Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD30E244C28711EFA8ECC9A3762E951A.roa
File: BD30E244C28711EFA8ECC9A3762E951A.roa (raw, json)
Hash identifier: PnKklZXmk1uyWB7sLOjkqa5AwlhoLRXR8DZcu68mUiw=
Subject key identifier: 3A:1D:69:D7:D4:AD:2A:31:88:BA:DF:EB:C7:75:5C:74:D5:69:0E:81
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E93B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD30E244C28711EFA8ECC9A3762E951A.roa
Signing time: Wed 25 Dec 2024 06:16:12 +0000
ROA not before: Wed 25 Dec 2024 06:16:08 +0000
ROA not after: Wed 10 Dec 2025 06:16:08 +0000
asID: 984
IP address blocks: 156.228.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59707 (0xe93b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 06:16:08 2024 GMT
Not After : Dec 10 06:16:08 2025 GMT
Subject: CN=676ba32c-54c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:72:73:0a:58:01:21:ad:1c:6a:d9:2f:30:4e:
9b:9c:ce:9e:60:04:9c:b7:df:8d:ab:53:35:64:c1:
33:e2:71:dc:65:a5:51:dd:cf:fe:be:d5:58:13:14:
4d:88:02:60:cb:a9:53:9c:3b:19:7f:3a:a0:a6:c6:
ae:18:c5:0e:5e:fe:cf:43:b0:67:b6:f6:77:ae:09:
43:00:27:ac:a4:31:68:f6:88:00:b7:8f:8c:cd:76:
e6:e4:2d:0d:7f:04:e5:6c:35:75:51:d2:95:0e:2a:
e0:e3:63:53:3e:d6:d7:d4:6b:1a:3b:01:9b:09:99:
44:c6:6f:3d:d3:2e:a2:8b:03:1f:7e:7f:1c:9d:c1:
c2:fe:fa:0a:b3:14:73:a9:00:02:8b:7a:43:9e:ea:
66:aa:52:ac:fc:17:28:82:02:24:a3:27:a4:47:42:
70:fb:52:29:a5:06:e0:9f:00:ef:2b:91:ff:4e:7b:
ea:b1:94:5f:87:c9:9d:59:d2:18:32:58:64:3d:32:
91:b4:61:b1:b9:dc:f2:eb:6b:56:ea:0d:43:9d:a6:
39:b5:95:6b:17:a9:62:70:e3:d7:e8:a8:48:a2:71:
8e:80:81:d8:fe:f8:c8:8d:2c:9b:f8:0e:4c:f3:dc:
95:3c:d7:d6:3e:55:65:45:48:71:62:6e:f7:91:33:
5e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1D:69:D7:D4:AD:2A:31:88:BA:DF:EB:C7:75:5C:74:D5:69:0E:81
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD30E244C28711EFA8ECC9A3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.228.61.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:e6:9b:75:66:dc:3b:ef:3e:6c:67:2b:fa:b2:f4:03:1a:16:
58:9d:26:bc:2d:c4:81:99:9a:3c:6a:31:b2:53:6b:b1:1e:42:
cf:75:02:83:d0:88:94:5f:ff:16:54:42:54:ac:df:5f:29:01:
5c:75:0f:ba:4c:60:2c:bb:d0:6b:18:46:b0:bd:71:d2:72:88:
3b:ed:64:7a:83:e2:f2:af:44:de:8d:0b:b2:97:9e:07:b5:b3:
72:31:8e:00:20:d8:5f:e2:f8:b9:1c:fe:c2:37:6f:a4:0a:97:
48:cf:10:cd:9f:93:a9:67:1c:ac:47:14:9f:93:37:6c:e3:f7:
2b:12:8b:42:d8:8e:f3:d6:0d:13:2c:c0:49:27:4f:56:70:1d:
02:01:ff:bd:e3:6f:ab:2b:1b:b7:6c:46:36:14:13:9d:25:5e:
cd:1d:81:dd:0a:d7:0a:1f:a2:bb:46:a4:84:10:17:44:ca:72:
34:e9:a5:77:0a:d4:1a:c7:9b:87:6c:44:4e:df:c7:7b:c5:3f:
6f:19:a7:5b:7c:fe:39:ed:f8:da:c3:d4:7e:00:c4:9f:df:05:
da:14:98:55:cf:0c:1d:54:0e:d0:9e:0d:94:d4:4c:08:db:fc:
dc:56:92:de:01:c7:6d:0e:f9:06:d4:5b:be:ee:27:b6:f8:11:
10:b2:49:5e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOk7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDYxNjA4WhcNMjUxMjEwMDYxNjA4WjAYMRYw
FAYDVQQDEw02NzZiYTMyYy01NGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA23JzClgBIa0catkvME6bnM6eYASct9+Nq1M1ZMEz4nHcZaVR3c/+vtVY
ExRNiAJgy6lTnDsZfzqgpsauGMUOXv7PQ7BntvZ3rglDACespDFo9ogAt4+MzXbm
5C0NfwTlbDV1UdKVDirg42NTPtbX1GsaOwGbCZlExm890y6iiwMffn8cncHC/voK
sxRzqQACi3pDnupmqlKs/BcoggIkoyekR0Jw+1IppQbgnwDvK5H/TnvqsZRfh8md
WdIYMlhkPTKRtGGxudzy62tW6g1DnaY5tZVrF6licOPX6KhIonGOgIHY/vjIjSyb
+A5M89yVPNfWPlVlRUhxYm73kTNeXwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDod
adfUrSoxiLrf68d1XHTVaQ6BMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRDMwRTI0NEMyODcxMUVGQThFQ0M5QTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOQ9MA0GCSqGSIb3DQEBCwUA
A4IBAQCh5pt1Ztw77z5sZyv6svQDGhZYnSa8LcSBmZo8ajGyU2uxHkLPdQKD0IiU
X/8WVEJUrN9fKQFcdQ+6TGAsu9BrGEawvXHScog77WR6g+Lyr0TejQuyl54HtbNy
MY4AINhf4vi5HP7CN2+kCpdIzxDNn5OpZxysRxSfkzds4/crEotC2I7z1g0TLMBJ
J09WcB0CAf+942+rKxu3bEY2FBOdJV7NHYHdCtcKH6K7RqSEEBdEynI06aV3CtQa
x5uHbERO38d7xT9vGadbfP457fjaw9R+AMSf3wXaFJhVzwwdVA7Qng2U1EwI2/zc
VpLeAcdtDvkG1Fu+7ie2+BEQskle
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:57 2025 by rpki-client