Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BCEAF1D8CD3811EFAD7E918E762E951A.roa
File: BCEAF1D8CD3811EFAD7E918E762E951A.roa (raw, json)
Hash identifier: yz0js9FfTLoWJUMYNiwMtnqC1ObMID9rLxifoynWEMg=
Subject key identifier: EA:26:53:96:2E:B6:47:9C:F2:DB:6C:6D:9D:02:61:6D:87:75:CE:F9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FE2F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BCEAF1D8CD3811EFAD7E918E762E951A.roa
Signing time: Tue 07 Jan 2025 20:48:24 +0000
ROA not before: Tue 07 Jan 2025 20:48:20 +0000
ROA not after: Sat 13 Dec 2025 20:48:20 +0000
asID: 984
IP address blocks: 156.243.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65071 (0xfe2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 20:48:20 2025 GMT
Not After : Dec 13 20:48:20 2025 GMT
Subject: CN=677d9318-b2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b5:6f:4b:c5:d0:d9:a3:4c:07:e9:16:b1:62:
5b:e7:28:7c:07:07:e4:d0:17:89:69:c7:e6:e2:0a:
ef:de:f0:fc:c6:03:a2:f2:ab:b4:e6:d5:48:d0:27:
c0:62:dc:8d:d4:67:2b:ad:04:e3:87:6a:e9:9c:99:
90:3c:36:1d:83:8f:75:48:f7:e7:dc:39:75:8e:de:
9b:d8:72:8d:95:a6:c8:d8:cc:4c:b8:08:35:40:04:
ce:ac:49:34:4f:8f:f2:72:32:46:1b:4b:71:7b:1b:
2f:24:ae:bc:02:2e:bc:cc:73:01:3c:fb:c9:c8:f6:
c7:43:39:65:ef:19:8e:60:be:96:8d:0a:a9:9c:5f:
d0:87:1b:52:a6:8c:5a:ca:31:df:a7:42:8f:53:08:
7f:b8:71:f0:28:5a:68:69:a6:0e:02:31:b5:70:0a:
e5:ad:b8:a2:1b:85:6d:b0:09:87:90:7d:ad:9a:0f:
f7:89:9b:20:e8:76:bb:9b:26:3a:97:a0:7e:e5:66:
4d:64:2e:02:c8:75:cd:7c:26:2e:82:be:00:1a:c9:
13:0a:42:1b:28:f1:cc:a3:13:ac:90:82:d9:d7:63:
c2:ba:3d:7d:25:02:3f:a7:97:0e:f7:3d:83:da:93:
87:91:6b:9d:97:77:8c:84:0c:6b:0d:ec:9b:8d:6d:
80:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:26:53:96:2E:B6:47:9C:F2:DB:6C:6D:9D:02:61:6D:87:75:CE:F9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BCEAF1D8CD3811EFAD7E918E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.64.0/24
Signature Algorithm: sha256WithRSAEncryption
12:58:1f:f6:31:01:34:5c:4f:af:ca:0f:40:06:e0:a3:da:80:
2d:01:4f:a3:86:88:0a:8f:45:ba:ca:4c:f7:10:2b:35:0e:d2:
aa:ef:78:40:1d:ba:f0:f6:59:03:07:0c:f2:98:29:5c:1b:e8:
ca:7f:2f:c7:7f:d6:e6:b0:29:9a:93:9c:2b:ab:1b:3c:cd:98:
7b:20:8f:e3:4a:0e:c3:50:f0:d5:ae:74:31:56:24:6b:da:4e:
31:55:60:85:82:a7:cf:f9:47:0a:af:a2:30:4c:82:56:a8:fb:
f4:42:5d:f3:05:10:f5:9b:9c:da:2c:c5:ab:3e:c5:4f:f0:2e:
29:8a:27:c7:09:f8:8a:b6:62:72:89:5a:8d:13:5a:44:75:ee:
91:d8:1f:c8:e0:60:2d:03:5b:dc:dc:e2:9b:11:93:31:2f:a9:
e8:37:52:c6:70:72:8d:64:f9:2c:4c:ab:c7:ee:01:8a:ba:0a:
be:0e:11:88:92:93:0b:f7:89:17:42:81:cb:3b:9f:e2:25:db:
3b:6c:e6:cb:b8:5b:5b:e2:8a:96:9e:69:40:fb:9a:77:0e:c8:
bf:e4:ae:b4:ba:a1:a4:14:ab:3a:57:e6:f3:54:fb:0a:6b:fd:
db:66:3c:70:6e:b0:b0:a3:90:58:54:6b:50:df:24:60:6a:c5:
bf:3e:b3:48
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP4vMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MjA0ODIwWhcNMjUxMjEzMjA0ODIwWjAYMRYw
FAYDVQQDEw02NzdkOTMxOC1iMmMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxrVvS8XQ2aNMB+kWsWJb5yh8Bwfk0BeJacfm4grv3vD8xgOi8qu05tVI
0CfAYtyN1GcrrQTjh2rpnJmQPDYdg491SPfn3Dl1jt6b2HKNlabI2MxMuAg1QATO
rEk0T4/ycjJGG0txexsvJK68Ai68zHMBPPvJyPbHQzll7xmOYL6WjQqpnF/QhxtS
poxayjHfp0KPUwh/uHHwKFpoaaYOAjG1cArlrbiiG4VtsAmHkH2tmg/3iZsg6Ha7
myY6l6B+5WZNZC4CyHXNfCYugr4AGskTCkIbKPHMoxOskILZ12PCuj19JQI/p5cO
9z2D2pOHkWudl3eMhAxrDeybjW2AxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOom
U5Yutkec8ttsbZ0CYW2Hdc75MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQ0VBRjFEOENEMzgxMUVGQUQ3RTkxOEU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPNAMA0GCSqGSIb3DQEBCwUA
A4IBAQASWB/2MQE0XE+vyg9ABuCj2oAtAU+jhogKj0W6ykz3ECs1DtKq73hAHbrw
9lkDBwzymClcG+jKfy/Hf9bmsCmak5wrqxs8zZh7II/jSg7DUPDVrnQxViRr2k4x
VWCFgqfP+UcKr6IwTIJWqPv0Ql3zBRD1m5zaLMWrPsVP8C4piifHCfiKtmJyiVqN
E1pEde6R2B/I4GAtA1vc3OKbEZMxL6noN1LGcHKNZPksTKvH7gGKugq+DhGIkpML
94kXQoHLO5/iJds7bObLuFtb4oqWnmlA+5p3Dsi/5K60uqGkFKs6V+bzVPsKa/3b
ZjxwbrCwo5BYVGtQ3yRgasW/PrNI
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:54 2025 by rpki-client