Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFB9746ACD1B11EF9C0D5C58762E951A.roa
File: BFB9746ACD1B11EF9C0D5C58762E951A.roa (raw, json)
Hash identifier: DzmvU9bvYTmPt/csogQxpqQbBqBjF4ZGlwlhlkSl3tU=
Subject key identifier: 39:31:63:5D:B7:38:83:6A:38:01:94:24:ED:C0:4F:21:12:25:D9:BC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD49
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFB9746ACD1B11EF9C0D5C58762E951A.roa
Signing time: Tue 07 Jan 2025 17:20:54 +0000
ROA not before: Tue 07 Jan 2025 17:20:50 +0000
ROA not after: Mon 13 Dec 2027 17:20:50 +0000
asID: 17561
IP address blocks: 156.241.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64841 (0xfd49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 17:20:50 2025 GMT
Not After : Dec 13 17:20:50 2027 GMT
Subject: CN=677d6276-81c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:35:73:26:89:a9:77:04:6d:61:53:8b:66:e9:
b1:85:3a:76:e9:b2:d4:24:1e:4f:e0:bd:26:e0:d1:
a2:31:4a:f0:6e:38:d1:a4:1f:2c:69:a8:b6:76:af:
f4:59:4d:43:c4:a5:0f:d7:6a:14:66:f0:bb:65:cb:
61:ad:48:26:a5:61:78:ec:08:89:3f:5b:c9:51:26:
6d:10:93:b3:7f:d9:9a:65:a8:c7:fb:b4:49:10:37:
2e:0b:b6:15:9a:b7:91:c1:84:4e:eb:62:e7:13:95:
9c:85:71:63:5c:9c:6a:e0:f9:72:b3:03:96:51:d4:
d7:11:f6:b1:b3:5f:2e:7b:45:9c:a3:13:57:cf:de:
06:46:cb:87:94:d9:e3:cc:8a:84:0d:d8:2e:9c:a6:
a7:67:bc:a5:be:6d:3f:11:3c:8a:a4:13:c8:30:f2:
b6:3e:bf:d2:7e:d3:dc:a7:40:1c:14:7f:ca:b0:2a:
ed:3f:65:49:c2:d9:dd:ff:e8:58:d0:a9:74:c6:49:
91:aa:f0:72:b9:dc:77:f9:b8:0a:ee:d1:06:92:0b:
c2:9f:af:f8:6f:d6:bc:45:c9:d9:3e:57:6b:07:84:
a9:8b:ae:71:38:37:73:df:ec:ca:69:6a:4a:cf:33:
dd:9a:b3:d1:a1:00:46:f1:ce:5f:2f:a5:a9:d5:e5:
8d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:31:63:5D:B7:38:83:6A:38:01:94:24:ED:C0:4F:21:12:25:D9:BC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFB9746ACD1B11EF9C0D5C58762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.41.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:23:65:96:97:fa:83:ba:84:ef:52:15:c6:b7:2f:1d:78:1a:
36:ce:fc:92:1b:cc:8e:56:23:26:ad:91:7f:c4:9d:35:be:a9:
20:a6:a3:db:21:02:fa:02:25:66:60:9a:c0:60:b6:ad:eb:73:
0f:d3:78:5a:2d:cf:cd:48:6e:89:af:d8:30:2c:da:67:60:cd:
75:7f:c8:25:81:1a:8d:f4:43:90:c6:53:e3:8f:f6:d6:97:88:
40:79:5f:0c:7b:67:62:5d:d6:f4:79:c5:ef:3c:7a:da:d9:11:
b8:dd:bd:66:97:c4:74:60:da:fc:89:da:a8:32:b4:e9:b6:4a:
04:86:30:df:c4:25:bd:fa:48:97:9c:5f:cc:50:36:13:71:c9:
90:9a:ae:c5:e2:80:4e:f2:d2:67:da:20:e1:05:67:44:90:36:
c5:c6:ec:db:d8:d2:3a:81:da:11:cc:72:24:7f:30:cf:c8:43:
2e:7a:0f:ce:ea:4d:72:a1:ee:59:91:5e:79:e7:1a:24:10:a4:
d2:9b:5c:ac:49:51:86:75:35:99:4b:b5:ad:9e:01:88:c2:33:
65:e8:0c:2f:d2:19:a1:2a:4e:90:3a:b3:bd:8b:72:71:19:b9:
93:4c:6a:2f:f8:aa:52:56:f1:2d:d4:09:b9:f8:5b:a8:bd:3a:
16:f0:20:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP1JMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTcyMDUwWhcNMjcxMjEzMTcyMDUwWjAYMRYw
FAYDVQQDEw02NzdkNjI3Ni04MWM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqzVzJompdwRtYVOLZumxhTp26bLUJB5P4L0m4NGiMUrwbjjRpB8saai2
dq/0WU1DxKUP12oUZvC7ZcthrUgmpWF47AiJP1vJUSZtEJOzf9maZajH+7RJEDcu
C7YVmreRwYRO62LnE5WchXFjXJxq4PlyswOWUdTXEfaxs18ue0WcoxNXz94GRsuH
lNnjzIqEDdgunKanZ7ylvm0/ETyKpBPIMPK2Pr/SftPcp0AcFH/KsCrtP2VJwtnd
/+hY0Kl0xkmRqvByudx3+bgK7tEGkgvCn6/4b9a8RcnZPldrB4Spi65xODdz3+zK
aWpKzzPdmrPRoQBG8c5fL6Wp1eWNWwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDkx
Y123OINqOAGUJO3ATyESJdm8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRkI5NzQ2QUNEMUIxMUVGOUMwRDVDNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEpMA0GCSqGSIb3DQEBCwUA
A4IBAQB/I2WWl/qDuoTvUhXGty8deBo2zvySG8yOViMmrZF/xJ01vqkgpqPbIQL6
AiVmYJrAYLat63MP03haLc/NSG6Jr9gwLNpnYM11f8glgRqN9EOQxlPjj/bWl4hA
eV8Me2diXdb0ecXvPHra2RG43b1ml8R0YNr8idqoMrTptkoEhjDfxCW9+kiXnF/M
UDYTccmQmq7F4oBO8tJn2iDhBWdEkDbFxuzb2NI6gdoRzHIkfzDPyEMueg/O6k1y
oe5ZkV555xokEKTSm1ysSVGGdTWZS7WtngGIwjNl6Awv0hmhKk6QOrO9i3JxGbmT
TGov+KpSVvEt1Am5+FuovToW8CCF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:00 2025 by rpki-client