Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE0138E8C27F11EFA8306972762E951A.roa
File: BE0138E8C27F11EFA8306972762E951A.roa (raw, json)
Hash identifier: oCuejE0sHMkkZmzrWhbW9MOs5MFX7JcXuZiRXIBWhS8=
Subject key identifier: 10:3D:8E:6A:4F:A7:72:42:BE:88:44:16:E3:4C:F6:51:62:26:6A:AB
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E8D9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE0138E8C27F11EFA8306972762E951A.roa
Signing time: Wed 25 Dec 2024 05:18:58 +0000
ROA not before: Wed 25 Dec 2024 05:18:54 +0000
ROA not after: Wed 10 Dec 2025 05:18:54 +0000
asID: 984
IP address blocks: 156.227.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59609 (0xe8d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 25 05:18:54 2024 GMT
Not After : Dec 10 05:18:54 2025 GMT
Subject: CN=676b95c2-36c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ad:b2:d3:b1:89:81:8d:f9:00:ff:cb:df:65:
c0:2f:9b:e9:90:eb:eb:2c:e5:17:cb:bd:f9:1c:21:
c6:ca:9e:cc:9a:fd:77:fd:de:7d:bf:70:29:bd:f9:
ea:7d:f1:f1:0b:39:a2:31:5e:e9:c4:5c:8a:64:35:
bc:59:49:f5:be:57:af:fc:53:0a:c8:ec:48:6a:8a:
d3:33:60:a8:4f:d3:d4:8b:5a:92:eb:06:e6:05:16:
ff:58:ef:63:6b:a9:71:5a:a6:26:ef:9e:fe:6e:cc:
a3:29:2c:75:cf:1e:81:97:d7:ee:e0:c0:79:22:61:
67:fb:b6:ad:9f:ac:51:ed:25:ee:66:15:41:fa:9a:
03:fa:8a:cf:d5:d2:f0:0c:57:3a:48:24:88:c2:99:
21:db:73:e2:cd:01:9c:7f:39:a6:e3:0c:98:41:bb:
48:a2:1a:35:4d:d1:9b:e2:3d:ae:d5:95:3a:5d:c7:
1e:bf:66:89:07:39:74:98:f5:70:1d:e6:bd:47:bb:
80:eb:34:78:fa:1a:0d:f6:e0:f6:e6:ad:a4:4f:6d:
77:92:b7:90:4a:c0:25:59:d7:1d:a3:56:7c:68:93:
52:d1:b1:cd:bd:4f:09:a3:d9:25:2c:9a:c6:b4:e2:
aa:20:07:1c:f6:95:35:0e:0d:d5:d8:96:0e:a7:0e:
18:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:3D:8E:6A:4F:A7:72:42:BE:88:44:16:E3:4C:F6:51:62:26:6A:AB
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE0138E8C27F11EFA8306972762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.190.0/24
Signature Algorithm: sha256WithRSAEncryption
55:c8:df:9f:96:2d:b3:4b:c8:08:59:cf:c8:19:b0:cc:8b:de:
31:2d:da:4d:cb:8d:2f:28:fe:e0:8f:81:44:09:a5:ac:95:93:
c2:ed:19:68:04:38:d9:20:bb:5c:48:f4:7b:49:c9:ee:d4:d4:
ca:3b:b1:42:4c:f8:73:99:ef:78:fa:a2:d8:16:d4:86:e8:a6:
bd:87:3c:b3:60:12:f8:48:4f:75:b9:a1:ca:2d:cf:45:21:fd:
73:67:e1:6a:07:7a:b6:6f:cc:94:e8:2e:b0:3a:05:9d:5b:b7:
75:65:fc:a1:b4:49:02:da:f3:57:4a:c6:08:ad:66:49:6c:bb:
2d:3a:a8:9d:18:e4:9b:cd:04:b4:cd:c3:88:fc:dc:10:df:c4:
d3:a5:93:3b:b5:5d:3c:38:99:28:7d:4e:00:95:e7:78:e8:3b:
73:0a:1c:f7:ae:ef:3c:81:e6:c5:2f:b0:85:f4:59:35:21:b8:
10:c2:03:71:74:a6:b3:43:49:e2:32:ae:22:07:0d:73:a1:ec:
83:1a:78:d9:04:63:9d:be:5f:32:64:64:a2:20:8c:2f:c8:6c:
5b:c4:a8:bd:87:ed:ea:a3:be:e0:58:a6:93:dc:bf:8e:e6:47:
ee:a7:a8:64:d5:74:c5:59:cd:18:93:cf:90:9d:ff:19:98:fc:
ce:0f:00:05
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOjZMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI1MDUxODU0WhcNMjUxMjEwMDUxODU0WjAYMRYw
FAYDVQQDEw02NzZiOTVjMi0zNmMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm62y07GJgY35AP/L32XAL5vpkOvrLOUXy735HCHGyp7Mmv13/d59v3Ap
vfnqffHxCzmiMV7pxFyKZDW8WUn1vlev/FMKyOxIaorTM2CoT9PUi1qS6wbmBRb/
WO9ja6lxWqYm757+bsyjKSx1zx6Bl9fu4MB5ImFn+7atn6xR7SXuZhVB+poD+orP
1dLwDFc6SCSIwpkh23PizQGcfzmm4wyYQbtIoho1TdGb4j2u1ZU6Xccev2aJBzl0
mPVwHea9R7uA6zR4+hoN9uD25q2kT213kreQSsAlWdcdo1Z8aJNS0bHNvU8Jo9kl
LJrGtOKqIAcc9pU1Dg3V2JYOpw4YVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBA9
jmpPp3JCvohEFuNM9lFiJmqrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTAxMzhFOEMyN0YxMUVGQTgzMDY5NzI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOO+MA0GCSqGSIb3DQEBCwUA
A4IBAQBVyN+fli2zS8gIWc/IGbDMi94xLdpNy40vKP7gj4FECaWslZPC7RloBDjZ
ILtcSPR7Scnu1NTKO7FCTPhzme94+qLYFtSG6Ka9hzyzYBL4SE91uaHKLc9FIf1z
Z+FqB3q2b8yU6C6wOgWdW7d1ZfyhtEkC2vNXSsYIrWZJbLstOqidGOSbzQS0zcOI
/NwQ38TTpZM7tV08OJkofU4Aled46DtzChz3ru88gebFL7CF9Fk1IbgQwgNxdKaz
Q0niMq4iBw1zoeyDGnjZBGOdvl8yZGSiIIwvyGxbxKi9h+3qo77gWKaT3L+O5kfu
p6hk1XTFWc0Yk8+Qnf8ZmPzODwAF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:47 2025 by rpki-client