Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE714D96CCBA11EFB8D9B073762E951A.roa
File: BE714D96CCBA11EFB8D9B073762E951A.roa (raw, json)
Hash identifier: HmnVYx+hR1r2t5R3TQxYyIChFwZ7rqTe9nA4yKtzDPw=
Subject key identifier: CB:17:D4:7A:58:EF:A6:95:CE:02:9B:F8:A5:95:A5:86:D0:E1:5D:AA
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FA0A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE714D96CCBA11EFB8D9B073762E951A.roa
Signing time: Tue 07 Jan 2025 05:46:30 +0000
ROA not before: Tue 07 Jan 2025 05:46:27 +0000
ROA not after: Mon 13 Dec 2027 05:46:27 +0000
asID: 17561
IP address blocks: 156.233.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64010 (0xfa0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 05:46:27 2025 GMT
Not After : Dec 13 05:46:27 2027 GMT
Subject: CN=677cbfb6-ad96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:04:ee:1b:09:1e:2f:a7:0b:65:74:7c:78:ff:
ec:2c:4a:3e:90:65:a9:9a:f8:8b:a4:78:1e:1f:4b:
ff:32:35:0d:78:06:f0:78:6d:cc:43:18:21:00:fe:
9d:0e:62:22:51:fc:9a:5a:e9:1e:b9:e8:5f:e8:af:
a9:4c:58:45:93:0e:aa:d5:07:c8:c8:44:38:db:08:
eb:53:27:6d:29:32:ba:8a:18:86:d0:5f:5b:07:cb:
9f:6a:92:d9:f7:90:a4:72:3d:36:81:7f:a5:e7:d8:
ca:bc:af:93:f9:18:4a:6d:fe:5b:17:be:20:01:82:
ff:98:a4:ad:22:76:84:95:fd:1e:ec:1c:7f:b4:fb:
76:92:c6:36:28:32:2e:7f:8e:9d:04:87:d7:17:8e:
27:3e:95:2e:de:f5:81:5d:b2:e4:00:69:7a:26:b4:
23:f2:fb:a1:da:4c:40:d0:3d:5a:00:ad:e3:fa:3f:
98:70:e9:28:cc:69:16:a3:b6:c0:15:76:3f:b0:01:
34:2d:fd:96:94:81:86:59:f4:6a:ad:a3:fe:5e:78:
97:cb:02:49:ef:10:2a:0c:1b:88:c6:a1:51:ae:82:
93:2f:11:0a:b9:64:e2:2c:6f:02:da:89:42:48:52:
b8:de:6f:d9:f1:61:f6:41:7c:b9:58:60:b1:15:16:
14:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:17:D4:7A:58:EF:A6:95:CE:02:9B:F8:A5:95:A5:86:D0:E1:5D:AA
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BE714D96CCBA11EFB8D9B073762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.15.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:01:95:b8:c4:f4:e1:74:6f:f6:7e:62:f3:54:73:48:98:2a:
90:9f:8a:58:71:d1:50:e9:24:74:38:c7:de:44:70:54:08:05:
7d:54:31:7f:3d:69:ba:11:5f:2f:ef:cc:32:ec:38:3a:e5:f8:
cd:c0:e1:95:bf:93:28:5b:1c:41:97:c5:24:db:90:09:05:66:
f0:d7:91:d5:16:3f:57:55:80:0c:cb:09:78:24:45:62:65:18:
e9:1f:d9:21:08:83:be:d6:75:ae:ca:c7:b4:a0:99:48:ff:bf:
2a:47:f7:5b:f0:97:d1:8b:aa:71:65:03:0b:1a:8f:fc:ff:0c:
c2:81:d6:33:6f:e4:5f:6e:07:f0:79:b6:51:f4:2b:ef:51:3e:
d9:aa:5c:fa:93:4e:c3:0d:0b:6b:bf:0a:aa:a6:12:45:06:f4:
b9:3b:9a:f1:67:14:8a:da:02:cd:53:2e:15:e3:13:4c:15:8d:
9e:62:90:88:28:85:b6:36:7e:e6:95:73:33:68:b7:ba:99:3f:
2a:40:56:78:f5:24:b9:51:d4:7c:de:fe:05:90:75:7c:9b:08:
0d:ce:9b:08:17:cf:b2:4f:b6:55:d5:6b:71:de:2c:db:b9:09:
8a:cd:bb:64:13:18:8b:f0:61:1b:3f:6a:72:01:fc:5d:34:a4:
74:0f:ec:88
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPoKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDU0NjI3WhcNMjcxMjEzMDU0NjI3WjAYMRYw
FAYDVQQDEw02NzdjYmZiNi1hZDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA7wTuGwkeL6cLZXR8eP/sLEo+kGWpmviLpHgeH0v/MjUNeAbweG3MQxgh
AP6dDmIiUfyaWukeuehf6K+pTFhFkw6q1QfIyEQ42wjrUydtKTK6ihiG0F9bB8uf
apLZ95Ckcj02gX+l59jKvK+T+RhKbf5bF74gAYL/mKStInaElf0e7Bx/tPt2ksY2
KDIuf46dBIfXF44nPpUu3vWBXbLkAGl6JrQj8vuh2kxA0D1aAK3j+j+YcOkozGkW
o7bAFXY/sAE0Lf2WlIGGWfRqraP+XniXywJJ7xAqDBuIxqFRroKTLxEKuWTiLG8C
2olCSFK43m/Z8WH2QXy5WGCxFRYULQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMsX
1HpY76aVzgKb+KWVpYbQ4V2qMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRTcxNEQ5NkNDQkExMUVGQjhEOUIwNzM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOkPMA0GCSqGSIb3DQEBCwUA
A4IBAQAvAZW4xPThdG/2fmLzVHNImCqQn4pYcdFQ6SR0OMfeRHBUCAV9VDF/PWm6
EV8v78wy7Dg65fjNwOGVv5MoWxxBl8Uk25AJBWbw15HVFj9XVYAMywl4JEViZRjp
H9khCIO+1nWuyse0oJlI/78qR/db8JfRi6pxZQMLGo/8/wzCgdYzb+RfbgfwebZR
9CvvUT7Zqlz6k07DDQtrvwqqphJFBvS5O5rxZxSK2gLNUy4V4xNMFY2eYpCIKIW2
Nn7mlXMzaLe6mT8qQFZ49SS5UdR83v4FkHV8mwgNzpsIF8+yT7ZV1Wtx3izbuQmK
zbtkExiL8GEbP2pyAfxdNKR0D+yI
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:35 2025 by rpki-client