Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11E99324A0DE11EFA14BA66C762E951A.roa
File: 11E99324A0DE11EFA14BA66C762E951A.roa (raw, json)
Hash identifier: l0N3Edg9qu0dxFZp22rwzntTpZAuiSEZTOhwMc+ayXA=
Subject key identifier: E9:07:29:34:AA:EA:37:10:46:A0:44:CA:7E:B7:35:49:3D:B9:F9:9D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D195
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11E99324A0DE11EFA14BA66C762E951A.roa
Signing time: Tue 12 Nov 2024 10:08:31 +0000
ROA not before: Tue 12 Nov 2024 10:08:28 +0000
ROA not after: Fri 22 Nov 2024 10:08:28 +0000
asID: 273478
IP address blocks: 156.232.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 22 Nov 2024 10:08:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53653 (0xd195)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 12 10:08:28 2024 GMT
Not After : Nov 22 10:08:28 2024 GMT
Subject: CN=6733291f-d167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2c:f1:e4:07:25:be:a0:65:92:3e:3f:cb:71:
23:91:75:de:c2:1f:67:15:c1:e8:47:65:f2:90:67:
c3:f4:e0:68:82:86:67:4a:19:a2:0c:fb:05:1f:e4:
ca:ef:cb:3d:75:68:64:ed:e1:2c:39:f2:2a:8a:53:
61:aa:4c:f7:59:09:44:0a:81:02:ea:96:9f:00:67:
d4:db:74:59:dc:a3:0e:3a:a5:62:6f:a8:26:b1:3d:
61:b0:24:65:e0:99:47:09:7e:0b:ac:eb:85:3d:ca:
d3:2c:09:5d:b2:49:15:dc:72:39:de:65:97:69:b2:
b8:ea:45:8e:cd:5d:cf:90:1d:58:45:81:26:c1:c5:
9d:1c:40:c4:6d:76:75:bc:3c:46:dd:81:87:44:58:
a8:ae:71:f9:52:cf:02:32:5b:ef:02:09:4c:d4:ea:
24:3b:d0:7d:f4:d2:cf:cb:72:28:61:7c:36:d6:56:
50:8c:95:59:05:e3:d4:05:0f:83:9b:31:8e:14:41:
e6:10:23:e2:d5:ba:c0:7e:11:fa:84:39:57:52:52:
a1:4a:52:d7:fb:ab:ba:90:77:a6:d6:f4:2e:82:3e:
40:0a:34:73:ca:05:5e:06:0e:cc:73:64:82:30:26:
0d:41:8d:c3:a2:ef:3b:3e:4c:a3:71:c9:a5:53:77:
31:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:07:29:34:AA:EA:37:10:46:A0:44:CA:7E:B7:35:49:3D:B9:F9:9D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/11E99324A0DE11EFA14BA66C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a1:3c:6a:ff:e6:b5:b3:59:dd:04:48:bb:b3:cb:ed:3a:34:
6d:60:1c:84:ac:7e:36:52:2e:48:86:cf:a9:40:f4:c8:5d:cb:
f9:18:fd:fa:d7:13:33:35:1d:ef:05:be:95:f0:c3:1d:d6:f0:
17:fd:29:db:95:ff:c8:2f:43:62:ca:1b:b6:0e:19:8d:ed:bf:
51:e6:f4:1f:c9:be:39:32:1b:66:b1:da:81:b9:e3:1e:9c:a8:
d2:93:d2:49:e0:18:13:cd:69:3f:10:42:4d:4a:82:1d:a1:79:
e7:ad:ed:49:6e:76:2b:b4:72:8d:44:d6:db:d5:f5:ef:68:66:
63:06:74:1f:be:d8:d2:ba:1b:65:7b:5b:49:d1:77:c7:4c:1d:
96:45:c4:5b:8d:b0:70:94:74:55:97:6f:7f:5c:35:99:07:13:
23:9f:b7:e7:c2:b0:82:51:02:5c:54:60:9f:4b:88:42:18:c4:
09:54:28:29:0f:4e:52:18:1f:ee:3e:e4:ad:42:c7:d7:2a:c7:
00:f8:7b:13:f3:fd:35:20:98:53:0c:5e:74:d7:fc:7f:0c:90:
26:d9:ce:89:84:8d:27:4d:15:d9:8f:e0:97:07:0b:3f:fb:5a:
54:40:4a:b8:ea:1f:3c:e7:ee:fa:71:c8:97:8f:8e:38:51:dc:
89:13:1f:34
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANGVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEyMTAwODI4WhcNMjQxMTIyMTAwODI4WjAYMRYw
FAYDVQQDEw02NzMzMjkxZi1kMTY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3Czx5AclvqBlkj4/y3EjkXXewh9nFcHoR2XykGfD9OBogoZnShmiDPsF
H+TK78s9dWhk7eEsOfIqilNhqkz3WQlECoEC6pafAGfU23RZ3KMOOqVib6gmsT1h
sCRl4JlHCX4LrOuFPcrTLAldskkV3HI53mWXabK46kWOzV3PkB1YRYEmwcWdHEDE
bXZ1vDxG3YGHRFiornH5Us8CMlvvAglM1OokO9B99NLPy3IoYXw21lZQjJVZBePU
BQ+DmzGOFEHmECPi1brAfhH6hDlXUlKhSlLX+6u6kHem1vQugj5ACjRzygVeBg7M
c2SCMCYNQY3Dou87PkyjccmlU3cxrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOkH
KTSq6jcQRqBEyn63NUk9ufmdMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMUU5OTMyNEEwREUxMUVGQTE0QkE2NkM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOhoMA0GCSqGSIb3DQEBCwUA
A4IBAQAhoTxq/+a1s1ndBEi7s8vtOjRtYByErH42Ui5Ihs+pQPTIXcv5GP361xMz
NR3vBb6V8MMd1vAX/Snblf/IL0Niyhu2DhmN7b9R5vQfyb45MhtmsdqBueMenKjS
k9JJ4BgTzWk/EEJNSoIdoXnnre1JbnYrtHKNRNbb1fXvaGZjBnQfvtjSuhtle1tJ
0XfHTB2WRcRbjbBwlHRVl29/XDWZBxMjn7fnwrCCUQJcVGCfS4hCGMQJVCgpD05S
GB/uPuStQsfXKscA+HsT8/01IJhTDF501/x/DJAm2c6JhI0nTRXZj+CXBws/+1pU
QEq46h885+76cciXj444UdyJEx80
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org