Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/156B8C30CDA411EFA1E75649762E951A.roa
File: 156B8C30CDA411EFA1E75649762E951A.roa (raw, json)
Hash identifier: Kgfy73kCgsq4b6UsWLtI/cR0b7jKhsovOaguyVaDQxs=
Subject key identifier: EA:2D:3E:68:EB:76:61:7E:6E:D4:4E:C6:81:EB:A0:56:84:CB:46:AF
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01010B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/156B8C30CDA411EFA1E75649762E951A.roa
Signing time: Wed 08 Jan 2025 09:36:49 +0000
ROA not before: Wed 08 Jan 2025 09:36:45 +0000
ROA not after: Thu 23 Dec 2027 09:36:45 +0000
asID: 17561
IP address blocks: 45.194.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65803 (0x1010b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:36:45 2025 GMT
Not After : Dec 23 09:36:45 2027 GMT
Subject: CN=677e4731-56a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dd:02:47:4a:64:82:e6:6a:63:a8:dc:be:ad:
07:0b:0d:f0:83:40:2d:e2:9b:92:41:e1:4c:aa:36:
f4:84:90:fc:f6:67:37:a1:a7:85:65:c0:f6:fc:d9:
fb:01:66:00:b0:58:f5:69:4e:4c:b4:53:38:1e:42:
de:31:6c:3b:dd:42:e8:f1:19:b0:60:95:6a:6d:9d:
b5:6a:8b:4d:fa:1d:98:ac:af:02:d5:e2:ab:65:eb:
ec:e6:f2:98:3f:e2:1d:16:1c:a3:d8:a9:00:1c:db:
06:34:d0:b8:4b:6c:ff:af:1e:d3:f5:6b:a9:82:98:
03:09:ce:8d:2e:82:8a:9e:23:87:ba:c8:63:48:05:
27:bf:45:e9:0d:51:18:ea:d1:93:78:21:e6:8f:bd:
8f:8f:91:12:73:f3:16:1e:dd:f9:6e:0e:0d:1a:46:
bd:7f:ab:a1:e6:f4:df:ef:e4:bb:11:80:66:b6:58:
d6:a0:2d:83:32:99:1f:a1:bc:59:3d:66:60:55:ab:
9b:73:37:c1:e1:43:f4:ca:d4:71:c6:0c:11:93:8a:
cc:ba:ba:f0:d8:75:91:7b:77:ef:3f:34:eb:12:85:
04:74:40:4f:8a:78:74:94:d4:65:85:c5:32:ac:c7:
f4:71:fe:82:98:d9:2d:81:ef:75:fe:22:fd:a3:80:
6c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:2D:3E:68:EB:76:61:7E:6E:D4:4E:C6:81:EB:A0:56:84:CB:46:AF
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/156B8C30CDA411EFA1E75649762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.194.93.0/24
Signature Algorithm: sha256WithRSAEncryption
10:12:e2:58:09:44:6a:e0:91:eb:49:bb:0c:9f:a3:e6:6d:46:
46:92:75:16:d8:98:b0:0b:d0:90:d7:08:ea:bb:48:40:d4:74:
89:e6:6a:cf:dd:d3:ce:02:2e:3d:34:66:b5:fe:33:42:4a:f6:
f1:7b:52:e3:32:e7:84:42:22:9b:3b:f9:10:20:9a:4e:3b:8b:
4e:bc:62:bb:06:da:19:90:b9:61:bf:57:58:87:2d:8b:56:4a:
39:8c:c8:2b:fd:57:d9:64:7f:6f:75:5e:c3:e1:23:82:85:45:
fa:fd:99:2e:3a:6e:e5:57:4c:f3:7e:92:ec:b8:8a:42:f8:58:
84:6f:60:25:bd:ab:96:c1:f9:45:73:b1:6b:49:c3:92:11:99:
ea:3e:59:87:54:bf:71:1d:b8:28:b1:da:53:9e:ce:ea:c2:46:
c0:a8:4a:b4:df:0c:ca:1c:a6:5e:99:1e:a0:fc:38:05:fc:04:
63:23:e0:66:cc:7f:6d:35:2e:15:3e:06:c1:9a:c7:cf:51:bf:
a3:47:58:48:0d:e9:e7:d5:a3:62:3b:bd:51:df:b4:7c:72:b0:
b7:84:db:76:1e:ba:ff:c1:d8:5e:f3:95:a2:6e:70:49:bc:71:
58:35:35:5a:1c:74:0e:76:ab:8a:cf:ee:e0:40:3a:33:8c:9b:
7c:ab:4c:06
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQELMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDkzNjQ1WhcNMjcxMjIzMDkzNjQ1WjAYMRYw
FAYDVQQDEw02NzdlNDczMS01NmEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs90CR0pkguZqY6jcvq0HCw3wg0At4puSQeFMqjb0hJD89mc3oaeFZcD2
/Nn7AWYAsFj1aU5MtFM4HkLeMWw73ULo8RmwYJVqbZ21aotN+h2YrK8C1eKrZevs
5vKYP+IdFhyj2KkAHNsGNNC4S2z/rx7T9WupgpgDCc6NLoKKniOHushjSAUnv0Xp
DVEY6tGTeCHmj72Pj5ESc/MWHt35bg4NGka9f6uh5vTf7+S7EYBmtljWoC2DMpkf
obxZPWZgVaubczfB4UP0ytRxxgwRk4rMurrw2HWRe3fvPzTrEoUEdEBPinh0lNRl
hcUyrMf0cf6CmNktge91/iL9o4BsmQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOot
PmjrdmF+btROxoHroFaEy0avMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNTZCOEMzMENEQTQxMUVGQTFFNzU2NDk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcJdMA0GCSqGSIb3DQEBCwUA
A4IBAQAQEuJYCURq4JHrSbsMn6PmbUZGknUW2JiwC9CQ1wjqu0hA1HSJ5mrP3dPO
Ai49NGa1/jNCSvbxe1LjMueEQiKbO/kQIJpOO4tOvGK7BtoZkLlhv1dYhy2LVko5
jMgr/VfZZH9vdV7D4SOChUX6/ZkuOm7lV0zzfpLsuIpC+FiEb2AlvauWwflFc7Fr
ScOSEZnqPlmHVL9xHbgosdpTns7qwkbAqEq03wzKHKZemR6g/DgF/ARjI+BmzH9t
NS4VPgbBmsfPUb+jR1hIDenn1aNiO71R37R8crC3hNt2Hrr/wdhe85WibnBJvHFY
NTVaHHQOdquKz+7gQDozjJt8q0wG
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:58:27 2025 by rpki-client