Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B6A815EC34611EF8F8A745C762E951A.roa
File: 0B6A815EC34611EF8F8A745C762E951A.roa (raw, json)
Hash identifier: iolkDF0WsULHN2Zr7MUvx50KyMW84NmRn6+kih9BBz8=
Subject key identifier: E8:C9:4D:96:FD:0D:A9:CD:E7:7C:DA:2B:82:C4:82:77:E9:F8:12:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC05
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B6A815EC34611EF8F8A745C762E951A.roa
Signing time: Thu 26 Dec 2024 04:58:28 +0000
ROA not before: Thu 26 Dec 2024 04:58:24 +0000
ROA not after: Fri 10 Dec 2027 04:58:24 +0000
asID: 17561
IP address blocks: 156.244.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60421 (0xec05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:58:24 2024 GMT
Not After : Dec 10 04:58:24 2027 GMT
Subject: CN=676ce274-6a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:c2:85:7d:43:66:34:76:18:98:5c:cb:76:33:
9c:ae:53:6e:6a:5d:94:ca:19:60:fd:9f:72:1d:7c:
72:e9:44:a2:43:16:c9:80:28:fb:f9:73:23:12:86:
89:db:52:f5:1f:d4:55:6f:8a:d7:18:5d:77:3e:bd:
aa:c0:bd:b3:b1:ed:31:60:a3:0a:78:64:30:d0:53:
ee:54:7b:16:5c:75:e4:37:75:5c:97:8f:d5:a0:10:
bb:e8:eb:7d:40:f8:c7:10:18:73:25:9a:32:52:07:
9a:7a:6f:c1:f2:fb:0e:73:49:90:9b:45:91:ff:30:
25:59:b8:a1:c6:58:31:88:92:92:6a:0b:ae:7a:11:
50:b4:fb:3a:71:f6:93:1b:19:21:6c:2b:67:16:ed:
6f:7d:f0:2c:bf:69:d4:4f:48:7b:59:11:ea:a7:86:
ee:9d:de:f8:33:84:b0:d0:2e:6d:d2:4c:74:a9:d5:
9d:1a:2a:45:fe:9d:94:08:bc:76:d4:47:7c:db:77:
82:5e:83:63:cf:2a:3f:e7:c6:39:98:46:3e:21:0c:
a4:dc:ca:cc:cb:01:cc:24:e2:e2:c2:16:c4:ee:20:
49:c0:e4:98:5c:76:c4:8a:31:fd:96:82:10:f2:02:
79:e9:17:42:0e:42:2e:39:fb:a6:9a:e9:a5:f3:b3:
c7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C9:4D:96:FD:0D:A9:CD:E7:7C:DA:2B:82:C4:82:77:E9:F8:12:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0B6A815EC34611EF8F8A745C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.254.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f0:df:6b:e4:b2:f2:6e:43:02:08:78:15:4a:b8:57:62:1f:
31:46:63:6e:9c:aa:43:82:41:8a:a8:60:ec:bf:72:fe:e5:10:
fb:91:3c:ad:08:77:3b:6f:45:b6:88:86:f5:80:64:7e:d8:1d:
9e:b2:cf:7d:65:3f:e1:c6:02:ea:06:93:93:eb:ba:ab:9d:3d:
d1:b7:3b:d5:a1:ea:b2:dc:10:9a:75:1e:8d:f9:90:d7:66:e1:
07:17:00:d6:f6:7d:e8:f6:39:51:e4:74:cb:90:e4:02:7e:bf:
47:54:56:d4:1f:5c:90:ee:f2:c0:fb:34:bb:64:af:97:af:97:
c8:50:66:19:fb:14:4b:e3:36:10:93:28:0a:9f:87:8d:e4:b9:
fb:0c:05:32:26:c6:15:b7:09:48:a7:e7:82:5e:c4:ce:d2:e3:
fc:42:b6:35:5b:b8:4d:77:3b:bb:e3:00:e5:4e:e6:fe:51:cc:
4f:57:ef:bb:f5:56:07:d8:f8:81:d8:83:7e:75:fd:b1:fb:81:
c1:f3:95:3a:ef:04:ee:ee:e4:db:92:c5:94:df:cd:e7:f0:76:
d3:4e:89:e8:0d:f2:ee:29:95:e7:08:5b:a6:f8:f8:6c:5b:08:
89:22:57:26:7d:eb:c6:aa:cc:ac:17:38:f8:9c:fd:61:52:67:
9a:bb:f7:1b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwFMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ1ODI0WhcNMjcxMjEwMDQ1ODI0WjAYMRYw
FAYDVQQDEw02NzZjZTI3NC02YTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA98KFfUNmNHYYmFzLdjOcrlNual2Uyhlg/Z9yHXxy6USiQxbJgCj7+XMj
EoaJ21L1H9RVb4rXGF13Pr2qwL2zse0xYKMKeGQw0FPuVHsWXHXkN3Vcl4/VoBC7
6Ot9QPjHEBhzJZoyUgeaem/B8vsOc0mQm0WR/zAlWbihxlgxiJKSaguuehFQtPs6
cfaTGxkhbCtnFu1vffAsv2nUT0h7WRHqp4bund74M4Sw0C5t0kx0qdWdGipF/p2U
CLx21Ed823eCXoNjzyo/58Y5mEY+IQyk3MrMywHMJOLiwhbE7iBJwOSYXHbEijH9
loIQ8gJ56RdCDkIuOfummuml87PHiQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOjJ
TZb9DanN53zaK4LEgnfp+BKNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQjZBODE1RUMzNDYxMUVGOEY4QTc0NUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPT+MA0GCSqGSIb3DQEBCwUA
A4IBAQCQ8N9r5LLybkMCCHgVSrhXYh8xRmNunKpDgkGKqGDsv3L+5RD7kTytCHc7
b0W2iIb1gGR+2B2ess99ZT/hxgLqBpOT67qrnT3RtzvVoeqy3BCadR6N+ZDXZuEH
FwDW9n3o9jlR5HTLkOQCfr9HVFbUH1yQ7vLA+zS7ZK+Xr5fIUGYZ+xRL4zYQkygK
n4eN5Ln7DAUyJsYVtwlIp+eCXsTO0uP8QrY1W7hNdzu74wDlTub+UcxPV++79VYH
2PiB2IN+df2x+4HB85U67wTu7uTbksWU383n8HbTTonoDfLuKZXnCFum+PhsWwiJ
IlcmfevGqsysFzj4nP1hUmeau/cb
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:59 2025 by rpki-client