Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/279CF3A2C32811EF866F4C8C762E951A.roa
File: 279CF3A2C32811EF866F4C8C762E951A.roa (raw, json)
Hash identifier: 0X4Drca4M8ru3IAfLUiXq7NDYrY8+svh1buu/pS/G2g=
Subject key identifier: 41:0B:0E:FE:F1:C2:CC:91:3F:BB:1C:15:1D:B8:E1:BA:54:25:E6:1A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EAA3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/279CF3A2C32811EF866F4C8C762E951A.roa
Signing time: Thu 26 Dec 2024 01:24:30 +0000
ROA not before: Thu 26 Dec 2024 01:24:27 +0000
ROA not after: Wed 10 Dec 2025 01:24:27 +0000
asID: 984
IP address blocks: 156.243.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60067 (0xeaa3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 01:24:27 2024 GMT
Not After : Dec 10 01:24:27 2025 GMT
Subject: CN=676cb04e-92a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:dc:e7:ec:16:65:3a:d4:5e:6f:cf:19:3c:e4:
3b:29:12:c0:76:e4:43:b2:02:07:d5:8e:fe:e0:65:
76:6a:7a:45:9d:45:df:d9:f8:83:93:55:8e:0b:4d:
26:b5:06:27:cf:3a:0a:38:cc:7f:ee:97:2b:7e:e4:
9e:db:00:88:b9:4b:2a:f1:8e:75:a2:e5:af:50:1c:
79:97:95:c8:98:d1:1e:d3:ce:14:f8:c3:0b:2d:da:
78:a2:b8:8c:d1:08:d6:73:29:86:50:6b:e3:56:b2:
7d:0b:e2:21:da:cb:06:b6:f4:40:8e:43:5e:18:ab:
db:83:3e:ef:4e:12:5b:ee:0d:3f:c3:ea:ee:16:80:
8a:c3:3e:83:25:8b:31:ea:03:3a:98:1b:ca:8c:a7:
35:a8:d5:ab:da:6a:92:a5:b8:6b:f1:5a:aa:e0:9a:
40:18:82:8d:9c:27:b2:1b:94:71:40:4a:4c:42:26:
52:31:42:dd:4b:bb:a5:44:cb:5d:98:ec:a2:63:76:
9a:5e:74:1b:ec:e6:ec:d5:34:4b:4a:b8:fd:e1:4b:
9a:a7:c7:92:14:91:52:fd:34:92:68:32:43:15:a1:
f6:fd:2e:16:c7:62:dc:f9:ce:bd:b0:50:8e:aa:17:
88:f5:24:3a:ca:37:e7:7a:65:f4:df:4c:f2:97:33:
a9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:0B:0E:FE:F1:C2:CC:91:3F:BB:1C:15:1D:B8:E1:BA:54:25:E6:1A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/279CF3A2C32811EF866F4C8C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.243.145.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:19:d4:69:50:d7:f4:2f:b8:15:c8:da:ba:34:9b:64:76:c6:
f5:f8:e4:87:0d:0f:61:29:16:4d:b4:8a:08:1a:1c:51:fd:a2:
c4:2f:97:4f:b7:99:85:4a:b6:a3:71:92:06:f0:b2:2f:14:14:
0c:4b:ee:55:e4:32:b4:71:ab:e5:1d:f3:e5:87:bd:0a:a6:35:
cf:0e:7c:0b:40:9c:12:06:86:32:19:17:7c:0e:83:f7:a6:c4:
a1:01:8b:2a:be:5e:b7:df:39:47:f1:e4:94:19:9d:ee:f2:b0:
ca:30:0d:f3:bd:c6:92:94:0e:b9:0f:2d:41:d8:93:c3:c1:2d:
ec:2a:41:7d:42:76:9c:f8:4d:a0:7a:23:76:7f:f5:6e:5d:bd:
6f:40:ff:3d:c2:7a:89:10:86:8b:97:56:23:9c:30:71:fa:4e:
59:3b:07:64:df:f0:a8:a7:05:32:a2:1f:77:bb:3b:e1:14:47:
f1:97:aa:82:f6:ae:89:24:bb:89:68:1d:79:5d:01:44:c5:1c:
77:af:f7:7a:14:74:91:c0:9e:e9:29:0a:b0:ac:6b:ec:9a:7e:
4d:9c:21:95:2d:dd:ed:d1:dd:ca:4e:4d:ee:11:53:7f:0c:95:
ea:ae:78:f0:d8:5b:30:0a:72:eb:62:36:81:dd:6e:a7:7b:b0:
75:fa:ed:d4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOqjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDEyNDI3WhcNMjUxMjEwMDEyNDI3WjAYMRYw
FAYDVQQDEw02NzZjYjA0ZS05MmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvdzn7BZlOtReb88ZPOQ7KRLAduRDsgIH1Y7+4GV2anpFnUXf2fiDk1WO
C00mtQYnzzoKOMx/7pcrfuSe2wCIuUsq8Y51ouWvUBx5l5XImNEe084U+MMLLdp4
oriM0QjWcymGUGvjVrJ9C+Ih2ssGtvRAjkNeGKvbgz7vThJb7g0/w+ruFoCKwz6D
JYsx6gM6mBvKjKc1qNWr2mqSpbhr8Vqq4JpAGIKNnCeyG5RxQEpMQiZSMULdS7ul
RMtdmOyiY3aaXnQb7Obs1TRLSrj94Uuap8eSFJFS/TSSaDJDFaH2/S4Wx2Lc+c69
sFCOqheI9SQ6yjfnemX030zylzOp5wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEEL
Dv7xwsyRP7scFR244bpUJeYaMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yNzlDRjNBMkMzMjgxMUVGODY2RjRDOEM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPORMA0GCSqGSIb3DQEBCwUA
A4IBAQAsGdRpUNf0L7gVyNq6NJtkdsb1+OSHDQ9hKRZNtIoIGhxR/aLEL5dPt5mF
SrajcZIG8LIvFBQMS+5V5DK0cavlHfPlh70KpjXPDnwLQJwSBoYyGRd8DoP3psSh
AYsqvl633zlH8eSUGZ3u8rDKMA3zvcaSlA65Dy1B2JPDwS3sKkF9Qnac+E2geiN2
f/VuXb1vQP89wnqJEIaLl1YjnDBx+k5ZOwdk3/CopwUyoh93uzvhFEfxl6qC9q6J
JLuJaB15XQFExRx3r/d6FHSRwJ7pKQqwrGvsmn5NnCGVLd3t0d3KTk3uEVN/DJXq
rnjw2FswCnLrYjaB3W6ne7B1+u3U
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:00 2025 by rpki-client