Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1DA00162C34811EFA3AF5869762E951A.roa
File: 1DA00162C34811EFA3AF5869762E951A.roa (raw, json)
Hash identifier: ZhgWAskf3ITMOKG9eMIGFiUIkHV6s+iKA7rr7WmTO8w=
Subject key identifier: 82:59:10:B5:B6:DB:D3:A5:FD:87:29:7D:A7:83:8C:B4:12:2F:7E:52
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC1D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1DA00162C34811EFA3AF5869762E951A.roa
Signing time: Thu 26 Dec 2024 05:13:17 +0000
ROA not before: Thu 26 Dec 2024 05:13:14 +0000
ROA not after: Wed 10 Dec 2025 05:13:14 +0000
asID: 984
IP address blocks: 156.245.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60445 (0xec1d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:13:14 2024 GMT
Not After : Dec 10 05:13:14 2025 GMT
Subject: CN=676ce5ed-8381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:b8:01:57:50:3c:a0:8e:c7:32:6a:8b:ad:c6:
1e:e4:ae:6e:17:a3:f1:79:92:a9:80:cf:3f:b3:75:
46:30:dd:e5:6c:ce:6e:33:5b:fd:7c:ac:f8:80:11:
16:63:25:8f:8b:9b:be:f1:7f:93:69:73:fa:44:ec:
3c:51:d4:e9:18:3e:13:e9:67:5d:e2:40:ce:7e:0b:
31:dd:ad:c5:0d:3f:ea:bf:f1:be:2c:06:c1:10:9d:
e3:10:19:f4:ce:e4:bc:84:d6:ad:ed:87:c6:0c:c6:
61:1d:d6:78:bc:38:4a:c4:b1:e9:5f:38:7d:7a:3c:
2a:01:b2:21:9b:21:57:3f:e5:c0:ab:de:e0:b1:4c:
4d:a3:fa:73:19:8f:6f:6f:56:54:05:f1:64:44:7e:
01:6d:cb:b7:d1:d8:4c:93:8b:23:e2:c3:2a:45:26:
ca:ee:83:a9:d2:5c:0b:a5:7a:03:9a:e0:c7:36:03:
7d:61:fa:d6:6f:57:12:d3:71:11:e4:57:d7:18:78:
2d:74:e9:62:17:fc:c4:d7:4a:ad:64:57:86:61:10:
50:ef:30:01:ac:cf:37:d1:a4:a1:40:69:dc:2e:0a:
99:68:8b:43:d6:f4:e4:e3:27:ec:c8:09:4d:8a:9e:
a7:82:ca:3a:95:13:6f:08:b5:52:10:9f:4b:34:6f:
35:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:59:10:B5:B6:DB:D3:A5:FD:87:29:7D:A7:83:8C:B4:12:2F:7E:52
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1DA00162C34811EFA3AF5869762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.186.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:41:52:fd:30:44:54:f5:a5:ae:8c:18:ef:f1:d0:e8:76:b9:
f5:f5:a0:d6:28:ef:f5:7e:41:e1:b7:93:4e:37:18:93:9f:6a:
90:9f:49:0c:23:c5:d7:9e:c4:cc:88:fc:49:9b:3a:0f:b5:54:
0a:ef:36:d2:57:e1:c1:d1:c0:a0:7b:4b:69:bf:dc:fe:df:3f:
79:e6:60:89:0f:8c:ac:2a:45:ee:c5:d7:f7:f1:fd:23:f6:68:
bb:06:1a:93:09:87:ac:d8:27:2e:e1:72:25:5c:2c:2f:ba:59:
c4:27:c7:a7:37:8b:05:40:a4:85:81:ef:f5:d7:74:6e:fc:65:
85:9b:72:82:0e:55:9e:93:73:6f:6e:f5:0a:46:3c:52:c9:da:
8e:ad:4a:72:6c:91:b6:b6:bb:35:48:d0:50:16:3e:6e:dc:bc:
f2:b2:20:9d:03:6b:b3:a9:9a:75:1f:77:50:a4:1b:87:cf:a7:
16:b2:6a:e3:c1:ee:06:d6:1b:15:cf:a5:26:6a:b2:35:2e:c8:
c5:21:8f:07:6b:76:09:6c:da:99:3a:a8:66:a4:e2:60:5a:01:
cc:74:f0:14:41:39:5a:10:b6:9b:28:16:6c:ca:7c:41:de:b4:
db:48:5b:b5:30:70:11:e1:36:76:4e:5e:53:ff:13:c1:4a:2c:
82:0a:be:8a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUxMzE0WhcNMjUxMjEwMDUxMzE0WjAYMRYw
FAYDVQQDEw02NzZjZTVlZC04MzgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA9rgBV1A8oI7HMmqLrcYe5K5uF6PxeZKpgM8/s3VGMN3lbM5uM1v9fKz4
gBEWYyWPi5u+8X+TaXP6ROw8UdTpGD4T6Wdd4kDOfgsx3a3FDT/qv/G+LAbBEJ3j
EBn0zuS8hNat7YfGDMZhHdZ4vDhKxLHpXzh9ejwqAbIhmyFXP+XAq97gsUxNo/pz
GY9vb1ZUBfFkRH4Bbcu30dhMk4sj4sMqRSbK7oOp0lwLpXoDmuDHNgN9YfrWb1cS
03ER5FfXGHgtdOliF/zE10qtZFeGYRBQ7zABrM830aShQGncLgqZaItD1vTk4yfs
yAlNip6ngso6lRNvCLVSEJ9LNG81pwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIJZ
ELW229Ol/YcpfaeDjLQSL35SMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xREEwMDE2MkMzNDgxMUVGQTNBRjU4Njk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPW6MA0GCSqGSIb3DQEBCwUA
A4IBAQCiQVL9MERU9aWujBjv8dDodrn19aDWKO/1fkHht5NONxiTn2qQn0kMI8XX
nsTMiPxJmzoPtVQK7zbSV+HB0cCge0tpv9z+3z955mCJD4ysKkXuxdf38f0j9mi7
BhqTCYes2Ccu4XIlXCwvulnEJ8enN4sFQKSFge/113Ru/GWFm3KCDlWek3NvbvUK
RjxSydqOrUpybJG2trs1SNBQFj5u3LzysiCdA2uzqZp1H3dQpBuHz6cWsmrjwe4G
1hsVz6UmarI1LsjFIY8Ha3YJbNqZOqhmpOJgWgHMdPAUQTlaELabKBZsynxB3rTb
SFu1MHAR4TZ2Tl5T/xPBSiyCCr6K
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:42 2025 by rpki-client