Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15D169EAC34711EF8BB0EB62762E951A.roa
File: 15D169EAC34711EF8BB0EB62762E951A.roa (raw, json)
Hash identifier: EiFqnc7FT+F5d4K7ber/lXkPb1XhSSM6iReYgHRAPx8=
Subject key identifier: CD:D7:A0:8A:02:49:4F:7A:58:69:D0:58:57:C3:A4:44:F1:D8:DE:EC
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC11
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15D169EAC34711EF8BB0EB62762E951A.roa
Signing time: Thu 26 Dec 2024 05:05:55 +0000
ROA not before: Thu 26 Dec 2024 05:05:51 +0000
ROA not after: Wed 10 Dec 2025 05:05:51 +0000
asID: 984
IP address blocks: 156.245.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60433 (0xec11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:05:51 2024 GMT
Not After : Dec 10 05:05:51 2025 GMT
Subject: CN=676ce433-6bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:73:8f:3c:b6:10:2e:9b:60:1b:4b:62:ef:ef:
df:63:3d:51:24:89:eb:6c:0d:9a:60:45:e9:b5:a8:
11:77:9e:77:d6:18:fd:dd:23:0b:bd:16:08:e0:e8:
de:04:af:1b:d1:05:da:78:48:82:64:41:9f:27:d1:
cf:c7:b1:4e:a7:70:35:61:ba:42:19:43:8c:e1:93:
63:4c:6c:61:1d:16:e8:3a:89:e3:f5:ea:83:d1:14:
57:1f:d0:25:2a:68:30:e0:3f:56:e4:16:0d:c0:a6:
0b:ab:a9:c0:3a:b8:63:48:6b:c6:31:80:1b:cd:23:
85:9c:82:3f:7b:ab:cd:2a:ae:e9:c8:75:97:5a:77:
26:77:1a:19:b9:61:b9:41:cb:c9:81:3a:49:c7:65:
86:6b:de:43:b3:7d:ea:62:16:72:3b:20:22:e9:ec:
14:54:f8:a3:e8:b0:db:5f:1b:0c:23:eb:43:15:2d:
67:75:cf:9b:9a:eb:78:2b:1e:f2:99:10:7f:b8:11:
d3:3e:56:63:08:2b:72:4c:14:54:ae:fb:e0:00:0a:
88:a3:ab:39:01:91:e2:4e:86:ef:42:f3:24:d7:3b:
a7:1c:7e:6f:28:b1:74:8f:4d:32:45:8f:43:78:41:
17:1a:65:c4:de:cb:fe:41:07:7d:15:3e:25:cf:6f:
4b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D7:A0:8A:02:49:4F:7A:58:69:D0:58:57:C3:A4:44:F1:D8:DE:EC
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15D169EAC34711EF8BB0EB62762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.178.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:09:70:2c:3a:0f:b9:78:5a:56:59:6b:12:04:2d:66:8e:2f:
66:76:f2:56:5f:17:b8:ef:44:f0:74:b2:1d:61:8d:d9:8b:bc:
66:c0:76:ec:c0:01:85:eb:d9:8b:07:e0:14:74:6d:dd:f5:17:
c4:32:75:9f:28:26:78:7e:32:1a:d1:94:79:32:e6:77:49:b2:
88:ea:57:34:31:37:41:bd:1f:dc:d1:bf:1f:d0:82:4d:8d:aa:
cf:2d:c8:8b:72:fd:43:ec:26:69:da:78:15:e9:d8:f5:c4:2f:
7e:aa:d1:d9:3d:aa:51:2e:ce:60:e4:d1:c4:18:dc:42:90:82:
c0:c7:b4:fb:85:c0:c4:f7:c4:de:70:c0:87:82:7a:a9:80:84:
5e:cf:b5:99:3a:c1:05:bd:c1:be:70:87:e2:f2:88:6b:cb:3d:
59:47:5a:f1:cc:bd:6b:bb:f4:00:23:79:18:bb:ce:78:c7:ea:
d7:ed:7f:09:cc:c6:19:22:66:44:53:e9:81:f6:5e:f4:74:94:
c1:5a:1e:2a:0a:62:01:a3:1b:c0:80:31:5d:7e:12:5c:20:3f:
24:ec:17:d8:b8:40:1f:be:da:c6:64:84:4a:7c:2e:f2:90:4d:
1b:4d:e9:ce:7e:a5:7d:e0:fd:6b:81:49:24:5c:98:ea:2c:2c:
06:59:0b:12
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUwNTUxWhcNMjUxMjEwMDUwNTUxWjAYMRYw
FAYDVQQDEw02NzZjZTQzMy02YmRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnnOPPLYQLptgG0ti7+/fYz1RJInrbA2aYEXptagRd5531hj93SMLvRYI
4OjeBK8b0QXaeEiCZEGfJ9HPx7FOp3A1YbpCGUOM4ZNjTGxhHRboOonj9eqD0RRX
H9AlKmgw4D9W5BYNwKYLq6nAOrhjSGvGMYAbzSOFnII/e6vNKq7pyHWXWncmdxoZ
uWG5QcvJgTpJx2WGa95Ds33qYhZyOyAi6ewUVPij6LDbXxsMI+tDFS1ndc+bmut4
Kx7ymRB/uBHTPlZjCCtyTBRUrvvgAAqIo6s5AZHiTobvQvMk1zunHH5vKLF0j00y
RY9DeEEXGmXE3sv+QQd9FT4lz29LCQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFM3X
oIoCSU96WGnQWFfDpETx2N7sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNUQxNjlFQUMzNDcxMUVGOEJCMEVCNjI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPWyMA0GCSqGSIb3DQEBCwUA
A4IBAQBNCXAsOg+5eFpWWWsSBC1mji9mdvJWXxe470TwdLIdYY3Zi7xmwHbswAGF
69mLB+AUdG3d9RfEMnWfKCZ4fjIa0ZR5MuZ3SbKI6lc0MTdBvR/c0b8f0IJNjarP
LciLcv1D7CZp2ngV6dj1xC9+qtHZPapRLs5g5NHEGNxCkILAx7T7hcDE98TecMCH
gnqpgIRez7WZOsEFvcG+cIfi8ohryz1ZR1rxzL1ru/QAI3kYu854x+rX7X8JzMYZ
ImZEU+mB9l70dJTBWh4qCmIBoxvAgDFdfhJcID8k7BfYuEAfvtrGZIRKfC7ykE0b
TenOfqV94P1rgUkkXJjqLCwGWQsS
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:41:27 2025 by rpki-client