Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE54F51CC96111EFA8E66EA3762E951A.roa
File: BE54F51CC96111EFA8E66EA3762E951A.roa (raw, json)
Hash identifier: kzoyEy9y6ZXs2rXtcsV2EBarxVT+svy8ndO6OLqO0GE=
Subject key identifier: 9F:4B:0E:4C:06:A5:55:23:9B:5C:BE:79:34:A0:3C:10:BA:C7:E3:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F466
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE54F51CC96111EFA8E66EA3762E951A.roa
Signing time: Thu 02 Jan 2025 23:31:52 +0000
ROA not before: Thu 02 Jan 2025 23:31:48 +0000
ROA not after: Mon 13 Dec 2027 23:31:48 +0000
asID: 17561
IP address blocks: 156.226.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62566 (0xf466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 23:31:48 2025 GMT
Not After : Dec 13 23:31:48 2027 GMT
Subject: CN=677721e7-440f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fe:62:07:7d:e2:5d:b6:71:b8:67:b7:b4:4d:
14:ce:89:59:45:69:15:f5:a3:b3:b4:a6:a5:be:d7:
95:b4:53:58:22:c4:77:29:32:b3:44:26:d0:a6:65:
be:23:6f:fc:5f:82:d3:da:68:85:4c:0a:ee:1b:dc:
3a:92:70:3d:1b:86:a1:f2:ea:04:64:8a:06:27:c1:
d2:96:ad:1b:5e:a4:d0:f8:42:03:74:0d:e8:c1:d6:
a3:ba:28:c4:cc:68:96:0e:9b:9f:8c:0b:60:4e:1f:
a7:8d:25:3b:e0:e0:04:c5:13:85:e8:f8:55:0d:60:
ed:f6:89:3b:6a:41:bd:3c:61:df:b2:37:1e:8e:e2:
99:0e:8a:2d:b5:34:2c:96:c5:ed:47:3d:e5:65:bc:
3c:7d:f9:2b:e5:93:41:10:cb:8c:36:eb:81:78:7d:
ed:5d:7a:cc:e1:21:1f:39:31:3c:78:d4:98:1c:bb:
f4:bb:2d:31:86:ce:d4:7d:72:3e:08:f7:af:37:25:
e0:43:fe:5c:56:75:97:da:49:78:5d:60:55:86:e2:
43:2f:93:9a:ec:d0:4f:a2:ec:28:74:e3:34:1f:ac:
c3:9c:2e:d1:6d:3e:56:14:fa:5f:09:8d:ac:33:d1:
ea:1e:51:74:49:40:05:d7:49:95:13:37:5d:03:16:
02:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4B:0E:4C:06:A5:55:23:9B:5C:BE:79:34:A0:3C:10:BA:C7:E3:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE54F51CC96111EFA8E66EA3762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.226.229.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:2f:c3:10:5d:7d:94:b6:49:56:e7:0f:49:cb:92:6b:72:7d:
6b:12:a5:fe:d5:b0:66:38:4e:78:91:df:97:32:2e:ca:4e:f1:
d0:ff:2b:06:f0:80:e0:13:5a:36:e7:ce:f6:2e:fe:d3:71:b0:
4c:c5:78:cd:d4:5b:77:cf:58:b8:d3:90:77:c1:ba:5b:6b:bd:
de:d5:07:dc:c4:59:46:c9:41:6a:d9:b0:20:75:7e:91:31:51:
cb:f2:53:03:d7:45:a3:f6:9d:1b:f2:87:65:6b:92:27:30:c7:
4b:05:e9:91:fb:44:71:e7:20:4a:e5:19:9a:41:a4:c1:57:0a:
6d:37:03:fb:b4:6b:00:95:a2:2c:fa:22:d0:95:ce:ae:36:b3:
eb:e8:f9:b6:b0:31:5f:59:02:54:9d:e3:e6:9b:0d:f3:25:36:
7b:eb:1a:39:97:f1:d8:79:bb:ff:1e:73:a8:b6:8e:f9:63:97:
a8:d3:cc:f5:34:6d:ed:fe:0c:bb:70:b3:05:3a:2d:06:ba:04:
6d:d7:a8:e9:cd:9d:66:83:aa:f6:0d:98:7a:17:f6:ef:e5:14:
8d:8f:6f:6e:8b:11:14:24:1c:56:76:47:6d:f7:4e:61:9e:a3:
fa:b3:3d:c5:dc:4e:1a:4b:5c:62:4b:2c:47:59:2c:7e:7a:9c:
0e:ea:bb:fe
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPRmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjMzMTQ4WhcNMjcxMjEzMjMzMTQ4WjAYMRYw
FAYDVQQDEw02Nzc3MjFlNy00NDBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw/5iB33iXbZxuGe3tE0UzolZRWkV9aOztKalvteVtFNYIsR3KTKzRCbQ
pmW+I2/8X4LT2miFTAruG9w6knA9G4ah8uoEZIoGJ8HSlq0bXqTQ+EIDdA3owdaj
uijEzGiWDpufjAtgTh+njSU74OAExROF6PhVDWDt9ok7akG9PGHfsjcejuKZDoot
tTQslsXtRz3lZbw8ffkr5ZNBEMuMNuuBeH3tXXrM4SEfOTE8eNSYHLv0uy0xhs7U
fXI+CPevNyXgQ/5cVnWX2kl4XWBVhuJDL5Oa7NBPouwodOM0H6zDnC7RbT5WFPpf
CY2sM9HqHlF0SUAF10mVEzddAxYCxQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ9L
DkwGpVUjm1y+eTSgPBC6x+NwMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTU0RjUxQ0M5NjExMUVGQThFNjZFQTM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOLlMA0GCSqGSIb3DQEBCwUA
A4IBAQAfL8MQXX2UtklW5w9Jy5Jrcn1rEqX+1bBmOE54kd+XMi7KTvHQ/ysG8IDg
E1o25872Lv7TcbBMxXjN1Ft3z1i405B3wbpba73e1QfcxFlGyUFq2bAgdX6RMVHL
8lMD10Wj9p0b8odla5InMMdLBemR+0Rx5yBK5RmaQaTBVwptNwP7tGsAlaIs+iLQ
lc6uNrPr6Pm2sDFfWQJUnePmmw3zJTZ76xo5l/HYebv/HnOoto75Y5eo08z1NG3t
/gy7cLMFOi0GugRt16jpzZ1mg6r2DZh6F/bv5RSNj29uixEUJBxWdkdt905hnqP6
sz3F3E4aS1xiSyxHWSx+epwO6rv+
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:36:47 2025 by rpki-client