Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/143B1CF0B5FC11EFBA508196762E951A.roa
File: 143B1CF0B5FC11EFBA508196762E951A.roa (raw, json)
Hash identifier: JgfC9+rBdW/4FPD0zyqqpYIjNFjpfN/GTkrfDym1zBE=
Subject key identifier: C5:E4:00:0D:B1:69:57:E6:EA:1A:05:DC:D5:B8:74:29:42:24:38:03
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: E156
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/143B1CF0B5FC11EFBA508196762E951A.roa
Signing time: Mon 09 Dec 2024 07:06:15 +0000
ROA not before: Mon 09 Dec 2024 07:06:11 +0000
ROA not after: Thu 06 Feb 2025 07:06:11 +0000
asID: 149014
IP address blocks: 45.192.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Thu 06 Feb 2025 07:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57686 (0xe156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 9 07:06:11 2024 GMT
Not After : Feb 6 07:06:11 2025 GMT
Subject: CN=675696e7-201e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:61:a1:34:2d:2c:ea:5a:fc:a1:dc:62:2c:28:
71:51:87:68:5d:e9:60:46:7f:57:fc:41:c1:df:30:
d8:17:e7:11:5b:f4:c8:92:73:2c:15:07:ce:31:bb:
e2:e7:27:67:cf:4d:67:30:e1:82:1d:51:cf:ba:43:
12:4d:43:c1:cf:c7:f9:ba:c7:a6:63:f7:f9:5c:ff:
31:5b:40:bc:34:8a:0f:55:65:fd:dc:4c:5f:ef:93:
62:a2:02:4c:7e:3d:a2:d8:d4:72:9c:ff:ad:e0:a7:
35:a8:fa:00:0e:e6:98:15:ea:52:b7:ff:0f:9f:4f:
8e:d8:db:63:10:c6:f6:78:f5:f4:42:77:02:1a:95:
2b:f9:f6:18:6d:f5:fd:5c:e5:bf:48:7b:5f:1a:c3:
b2:21:8b:fb:76:5a:03:f2:d2:9b:6e:cc:28:6e:c7:
9c:95:97:d0:76:35:e0:ea:2a:fa:0e:b2:f6:1d:21:
05:fe:a5:06:3c:6c:78:f1:2b:62:9a:2f:51:46:50:
14:93:b7:77:cb:91:b3:89:53:be:e6:f7:00:83:4a:
8f:33:dc:8c:21:a7:ba:0c:36:d1:53:c5:f9:10:08:
85:23:dd:35:2c:8b:10:bb:e4:81:69:ad:01:88:39:
f8:a5:6a:39:c6:d8:c2:63:e0:69:d1:e6:2a:53:c3:
cd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E4:00:0D:B1:69:57:E6:EA:1A:05:DC:D5:B8:74:29:42:24:38:03
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/143B1CF0B5FC11EFBA508196762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:3e:95:2a:39:23:e9:9e:ce:db:19:8c:38:fb:e9:0a:42:57:
79:9d:2e:0a:88:fd:ad:f9:63:c4:64:42:c0:41:ba:e9:cb:81:
fa:0d:5c:1b:70:05:d1:f8:d9:94:1a:31:e8:a2:fe:10:9f:7e:
d8:12:a4:a9:b1:73:c7:74:af:91:f5:58:7c:31:b5:ac:92:ae:
d5:89:61:c4:c1:4d:51:27:cc:db:ca:42:16:71:d5:86:e2:f4:
c0:3f:3f:b6:e8:df:aa:54:ac:d7:7a:6a:e1:5b:9f:9a:71:d5:
56:da:30:b2:35:f0:8b:2e:ae:35:ec:e9:c6:65:59:da:ff:64:
28:31:2d:a2:25:11:80:75:ce:2e:0e:43:a3:7e:b4:a6:4b:f4:
ee:9b:38:f3:ff:5a:22:f5:05:01:b9:37:e6:0e:e1:20:24:37:
06:c2:13:4d:8b:83:4d:7f:c3:65:9e:39:c3:5e:10:a3:b9:67:
99:12:56:ae:8b:71:64:e0:78:c5:94:04:ff:85:a0:19:f1:54:
f8:e2:75:5f:e3:cf:05:c9:ec:87:52:8d:4e:cc:67:ea:82:9f:
17:48:83:10:ae:96:cd:2b:95:3a:8b:31:3b:b0:15:28:91:d3:
d1:e6:89:ae:c4:ce:e7:a5:56:03:18:4b:3f:2b:19:fd:87:eb:
b5:ed:fd:f3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOFWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA5MDcwNjExWhcNMjUwMjA2MDcwNjExWjAYMRYw
FAYDVQQDEw02NzU2OTZlNy0yMDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1GGhNC0s6lr8odxiLChxUYdoXelgRn9X/EHB3zDYF+cRW/TIknMsFQfO
Mbvi5ydnz01nMOGCHVHPukMSTUPBz8f5usemY/f5XP8xW0C8NIoPVWX93Exf75Ni
ogJMfj2i2NRynP+t4Kc1qPoADuaYFepSt/8Pn0+O2NtjEMb2ePX0QncCGpUr+fYY
bfX9XOW/SHtfGsOyIYv7dloD8tKbbswobseclZfQdjXg6ir6DrL2HSEF/qUGPGx4
8Stimi9RRlAUk7d3y5GziVO+5vcAg0qPM9yMIae6DDbRU8X5EAiFI901LIsQu+SB
aa0BiDn4pWo5xtjCY+Bp0eYqU8PNPwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMXk
AA2xaVfm6hoF3NW4dClCJDgDMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNDNCMUNGMEI1RkMxMUVGQkE1MDgxOTY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcCsMA0GCSqGSIb3DQEBCwUA
A4IBAQCkPpUqOSPpns7bGYw4++kKQld5nS4KiP2t+WPEZELAQbrpy4H6DVwbcAXR
+NmUGjHoov4Qn37YEqSpsXPHdK+R9Vh8MbWskq7ViWHEwU1RJ8zbykIWcdWG4vTA
Pz+26N+qVKzXemrhW5+acdVW2jCyNfCLLq417OnGZVna/2QoMS2iJRGAdc4uDkOj
frSmS/Tumzjz/1oi9QUBuTfmDuEgJDcGwhNNi4NNf8NlnjnDXhCjuWeZElaui3Fk
4HjFlAT/haAZ8VT44nVf488FyeyHUo1OzGfqgp8XSIMQrpbNK5U6izE7sBUokdPR
5omuxM7npVYDGEs/Kxn9h+u17f3z
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:15 2025 by rpki-client