Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE06992ACD9F11EFA79C2DAD762E951A.roa
File: BE06992ACD9F11EFA79C2DAD762E951A.roa (raw, json)
Hash identifier: 140WQkF8wum9QWIyV7/jLgyNL/FwbfD2M8/V8Im5M9I=
Subject key identifier: 2E:15:48:E5:FE:06:EF:3B:2C:00:4E:00:16:F2:19:13:BA:8F:9F:B3
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0100C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE06992ACD9F11EFA79C2DAD762E951A.roa
Signing time: Wed 08 Jan 2025 09:05:44 +0000
ROA not before: Wed 08 Jan 2025 09:05:41 +0000
ROA not after: Tue 16 Dec 2025 09:05:41 +0000
asID: 984
IP address blocks: 156.249.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65732 (0x100c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:05:41 2025 GMT
Not After : Dec 16 09:05:41 2025 GMT
Subject: CN=677e3fe8-7ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9b:05:84:0a:27:f3:34:51:f1:3e:76:12:6d:
ca:5f:d7:88:37:cd:2b:b0:8e:e8:0d:08:02:6a:85:
c2:c6:f2:99:39:8a:8b:19:07:df:cf:17:20:93:9c:
5c:1d:c6:ec:9f:64:07:97:9d:59:0a:67:72:5f:b8:
25:04:2d:57:1b:73:bd:26:d5:d7:a8:9e:1e:62:ba:
b4:73:f9:dd:01:f0:b6:fb:aa:b9:df:4b:1e:5c:b7:
92:2c:75:8a:e7:b4:6e:61:db:db:4f:17:e3:fc:73:
47:df:e6:b0:b1:77:28:dc:a1:be:7f:70:c3:79:ac:
2f:39:da:17:3f:e4:7e:e5:84:46:5f:cf:55:a6:ce:
d4:b5:95:76:60:79:85:78:cf:5f:8b:5f:51:32:fa:
07:f5:71:56:6e:08:41:42:28:fb:bd:04:6b:79:96:
88:88:a4:8a:e3:81:5a:6b:1d:64:bb:ad:dc:78:6e:
b0:3a:96:e9:01:28:8e:d6:04:53:97:9f:d7:b0:aa:
62:e6:6b:f7:47:72:0a:be:c8:b2:ba:8b:51:37:a6:
ad:46:a6:d1:42:22:6f:6e:7a:4f:2c:1b:b3:18:a8:
9c:8b:63:11:4b:03:64:50:63:ad:57:0e:b3:34:73:
80:72:f9:fd:e2:a1:c1:45:db:8d:8d:fb:47:aa:6f:
10:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:15:48:E5:FE:06:EF:3B:2C:00:4E:00:16:F2:19:13:BA:8F:9F:B3
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE06992ACD9F11EFA79C2DAD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:fb:06:1c:1b:2c:21:e8:91:fc:48:37:43:d9:0c:30:e9:d1:
1c:ba:36:e3:de:2c:17:46:60:16:66:50:19:fa:0f:be:6e:22:
59:64:37:c1:03:0b:0c:16:f6:2f:f4:ba:28:68:93:b4:82:af:
50:41:d0:d7:a4:95:22:14:b6:b7:ca:9f:70:da:b6:d4:23:ae:
8e:4d:aa:3d:b4:1f:d0:cc:42:ff:7e:17:f8:e3:f1:62:5c:46:
d6:2a:f3:c3:7a:b3:fd:7d:2e:0e:3a:59:a3:58:53:59:26:d8:
9f:23:ee:31:9f:e6:97:76:51:ed:d6:9f:6c:5c:37:8f:b3:1f:
93:26:f0:90:d3:6a:c2:7f:95:0a:d0:58:b6:13:91:73:e6:ae:
72:2a:a5:ef:98:95:e6:b9:b1:b5:72:2f:78:15:c9:c4:c2:b3:
93:6c:c6:f5:47:f9:f3:24:7a:f0:7d:f3:66:18:f9:ac:16:24:
42:32:cf:79:01:de:62:d7:4b:fd:f5:bd:40:8b:78:3c:14:d2:
80:59:15:43:91:0f:79:2a:36:80:75:ad:9e:5d:77:6c:69:74:
36:23:20:0a:05:b7:5f:ba:03:e0:64:c9:ed:3d:29:48:49:fd:
75:54:7e:f6:42:d1:b6:8a:1e:2a:fa:75:38:43:fe:80:a9:8f:
a5:26:56:cb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQDEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkwNTQxWhcNMjUxMjE2MDkwNTQxWjAYMRYw
FAYDVQQDEw02NzdlM2ZlOC03Y2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAspsFhAon8zRR8T52Em3KX9eIN80rsI7oDQgCaoXCxvKZOYqLGQffzxcg
k5xcHcbsn2QHl51ZCmdyX7glBC1XG3O9JtXXqJ4eYrq0c/ndAfC2+6q530seXLeS
LHWK57RuYdvbTxfj/HNH3+awsXco3KG+f3DDeawvOdoXP+R+5YRGX89Vps7UtZV2
YHmFeM9fi19RMvoH9XFWbghBQij7vQRreZaIiKSK44Faax1ku63ceG6wOpbpASiO
1gRTl5/XsKpi5mv3R3IKvsiyuotRN6atRqbRQiJvbnpPLBuzGKici2MRSwNkUGOt
Vw6zNHOAcvn94qHBRduNjftHqm8QaQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC4V
SOX+Bu87LABOABbyGRO6j5+zMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTA2OTkyQUNEOUYxMUVGQTc5QzJEQUQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlsMA0GCSqGSIb3DQEBCwUA
A4IBAQBL+wYcGywh6JH8SDdD2Qww6dEcujbj3iwXRmAWZlAZ+g++biJZZDfBAwsM
FvYv9LooaJO0gq9QQdDXpJUiFLa3yp9w2rbUI66OTao9tB/QzEL/fhf44/FiXEbW
KvPDerP9fS4OOlmjWFNZJtifI+4xn+aXdlHt1p9sXDePsx+TJvCQ02rCf5UK0Fi2
E5Fz5q5yKqXvmJXmubG1ci94FcnEwrOTbMb1R/nzJHrwffNmGPmsFiRCMs95Ad5i
10v99b1Ai3g8FNKAWRVDkQ95KjaAda2eXXdsaXQ2IyAKBbdfugPgZMntPSlISf11
VH72QtG2ih4q+nU4Q/6AqY+lJlbL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:59:46 2025 by rpki-client