:5f:82:13:53:db:29:57:73:1e:b8:e3:32:be:cd:
18:2b:13:b7:09:c5:b0:56:28:02:24:19:28:18:a3:
34:bb:48:50:b1:fa:61:3c:e5:4a:ae:59:e7:9d:25:
33:95:78:5a:7b:18:96:42:3f:bb:dd:7e:19:52:b0:
fe:06:e3:cf:4c:f7:34:3c:73:d7:6a:f0:9b:13:70:
d5:e7:ef:c3:15:97:78:ec:b9:a6:79:45:6a:74:0d:
b5:3b:b9:11:dc:7d:b1:e2:48:74:fd:26:ac:d2:b3:
74:61:b6:84:c5:63:93:9a:2c:3e:9e:39:68:32:4d:
f3:02:1c:b5:ee:b2:33:93:d9:78:0e:d1:2f:bf:1f:
ac:29:ae:a3:4e:09:f3:15:64:c2:0c:ea:5e:a0:47:
18:47:29:66:87:e0:37:d7:12:c3:bd:4d:37:ed:37:
10:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:84:49:7C:90:84:35:1D:A1:03:3C:D6:88:C4:DD:88:69:64:F9:B0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC094666CD7411EF99E9BD9F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.85.0/24
Signature Algorithm: sha256WithRSAEncryption
98:d7:85:b0:bd:e7:88:14:89:fb:f1:f3:3c:61:cc:6a:6a:6a:
76:14:75:72:6b:e4:08:db:cd:7e:d1:ff:58:ab:90:fd:d4:b5:
3f:81:a9:0f:3c:4c:b7:2c:47:93:53:0f:9c:50:f0:05:e1:05:
50:f9:26:10:47:0c:9c:8c:6e:2e:e3:7a:0a:f5:73:5c:52:48:
12:3c:32:67:af:73:78:7d:6b:b1:4f:c9:46:7a:8e:d4:2d:ed:
12:39:63:44:ee:5c:c4:27:96:e1:d1:4c:5a:a7:72:0c:c3:2a:
ee:cf:38:dd:00:18:44:ee:b2:d0:18:a8:57:21:18:4e:18:38:
aa:55:92:eb:b3:79:45:3e:7e:a7:fa:34:6a:ec:3c:c7:ce:22:
34:95:a8:8f:6f:38:75:6a:d4:4b:f5:d6:c9:7c:d3:2d:97:c0:
bb:38:0a:84:e0:78:5a:28:3e:e1:ad:0e:1b:cf:bb:83:64:fd:
17:a1:d0:4c:b4:22:46:13:63:94:04:28:10:02:39:05:3d:a2:
7b:57:86:68:95:b9:31:0b:27:e3:fb:f7:4e:af:ce:5a:6e:a2:
08:8a:70:39:66:d5:98:f9:f9:7f:48:11:8b:06:ee:ed:12:e4:
fb:37:91:e8:d3:13:e0:57:8c:9f:b4:7e:8f:44:06:1b:20:f3:
e4:b2:2b:a2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP+nMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDM1NzQ5WhcNMjcxMjEzMDM1NzQ5WjAYMRYw
FAYDVQQDEw02NzdkZjdjMS0wZjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqWhQrJN9Pd9DfXwaQ+TcxhSCW40+LFUciDe58JDLXLI5WJ4/wc5jJBj6
YV6yx/isqDK1cQE0FfDQgYD2fqnPW9MbWbLE2m24MtiaeISHiYQ7cYG1OI5juqd6
X4ITU9spV3MeuOMyvs0YKxO3CcWwVigCJBkoGKM0u0hQsfphPOVKrlnnnSUzlXha
exiWQj+73X4ZUrD+BuPPTPc0PHPXavCbE3DV5+/DFZd47LmmeUVqdA21O7kR3H2x
4kh0/Sas0rN0YbaExWOTmiw+njloMk3zAhy17rIzk9l4DtEvvx+sKa6jTgnzFWTC
DOpeoEcYRylmh+A31xLDvU037TcQPQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIqE
SXyQhDUdoQM81ojE3YhpZPmwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQzA5NDY2NkNENzQxMUVGOTlFOUJEOUY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPhVMA0GCSqGSIb3DQEBCwUA
A4IBAQCY14WwveeIFIn78fM8Ycxqamp2FHVya+QI281+0f9Yq5D91LU/gakPPEy3
LEeTUw+cUPAF4QVQ+SYQRwycjG4u43oK9XNcUkgSPDJnr3N4fWuxT8lGeo7ULe0S
OWNE7lzEJ5bh0Uxap3IMwyruzzjdABhE7rLQGKhXIRhOGDiqVZLrs3lFPn6n+jRq
7DzHziI0laiPbzh1atRL9dbJfNMtl8C7OAqE4HhaKD7hrQ4bz7uDZP0XodBMtCJG
E2OUBCgQAjkFPaJ7V4ZolbkxCyfj+/dOr85abqIIinA5ZtWY+fl/SBGLBu7tEuT7
N5Ho0xPgV4yftH6PRAYbIPPksiui
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:35 2025 by rpki-client