Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF121032D31311EFA15BF746762E951A.roa
File: BF121032D31311EFA15BF746762E951A.roa (raw, json)
Hash identifier: IHTm+1A1iQGOewlqAz7l6hSsKrKtCA+MdObrJGP0NRs=
Subject key identifier: 2F:3E:2F:64:9B:FF:A0:41:2F:76:3D:FF:50:C5:D7:21:8E:7E:A3:B2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01085D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF121032D31311EFA15BF746762E951A.roa
Signing time: Wed 15 Jan 2025 07:38:44 +0000
ROA not before: Wed 15 Jan 2025 07:38:40 +0000
ROA not after: Mon 03 Jan 2028 07:38:40 +0000
asID: 17561
IP address blocks: 156.254.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67677 (0x1085d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 07:38:40 2025 GMT
Not After : Jan 3 07:38:40 2028 GMT
Subject: CN=67876603-ec91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ec:ca:74:1b:1a:dc:61:da:a4:6f:65:35:50:
cb:4a:09:8c:06:1d:97:29:d8:96:bc:fd:02:55:73:
8d:38:a9:b3:ec:5a:2a:bb:63:7b:af:3a:b2:e5:20:
0c:e1:7a:80:b0:3f:45:9d:07:71:2b:68:e9:ee:47:
5b:52:a8:40:ca:ae:93:a7:71:db:2e:f0:c7:ff:05:
30:a5:ff:8d:10:28:4d:98:84:cd:08:2e:3b:c7:5f:
16:15:3f:b4:1a:22:1b:5e:99:43:ec:f9:e6:88:44:
ec:e5:ea:30:cc:17:72:a1:f4:df:60:c9:0f:57:39:
52:22:4a:a2:3d:46:cb:13:92:3b:f5:b8:ac:e1:ac:
d7:0d:b1:3a:50:0c:98:0f:5f:74:88:c7:b2:b1:c6:
4d:7b:e4:e1:ca:ca:91:33:61:d0:1a:90:19:1c:43:
99:7f:cd:c1:82:60:d5:1b:cc:c4:8d:b1:ff:b6:95:
2f:00:b3:0b:a6:51:1a:a2:45:dd:25:f1:5f:6f:d5:
db:4f:7e:ce:de:31:de:ab:ba:19:98:34:91:8f:71:
e7:93:a4:7e:b6:ac:c7:47:4a:64:64:54:c9:18:07:
05:56:71:df:dc:a0:b9:aa:91:47:55:5d:cf:15:57:
25:11:0c:fa:d9:6c:db:0f:59:54:6b:91:e5:60:04:
59:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3E:2F:64:9B:FF:A0:41:2F:76:3D:FF:50:C5:D7:21:8E:7E:A3:B2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF121032D31311EFA15BF746762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.68.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b9:b9:8b:5c:54:a1:6c:d5:49:c5:0c:a4:bc:8a:db:65:75:
e4:76:93:5d:d7:4e:ed:a6:a3:48:0b:76:b9:72:1c:b8:0f:0a:
27:ec:28:63:21:3a:9a:43:62:b7:76:72:7b:82:90:cb:9e:07:
40:e2:32:1a:6d:5f:ee:d3:7d:a5:8b:a3:43:78:09:be:9e:f5:
cf:fc:b2:05:5f:6a:0e:aa:6f:6f:ee:b3:e7:62:7d:95:97:02:
02:f1:c4:f5:a3:45:13:76:5c:31:ef:13:b4:35:0a:25:2e:e5:
25:70:bc:e9:d0:41:88:a0:81:da:0a:99:f1:d7:73:ae:a2:1e:
26:3b:a9:73:1a:ea:7d:a8:e8:af:34:2a:a9:4c:5a:24:59:3e:
dc:5b:72:c8:2f:82:0d:82:08:2f:10:0f:85:11:3d:2f:63:a4:
51:ad:9b:e5:4c:b8:2e:35:4b:8f:f6:c5:3f:c2:c0:61:5f:c6:
5a:b5:08:15:c7:46:0b:e4:b7:cc:4c:dd:54:bf:4a:f3:54:4b:
b6:70:30:d8:fc:37:77:cb:35:be:38:a2:94:7b:b4:c1:03:18:
7d:26:57:23:60:d9:75:bd:3b:36:c3:d5:43:78:f6:c1:dc:45:
a6:bc:ba:c8:5f:77:27:d0:a9:f9:7a:70:7d:14:08:43:12:2b:
32:e1:aa:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQhdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDczODQwWhcNMjgwMTAzMDczODQwWjAYMRYw
FAYDVQQDEw02Nzg3NjYwMy1lYzkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA2+zKdBsa3GHapG9lNVDLSgmMBh2XKdiWvP0CVXONOKmz7Foqu2N7rzqy
5SAM4XqAsD9FnQdxK2jp7kdbUqhAyq6Tp3HbLvDH/wUwpf+NEChNmITNCC47x18W
FT+0GiIbXplD7PnmiETs5eowzBdyofTfYMkPVzlSIkqiPUbLE5I79bis4azXDbE6
UAyYD190iMeyscZNe+ThysqRM2HQGpAZHEOZf83BgmDVG8zEjbH/tpUvALMLplEa
okXdJfFfb9XbT37O3jHeq7oZmDSRj3Hnk6R+tqzHR0pkZFTJGAcFVnHf3KC5qpFH
VV3PFVclEQz62WzbD1lUa5HlYARZewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFC8+
L2Sb/6BBL3Y9/1DF1yGOfqOyMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjEyMTAzMkQzMTMxMUVGQTE1QkY3NDY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP5EMA0GCSqGSIb3DQEBCwUA
A4IBAQBoubmLXFShbNVJxQykvIrbZXXkdpNd107tpqNIC3a5chy4Dwon7ChjITqa
Q2K3dnJ7gpDLngdA4jIabV/u032li6NDeAm+nvXP/LIFX2oOqm9v7rPnYn2VlwIC
8cT1o0UTdlwx7xO0NQolLuUlcLzp0EGIoIHaCpnx13Ouoh4mO6lzGup9qOivNCqp
TFokWT7cW3LIL4INgggvEA+FET0vY6RRrZvlTLguNUuP9sU/wsBhX8ZatQgVx0YL
5LfMTN1Uv0rzVEu2cDDY/Dd3yzW+OKKUe7TBAxh9JlcjYNl1vTs2w9VDePbB3EWm
vLrIX3cn0Kn5enB9FAhDEisy4aoa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:44:57 2025 by rpki-client