Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE5192C8CDCB11EFBF629A44762E951A.roa
File: BE5192C8CDCB11EFBF629A44762E951A.roa (raw, json)
Hash identifier: SHtBq20badTOkA/7D/5tP7r2p+ss/w5qak1l9F8f/4c=
Subject key identifier: C7:88:9E:43:8F:FE:4C:2B:50:0C:49:95:98:8F:10:D6:A2:75:F8:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0101E2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE5192C8CDCB11EFBF629A44762E951A.roa
Signing time: Wed 08 Jan 2025 14:20:43 +0000
ROA not before: Wed 08 Jan 2025 14:20:39 +0000
ROA not after: Tue 28 Dec 2027 14:20:39 +0000
asID: 17561
IP address blocks: 156.255.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66018 (0x101e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 14:20:39 2025 GMT
Not After : Dec 28 14:20:39 2027 GMT
Subject: CN=677e89bb-1c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f7:c2:ec:14:90:49:72:72:23:aa:19:3f:16:
79:8c:0b:a5:9e:6a:38:af:42:4c:ae:78:07:15:44:
19:80:0e:5c:f5:3d:c4:a6:0b:43:df:8c:97:78:d2:
0d:41:2a:d5:e7:c3:95:f0:3a:c6:96:ba:42:3a:ca:
27:b3:72:2d:6c:31:fa:5a:5c:59:04:55:63:1f:a7:
f4:1c:1c:cb:10:23:53:8f:96:6b:f8:d3:65:d6:b9:
c3:d0:60:e8:61:17:fb:8c:8d:e1:8e:bf:6d:21:dc:
ae:06:99:2d:d7:79:c1:b8:67:1a:41:08:94:d2:7b:
e3:c8:b2:c0:44:60:38:7c:8e:de:24:0e:94:49:35:
e7:88:7c:2d:c9:3a:ef:a6:f8:88:5f:35:69:8b:04:
0d:14:86:05:a4:58:75:5c:68:2e:6c:5f:a3:3b:be:
5b:2b:ee:08:3a:4a:1e:81:ba:3f:60:3f:3e:1f:a7:
9a:d9:f8:21:c5:e9:4a:ab:e0:28:1d:96:94:ce:51:
bf:91:a0:73:01:f6:96:19:b0:31:f6:66:46:ab:9c:
b8:6d:aa:4f:6e:cb:5b:54:e3:58:07:b8:31:4a:b5:
6f:47:f7:03:02:ed:bd:e2:ef:57:6f:cc:9c:1b:bf:
d1:6a:a2:16:d2:f4:21:14:26:e5:37:fa:99:a6:41:
43:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:88:9E:43:8F:FE:4C:2B:50:0C:49:95:98:8F:10:D6:A2:75:F8:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE5192C8CDCB11EFBF629A44762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.57.0/24
Signature Algorithm: sha256WithRSAEncryption
74:d0:bf:02:a0:15:22:b7:9a:f6:26:79:77:61:32:4c:90:20:
d4:d5:a6:f2:58:30:43:3b:8f:8b:01:b6:86:48:5d:60:b2:dc:
52:b3:54:94:88:c8:91:3c:40:47:5c:e8:d5:8e:b5:b2:c8:8c:
22:79:43:25:ad:d4:1d:70:b3:15:24:d4:7a:00:75:56:9f:8c:
2a:20:c5:3a:37:61:76:d5:93:38:25:3e:23:3a:ed:45:e0:42:
25:be:35:d8:78:f7:ea:16:bf:a6:89:0b:6e:a2:7a:3b:d8:b1:
85:c4:7f:da:e1:4f:1d:75:7b:c7:68:6a:92:9c:2f:ba:ed:12:
1f:08:e3:0d:7a:c1:49:ba:c3:af:0f:2d:1d:56:89:03:f0:c6:
54:36:1f:17:ef:84:f8:8c:48:c2:46:99:ac:0e:0f:94:ff:10:
09:62:e6:37:9f:98:c0:06:cb:8d:26:47:07:87:c4:0b:25:bd:
ef:7f:6a:47:7f:67:05:81:d3:f3:4b:73:3d:ca:23:3c:4e:23:
41:66:e5:dd:1b:be:df:b0:72:65:55:48:e4:00:44:3a:94:94:
28:df:4d:0b:16:ba:6a:3b:b5:82:9f:c3:2f:09:cc:04:ac:bb:
83:f4:b2:c0:de:d7:28:64:ba:13:53:7d:b4:4f:a0:df:3d:28:
ae:ec:ca:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQHiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTQyMDM5WhcNMjcxMjI4MTQyMDM5WjAYMRYw
FAYDVQQDEw02NzdlODliYi0xYzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo/fC7BSQSXJyI6oZPxZ5jAulnmo4r0JMrngHFUQZgA5c9T3EpgtD34yX
eNINQSrV58OV8DrGlrpCOsons3ItbDH6WlxZBFVjH6f0HBzLECNTj5Zr+NNl1rnD
0GDoYRf7jI3hjr9tIdyuBpkt13nBuGcaQQiU0nvjyLLARGA4fI7eJA6USTXniHwt
yTrvpviIXzVpiwQNFIYFpFh1XGgubF+jO75bK+4IOkoegbo/YD8+H6ea2fghxelK
q+AoHZaUzlG/kaBzAfaWGbAx9mZGq5y4bapPbstbVONYB7gxSrVvR/cDAu294u9X
b8ycG7/RaqIW0vQhFCblN/qZpkFDLQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMeI
nkOP/kwrUAxJlZiPENaidfheMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTUxOTJDOENEQ0IxMUVGQkY2MjlBNDQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP85MA0GCSqGSIb3DQEBCwUA
A4IBAQB00L8CoBUit5r2Jnl3YTJMkCDU1abyWDBDO4+LAbaGSF1gstxSs1SUiMiR
PEBHXOjVjrWyyIwieUMlrdQdcLMVJNR6AHVWn4wqIMU6N2F21ZM4JT4jOu1F4EIl
vjXYePfqFr+miQtuono72LGFxH/a4U8ddXvHaGqSnC+67RIfCOMNesFJusOvDy0d
VokD8MZUNh8X74T4jEjCRpmsDg+U/xAJYuY3n5jABsuNJkcHh8QLJb3vf2pHf2cF
gdPzS3M9yiM8TiNBZuXdG77fsHJlVUjkAEQ6lJQo300LFrpqO7WCn8MvCcwErLuD
9LLA3tcoZLoTU320T6DfPSiu7Mq4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:54:06 2025 by rpki-client