Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/149ED114CE3E11EFAE2601A5762E951A.roa
File: 149ED114CE3E11EFAE2601A5762E951A.roa (raw, json)
Hash identifier: BtrvPeBqgvxsrYqqorYV1vblEtR57YAOPuACtGPOlyA=
Subject key identifier: 12:0D:7F:75:6E:B2:B4:27:FD:8E:D1:BA:AA:3A:8A:12:F3:88:E7:4C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01025B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/149ED114CE3E11EFAE2601A5762E951A.roa
Signing time: Thu 09 Jan 2025 03:59:10 +0000
ROA not before: Thu 09 Jan 2025 03:59:07 +0000
ROA not after: Fri 09 Jan 2026 03:59:07 +0000
asID: 17561
IP address blocks: 156.245.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66139 (0x1025b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 03:59:07 2025 GMT
Not After : Jan 9 03:59:07 2026 GMT
Subject: CN=677f498e-3cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:b1:02:6f:50:0e:76:22:cb:07:ab:30:0f:48:
e7:da:22:c3:f5:58:13:86:63:7c:ee:12:34:55:73:
1b:88:01:78:1c:c2:8f:cb:f1:01:b7:09:aa:fa:d7:
05:81:eb:f7:a8:c5:8f:93:e8:10:5b:90:6d:39:46:
75:fc:7c:f2:2e:a1:8e:0f:5c:b7:7d:69:dc:2b:43:
22:eb:c1:e4:60:f5:f6:33:9a:2a:2b:26:e7:83:33:
8f:2a:c1:7a:ce:a6:d9:60:8b:8b:94:30:24:65:95:
f7:e5:b9:93:ab:a6:02:52:95:e1:d0:82:b7:81:c1:
ae:8c:39:26:bd:5c:27:6c:12:7a:f9:43:5a:58:d6:
25:72:b8:89:2c:5c:9b:c3:e5:72:a6:9e:7c:e7:3c:
72:39:d8:3b:4b:8f:68:88:39:49:6d:3e:94:f4:b2:
b1:2f:84:bc:1c:b7:3b:92:f3:18:a0:6b:d7:99:dd:
a9:21:df:18:c9:c3:34:24:52:ff:2c:71:50:59:d7:
b8:3b:9d:ee:c9:0e:36:db:1e:88:b7:72:b5:d1:20:
fa:8f:30:87:dc:95:d3:6a:8a:c5:f5:88:eb:f6:45:
7d:c9:d3:7b:15:f4:b4:88:87:77:76:67:d7:49:ec:
32:68:4f:6e:39:5b:1d:c6:af:d8:9e:6e:22:f1:24:
32:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0D:7F:75:6E:B2:B4:27:FD:8E:D1:BA:AA:3A:8A:12:F3:88:E7:4C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/149ED114CE3E11EFAE2601A5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.97.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c9:f9:20:63:f7:26:b3:92:94:45:fe:0d:56:67:fd:2b:7b:
72:b3:1a:30:80:f1:88:d6:20:1f:31:1c:fb:61:3a:8b:4b:08:
b5:ab:a7:4d:46:49:0d:a2:aa:37:88:91:e9:34:fe:18:2d:8c:
53:ec:b1:df:93:3c:e9:ef:5e:96:35:9d:6d:b5:54:5d:12:e5:
e3:66:84:df:53:cc:6d:57:c3:3f:b2:87:68:5b:16:c4:9c:ce:
a4:91:a0:72:0b:a5:31:f4:16:fa:c5:3e:27:20:65:03:05:24:
d9:7e:45:af:6a:cd:6b:8c:94:0c:6c:ea:00:47:46:99:97:fd:
52:e8:cf:2e:d5:3a:3d:c4:e0:e3:62:3b:e6:27:08:7c:4e:e5:
d6:89:36:9f:f4:05:cf:76:3a:04:2d:82:42:56:17:ab:e0:69:
f8:fd:74:da:b7:06:7e:a6:28:c8:41:a6:aa:66:c2:8b:2f:30:
06:8e:ec:9f:2d:9a:e1:00:39:d3:bb:39:68:f1:ac:5e:a4:c3:
9e:4c:38:b4:12:58:44:1b:4c:62:48:47:77:5a:a9:a0:8b:1f:
19:9c:29:99:59:75:a5:17:b7:0d:93:47:2c:79:cf:65:64:ab:
38:99:22:5f:ec:e8:30:22:6c:c0:b1:4b:47:46:f8:32:e9:4b:
b4:d7:4b:32
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQJbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDM1OTA3WhcNMjYwMTA5MDM1OTA3WjAYMRYw
FAYDVQQDEw02NzdmNDk4ZS0zY2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+7ECb1AOdiLLB6swD0jn2iLD9VgThmN87hI0VXMbiAF4HMKPy/EBtwmq
+tcFgev3qMWPk+gQW5BtOUZ1/HzyLqGOD1y3fWncK0Mi68HkYPX2M5oqKybngzOP
KsF6zqbZYIuLlDAkZZX35bmTq6YCUpXh0IK3gcGujDkmvVwnbBJ6+UNaWNYlcriJ
LFybw+Vypp585zxyOdg7S49oiDlJbT6U9LKxL4S8HLc7kvMYoGvXmd2pId8YycM0
JFL/LHFQWde4O53uyQ422x6It3K10SD6jzCH3JXTaorF9Yjr9kV9ydN7FfS0iId3
dmfXSewyaE9uOVsdxq/Ynm4i8SQybQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBIN
f3VusrQn/Y7Ruqo6ihLziOdMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNDlFRDExNENFM0UxMUVGQUUyNjAxQTU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPVhMA0GCSqGSIb3DQEBCwUA
A4IBAQBCyfkgY/cms5KURf4NVmf9K3tysxowgPGI1iAfMRz7YTqLSwi1q6dNRkkN
oqo3iJHpNP4YLYxT7LHfkzzp716WNZ1ttVRdEuXjZoTfU8xtV8M/sodoWxbEnM6k
kaByC6Ux9Bb6xT4nIGUDBSTZfkWvas1rjJQMbOoAR0aZl/1S6M8u1To9xODjYjvm
Jwh8TuXWiTaf9AXPdjoELYJCVher4Gn4/XTatwZ+pijIQaaqZsKLLzAGjuyfLZrh
ADnTuzlo8axepMOeTDi0ElhEG0xiSEd3Wqmgix8ZnCmZWXWlF7cNk0csec9lZKs4
mSJf7OgwImzAsUtHRvgy6Uu010sy
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:42 2025 by rpki-client