Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFD0C77CCE4311EFA13F4949762E951A.roa
File: BFD0C77CCE4311EFA13F4949762E951A.roa (raw, json)
Hash identifier: 8rMKfBJ3XDoY85/D1+zWFTPemqbDPQL5YPkEUU8N2FM=
Subject key identifier: 0C:0A:2C:FA:22:EC:39:58:0D:9E:76:73:2E:AA:1A:CF:35:D8:D3:71
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010285
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFD0C77CCE4311EFA13F4949762E951A.roa
Signing time: Thu 09 Jan 2025 04:39:45 +0000
ROA not before: Thu 09 Jan 2025 04:39:41 +0000
ROA not after: Fri 09 Jan 2026 04:39:41 +0000
asID: 17561
IP address blocks: 156.245.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66181 (0x10285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 04:39:41 2025 GMT
Not After : Jan 9 04:39:41 2026 GMT
Subject: CN=677f5311-85bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:9a:bd:bf:b1:2b:b5:34:bb:3f:a4:32:e5:
85:e9:bd:8e:90:ae:72:68:50:d6:99:d7:b4:1e:52:
8b:38:26:b6:69:d3:cd:e1:d7:d4:e8:72:5e:f8:5c:
9d:cc:7d:e1:fe:e4:c6:86:d2:b0:ac:e1:dc:ad:ee:
e1:5a:98:d1:8b:fa:59:55:82:50:0d:14:48:12:ce:
45:71:ff:c7:3a:4e:3d:88:ad:a9:d1:f7:f0:5d:58:
c0:eb:4a:2f:3f:23:19:cc:58:9c:38:00:40:73:b8:
48:8d:c5:b7:bf:71:48:5b:81:d1:83:82:6d:84:a6:
79:ff:77:7b:85:71:57:91:3e:c0:7f:35:a0:c5:5c:
db:8c:87:7e:0f:df:6d:7e:e8:c6:45:97:a8:bb:ce:
61:28:8f:23:8e:e9:85:65:9c:10:1d:55:41:2f:8c:
99:fa:7f:c0:4b:57:66:13:b3:07:76:88:68:8b:95:
4a:d8:8e:d6:4a:75:b5:b4:89:0e:cd:ad:82:ad:8e:
49:dd:ba:d4:53:12:79:6d:01:8a:08:18:c4:e5:5e:
8c:8d:0d:bf:6e:2d:b9:73:16:cd:ee:70:9a:1d:9b:
18:0b:b8:43:58:cc:b1:7a:e2:be:cd:f1:d5:91:6c:
61:38:17:94:22:92:dc:2a:68:00:b7:9a:42:b0:c7:
0b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0A:2C:FA:22:EC:39:58:0D:9E:76:73:2E:AA:1A:CF:35:D8:D3:71
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BFD0C77CCE4311EFA13F4949762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.118.0/24
Signature Algorithm: sha256WithRSAEncryption
58:bb:a0:b3:70:b4:7f:e3:f1:82:69:7e:0d:ec:7a:96:a2:3d:
a2:24:35:6b:c0:72:11:f9:ee:3b:13:f4:d7:03:d8:4b:57:28:
0a:73:85:86:bb:a4:f1:81:b5:0b:4e:3a:27:12:a6:49:df:a8:
58:89:9e:02:b4:44:40:1a:0d:22:0a:1a:ca:07:26:28:d8:4c:
5d:9c:ca:7e:46:2f:83:00:9e:a8:aa:de:50:80:4c:54:e5:54:
57:7f:ef:98:84:a6:9c:05:bb:4c:30:44:e0:5d:b7:2d:d8:af:
17:fe:ce:74:b6:b9:1d:46:41:9e:11:f4:3b:c9:29:7c:14:8d:
92:c3:85:64:ae:07:9b:98:d4:10:a3:6b:0a:b1:0a:5b:6a:4f:
f5:47:c5:39:98:de:33:8d:39:57:e6:62:e5:22:70:3f:20:2c:
53:d6:b9:72:02:5a:bb:f1:74:e5:8b:f3:b7:37:a2:7e:b8:4a:
37:2c:dd:c8:f1:33:d4:89:fe:76:cd:51:9d:2a:8d:41:f6:f3:
b5:5a:13:a6:2e:09:5b:41:9d:41:28:49:25:18:1f:0e:0d:07:
d4:a3:62:80:57:bc:f2:33:29:d5:f1:bd:7e:5a:87:f5:c0:1e:
b7:1b:11:c1:44:84:81:c0:5a:c6:a4:b1:f0:62:50:af:4f:38:
24:77:9b:52
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDQzOTQxWhcNMjYwMTA5MDQzOTQxWjAYMRYw
FAYDVQQDEw02NzdmNTMxMS04NWJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmD6avb+xK7U0uz+kMuWF6b2OkK5yaFDWmde0HlKLOCa2adPN4dfU6HJe
+FydzH3h/uTGhtKwrOHcre7hWpjRi/pZVYJQDRRIEs5Fcf/HOk49iK2p0ffwXVjA
60ovPyMZzFicOABAc7hIjcW3v3FIW4HRg4JthKZ5/3d7hXFXkT7AfzWgxVzbjId+
D99tfujGRZeou85hKI8jjumFZZwQHVVBL4yZ+n/AS1dmE7MHdohoi5VK2I7WSnW1
tIkOza2CrY5J3brUUxJ5bQGKCBjE5V6MjQ2/bi25cxbN7nCaHZsYC7hDWMyxeuK+
zfHVkWxhOBeUIpLcKmgAt5pCsMcLzwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAwK
LPoi7DlYDZ52cy6qGs812NNxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRkQwQzc3Q0NFNDMxMUVGQTEzRjQ5NDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPV2MA0GCSqGSIb3DQEBCwUA
A4IBAQBYu6CzcLR/4/GCaX4N7HqWoj2iJDVrwHIR+e47E/TXA9hLVygKc4WGu6Tx
gbULTjonEqZJ36hYiZ4CtERAGg0iChrKByYo2ExdnMp+Ri+DAJ6oqt5QgExU5VRX
f++YhKacBbtMMETgXbct2K8X/s50trkdRkGeEfQ7ySl8FI2Sw4VkrgebmNQQo2sK
sQpbak/1R8U5mN4zjTlX5mLlInA/ICxT1rlyAlq78XTli/O3N6J+uEo3LN3I8TPU
if52zVGdKo1B9vO1WhOmLglbQZ1BKEklGB8ODQfUo2KAV7zyMynV8b1+Wof1wB63
GxHBRISBwFrGpLHwYlCvTzgkd5tS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:25 2025 by rpki-client