Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEC9B904C99011EFAF81FE64762E951A.roa
File: BEC9B904C99011EFAF81FE64762E951A.roa (raw, json)
Hash identifier: 6pBlQoq7SDFxr94KarKoA2GdHTWbJ7cJp27RJ6/IA3k=
Subject key identifier: 76:70:4C:7C:6F:91:44:61:D0:65:33:6B:61:6B:5F:1B:A4:0B:50:E9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5E1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEC9B904C99011EFAF81FE64762E951A.roa
Signing time: Fri 03 Jan 2025 05:08:19 +0000
ROA not before: Fri 03 Jan 2025 05:08:15 +0000
ROA not after: Sat 13 Dec 2025 05:08:15 +0000
asID: 984
IP address blocks: 156.233.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62945 (0xf5e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 05:08:15 2025 GMT
Not After : Dec 13 05:08:15 2025 GMT
Subject: CN=677770c2-71b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:72:e8:11:38:41:37:3c:2f:14:24:e1:4e:21:
6e:2b:f8:98:35:c3:46:05:68:96:4f:f6:6d:3e:86:
dd:41:2d:85:fa:f7:3f:d0:3b:f6:88:cb:e8:3c:7e:
0c:1f:54:94:1e:9a:8c:53:5e:21:b9:01:a2:4f:28:
1a:17:f9:f0:d1:4a:c4:6d:28:c0:9a:aa:4a:91:99:
71:a5:92:1b:ef:8d:67:56:3b:b6:a1:72:a3:b2:33:
58:a5:64:5d:c8:21:a3:10:3d:54:fc:20:ae:ca:95:
16:58:fa:fb:d6:e0:5d:ce:de:df:e1:33:1e:a7:4a:
23:1c:f5:9b:97:f6:c8:e6:92:66:c9:e2:a1:85:8f:
8e:7e:a5:33:52:e7:08:4f:9b:38:d4:69:d1:29:0d:
ea:90:99:e4:59:8f:cd:b3:80:1b:6d:e5:d6:ba:a6:
8c:69:0c:47:30:6e:48:a6:d0:1d:00:bc:e5:52:61:
e0:a0:94:a5:2f:f6:b0:ff:11:b8:e4:65:e9:46:f9:
1d:71:c1:71:7a:d8:8c:68:d5:46:cb:51:0b:6b:36:
0a:99:ee:a5:c1:e1:21:e4:5e:be:22:54:8c:cc:f2:
f7:73:14:09:1f:c1:72:6e:9c:ed:6d:cb:a9:c8:5b:
2a:e9:c3:9d:03:c6:0a:d3:c4:6f:09:05:4d:c9:d7:
83:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:70:4C:7C:6F:91:44:61:D0:65:33:6B:61:6B:5F:1B:A4:0B:50:E9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BEC9B904C99011EFAF81FE64762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.96.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ad:67:06:c2:1e:ce:25:65:18:6c:c0:bd:72:df:a9:4c:83:
f1:69:23:9f:e0:4e:b8:40:12:e4:80:96:54:83:8b:9a:95:a6:
79:e6:31:29:da:8f:d5:9c:e1:1a:96:ae:90:08:2e:23:87:2a:
a1:5a:ab:00:c2:a9:74:bb:cf:de:af:1b:77:0a:41:9d:62:8f:
9d:0f:0c:cc:69:69:67:69:c6:97:d0:82:27:8f:cd:18:b9:46:
09:20:95:ea:82:de:95:c5:1f:56:d5:78:f3:bb:63:5d:dd:a9:
0b:5a:0c:35:09:fb:41:da:be:d4:9e:15:eb:9f:30:b5:94:3a:
30:67:88:1c:eb:46:c7:c8:62:74:24:09:c8:a3:b9:08:2e:94:
31:c4:56:a8:90:68:a9:7c:50:ea:c3:75:80:44:ee:bd:36:da:
87:43:c5:b5:00:b0:d2:ae:01:1e:26:cc:e8:74:e3:3f:bb:a4:
f8:69:bb:60:63:69:a5:80:83:3b:ff:41:15:cb:29:32:27:ee:
3b:96:06:b4:4f:fb:eb:31:2a:ab:96:81:6a:ac:19:4f:22:a0:
cd:ce:0a:24:a7:ec:95:d6:dd:71:1f:2c:c1:a7:6e:59:ea:e5:
19:d4:e5:58:d8:cf:79:7a:e1:66:48:91:d6:e5:f8:ea:90:d9:
92:c4:4d:a9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXhMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDUwODE1WhcNMjUxMjEzMDUwODE1WjAYMRYw
FAYDVQQDEw02Nzc3NzBjMi03MWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5XLoEThBNzwvFCThTiFuK/iYNcNGBWiWT/ZtPobdQS2F+vc/0Dv2iMvo
PH4MH1SUHpqMU14huQGiTygaF/nw0UrEbSjAmqpKkZlxpZIb741nVju2oXKjsjNY
pWRdyCGjED1U/CCuypUWWPr71uBdzt7f4TMep0ojHPWbl/bI5pJmyeKhhY+OfqUz
UucIT5s41GnRKQ3qkJnkWY/Ns4AbbeXWuqaMaQxHMG5IptAdALzlUmHgoJSlL/aw
/xG45GXpRvkdccFxetiMaNVGy1ELazYKme6lweEh5F6+IlSMzPL3cxQJH8Fybpzt
bcupyFsq6cOdA8YK08RvCQVNydeDQQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHZw
THxvkURh0GUza2FrXxukC1DpMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRUM5QjkwNEM5OTAxMUVGQUY4MUZFNjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOlgMA0GCSqGSIb3DQEBCwUA
A4IBAQAsrWcGwh7OJWUYbMC9ct+pTIPxaSOf4E64QBLkgJZUg4ualaZ55jEp2o/V
nOEalq6QCC4jhyqhWqsAwql0u8/erxt3CkGdYo+dDwzMaWlnacaX0IInj80YuUYJ
IJXqgt6VxR9W1Xjzu2Nd3akLWgw1CftB2r7UnhXrnzC1lDowZ4gc60bHyGJ0JAnI
o7kILpQxxFaokGipfFDqw3WARO69NtqHQ8W1ALDSrgEeJszodOM/u6T4abtgY2ml
gIM7/0EVyykyJ+47lga0T/vrMSqrloFqrBlPIqDNzgokp+yV1t1xHyzBp25Z6uUZ
1OVY2M95euFmSJHW5fjqkNmSxE2p
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:01:02 2025 by rpki-client