Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8678304C34611EF9AE1E160762E951A.roa
File: E8678304C34611EF9AE1E160762E951A.roa (raw, json)
Hash identifier: fMbDXbeEZpBDjUd5g6M3QgnG/VkzWaRYDIWe+ZDIhPg=
Subject key identifier: 18:1B:BA:9E:C2:AA:D0:36:42:47:85:6A:91:C0:9E:CA:75:92:27:5F
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EC0F
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8678304C34611EF9AE1E160762E951A.roa
Signing time: Thu 26 Dec 2024 05:04:39 +0000
ROA not before: Thu 26 Dec 2024 05:04:35 +0000
ROA not after: Wed 10 Dec 2025 05:04:35 +0000
asID: 984
IP address blocks: 156.245.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60431 (0xec0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 05:04:35 2024 GMT
Not After : Dec 10 05:04:35 2025 GMT
Subject: CN=676ce3e6-5f38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7e:3b:4d:1b:68:fc:31:9f:c0:ec:82:30:2d:
eb:d9:af:33:77:c4:9c:3d:ce:b9:33:a4:18:45:ef:
9f:5e:98:3d:a4:41:68:15:5e:de:99:60:2c:88:ed:
53:cc:a5:16:0f:66:17:4a:80:3d:a3:c9:b7:25:0e:
e3:40:10:40:41:36:b8:31:5f:05:57:13:b8:d7:dd:
0b:88:47:5a:51:98:e5:15:8a:f7:70:8d:3a:2b:ee:
81:4a:95:c5:17:78:b7:88:6a:a5:9d:2a:ed:f1:ab:
7f:70:ac:0d:00:40:17:ca:cf:d0:63:35:cf:78:c1:
e5:75:c3:7b:ee:e5:a1:d2:56:79:71:76:b3:ff:ef:
e2:17:30:96:54:62:34:4f:f0:97:0b:f8:d5:35:a6:
b9:c6:4e:31:6a:42:88:44:58:6e:d3:2b:3b:ce:77:
9e:17:db:08:1a:22:6f:18:61:db:f3:f6:0f:06:ad:
27:c3:1c:6e:b4:30:dc:a6:ac:86:8e:2f:0d:7b:35:
74:01:ea:7a:b4:6e:ef:15:ba:aa:38:5e:63:f3:79:
42:ab:f8:25:62:bb:31:6d:ed:26:69:2d:7e:67:8d:
61:61:94:c1:eb:de:dc:fc:71:f0:f9:09:6b:23:6b:
19:7b:c4:89:e2:6b:42:0e:59:d1:84:48:81:3b:67:
eb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:1B:BA:9E:C2:AA:D0:36:42:47:85:6A:91:C0:9E:CA:75:92:27:5F
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E8678304C34611EF9AE1E160762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.177.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:06:58:be:d9:fc:1d:a3:7d:83:d2:a2:68:ed:2e:89:14:58:
f6:da:e1:02:b2:28:ac:0e:a3:44:18:57:5e:fb:9b:69:8b:fd:
61:58:f6:c2:1f:2d:ae:ba:fb:35:24:fb:41:76:1a:f1:12:67:
52:bb:63:67:70:53:b8:7c:b3:65:15:e4:13:1c:4d:b6:34:45:
45:bd:84:dc:3c:d1:9a:c6:d1:7c:a4:d3:d6:4b:83:88:fa:91:
bb:c1:16:53:05:b8:a9:41:e5:69:ea:cf:83:a6:c1:b4:0f:3b:
c5:8d:8e:89:5b:fb:34:58:f3:14:e6:cc:87:59:c8:70:68:1e:
d8:e6:b9:6d:62:51:68:7c:03:51:01:86:f9:4c:cf:f7:7f:a0:
06:77:f5:37:aa:8f:a5:4f:e4:dc:26:3a:3e:c7:16:68:a4:cd:
fe:10:85:11:1c:26:f6:c2:41:d5:2a:e5:c2:9e:a6:ec:b4:7c:
f8:68:1e:22:56:69:54:f3:d9:03:5f:2b:32:8a:6c:4e:1a:15:
73:14:f8:dd:ef:45:6d:28:13:d8:30:ac:f9:4b:f7:16:4b:01:
05:98:c1:0b:ff:8a:b9:94:14:aa:72:e9:ea:7d:d7:f9:11:f1:
f9:b9:51:ff:61:43:20:5a:f5:1d:79:d9:5b:08:9c:fa:64:d4:
01:81:fd:36
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOwPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDUwNDM1WhcNMjUxMjEwMDUwNDM1WjAYMRYw
FAYDVQQDEw02NzZjZTNlNi01ZjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq347TRto/DGfwOyCMC3r2a8zd8ScPc65M6QYRe+fXpg9pEFoFV7emWAs
iO1TzKUWD2YXSoA9o8m3JQ7jQBBAQTa4MV8FVxO4190LiEdaUZjlFYr3cI06K+6B
SpXFF3i3iGqlnSrt8at/cKwNAEAXys/QYzXPeMHldcN77uWh0lZ5cXaz/+/iFzCW
VGI0T/CXC/jVNaa5xk4xakKIRFhu0ys7zneeF9sIGiJvGGHb8/YPBq0nwxxutDDc
pqyGji8NezV0Aep6tG7vFbqqOF5j83lCq/glYrsxbe0maS1+Z41hYZTB697c/HHw
+QlrI2sZe8SJ4mtCDlnRhEiBO2frQwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBgb
up7CqtA2QkeFapHAnsp1kidfMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FODY3ODMwNEMzNDYxMUVGOUFFMUUxNjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPWxMA0GCSqGSIb3DQEBCwUA
A4IBAQALBli+2fwdo32D0qJo7S6JFFj22uECsiisDqNEGFde+5tpi/1hWPbCHy2u
uvs1JPtBdhrxEmdSu2NncFO4fLNlFeQTHE22NEVFvYTcPNGaxtF8pNPWS4OI+pG7
wRZTBbipQeVp6s+DpsG0DzvFjY6JW/s0WPMU5syHWchwaB7Y5rltYlFofANRAYb5
TM/3f6AGd/U3qo+lT+TcJjo+xxZopM3+EIURHCb2wkHVKuXCnqbstHz4aB4iVmlU
89kDXysyimxOGhVzFPjd70VtKBPYMKz5S/cWSwEFmMEL/4q5lBSqcunqfdf5EfH5
uVH/YUMgWvUdedlbCJz6ZNQBgf02
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:14 2025 by rpki-client