Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F54CECA4BF11EF95F88187762E951A.roa
File: 12F54CECA4BF11EF95F88187762E951A.roa (raw, json)
Hash identifier: vegobbI3828XOiPjxg/KOxFeuC+oZgWNzy5lnRly9xM=
Subject key identifier: 07:D5:11:26:BC:E7:AF:8F:FB:18:68:9C:D3:49:AC:30:03:4B:B2:44
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D46B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F54CECA4BF11EF95F88187762E951A.roa
Signing time: Sun 17 Nov 2024 08:36:43 +0000
ROA not before: Sun 17 Nov 2024 08:36:40 +0000
ROA not after: Wed 19 Nov 2025 08:36:40 +0000
asID: 136744
IP address blocks: 156.235.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54379 (0xd46b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 17 08:36:40 2024 GMT
Not After : Nov 19 08:36:40 2025 GMT
Subject: CN=6739ab1b-310b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:17:92:e4:1d:4c:4b:5e:b5:3f:91:4f:60:40:
6e:c7:a9:dd:5b:f2:9f:60:d1:c8:13:72:65:1a:ba:
80:d6:d6:3c:2c:23:fa:27:b9:58:73:4c:ae:b4:13:
d9:c5:86:f1:e6:63:8c:e9:f4:33:42:61:01:c3:fe:
ca:0b:6f:83:af:8f:1e:1c:27:5c:d2:1c:61:53:3f:
37:e0:fc:94:9b:43:3a:5e:bd:6d:a7:35:52:7f:9e:
00:0e:2c:63:39:87:fc:bc:01:3b:4c:6f:48:4b:5a:
a4:00:54:d0:28:4d:d6:6f:89:69:b7:9c:8a:d5:d7:
f4:68:6d:8f:fd:93:d6:2a:1e:02:82:7c:8e:67:37:
85:e4:e5:1b:e2:6f:65:d8:ad:75:31:d7:84:30:73:
d4:6b:a5:33:db:fb:c0:c5:75:64:44:7f:65:bd:c8:
85:07:10:38:4d:ca:60:ca:a5:9d:31:16:80:b8:64:
c7:98:e1:c5:31:b0:10:72:52:67:bb:5f:04:c0:78:
13:b7:87:f0:94:ca:86:1f:a7:ed:5c:88:54:63:ca:
ee:87:23:1c:c3:27:a0:e6:39:ef:3c:4c:ea:3c:41:
a1:0f:c4:69:c5:75:a8:f5:6e:e8:78:05:42:44:9b:
a3:88:f2:4b:bf:47:1d:4d:95:f7:97:7e:2c:9e:e2:
35:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D5:11:26:BC:E7:AF:8F:FB:18:68:9C:D3:49:AC:30:03:4B:B2:44
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/12F54CECA4BF11EF95F88187762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.28.0/23
Signature Algorithm: sha256WithRSAEncryption
50:3b:db:88:98:39:47:96:a8:50:29:91:dc:86:0c:58:46:65:
ff:e8:d6:14:62:7c:ff:bc:04:b6:5b:5f:ac:5f:dc:75:d9:4c:
fc:d2:3f:42:a6:ca:e6:4c:fe:6e:da:41:27:bf:20:db:02:ce:
19:f2:00:5b:51:db:99:34:30:38:94:f8:60:ee:1f:0b:70:a3:
70:14:0b:20:66:60:d1:e8:b2:32:a3:4e:d4:a2:a4:fc:68:6a:
c8:4a:4b:1a:49:4c:cc:4a:bb:db:c9:c7:64:fb:02:bf:66:6e:
7d:f4:57:94:9b:5f:fc:d6:03:af:18:89:99:cd:a6:f3:d8:4b:
5b:5a:84:9b:f6:6f:67:cc:30:ef:9e:cb:45:ce:d8:82:88:ee:
c4:80:b4:ed:6e:ff:d2:f2:10:a0:24:fe:97:8f:46:c0:5b:9f:
f8:d0:71:a9:8b:78:4b:17:f0:cc:75:95:a9:46:2d:76:7d:fd:
e0:33:28:42:88:6b:be:a3:d7:da:b9:aa:90:4e:2d:6e:c4:e2:
45:a4:76:f8:c2:a1:b9:3d:d9:1b:29:9c:a9:9d:ee:d7:e5:9e:
ef:e3:ac:96:4b:cc:f3:88:61:3e:ae:b7:90:54:22:2c:b8:d3:
c1:e3:e1:29:b3:5a:37:8e:8b:aa:ff:b7:1a:e1:66:66:3e:75:
ae:bc:fa:cd
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANRrMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE3MDgzNjQwWhcNMjUxMTE5MDgzNjQwWjAYMRYw
FAYDVQQDEw02NzM5YWIxYi0zMTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5xeS5B1MS161P5FPYEBux6ndW/KfYNHIE3JlGrqA1tY8LCP6J7lYc0yu
tBPZxYbx5mOM6fQzQmEBw/7KC2+Dr48eHCdc0hxhUz834PyUm0M6Xr1tpzVSf54A
DixjOYf8vAE7TG9IS1qkAFTQKE3Wb4lpt5yK1df0aG2P/ZPWKh4CgnyOZzeF5OUb
4m9l2K11MdeEMHPUa6Uz2/vAxXVkRH9lvciFBxA4TcpgyqWdMRaAuGTHmOHFMbAQ
clJnu18EwHgTt4fwlMqGH6ftXIhUY8ruhyMcwyeg5jnvPEzqPEGhD8RpxXWo9W7o
eAVCRJujiPJLv0cdTZX3l34snuI1TwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAfV
ESa856+P+xhonNNJrDADS7JEMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMkY1NENFQ0E0QkYxMUVGOTVGODgxODc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOscMA0GCSqGSIb3DQEBCwUA
A4IBAQBQO9uImDlHlqhQKZHchgxYRmX/6NYUYnz/vAS2W1+sX9x12Uz80j9Cpsrm
TP5u2kEnvyDbAs4Z8gBbUduZNDA4lPhg7h8LcKNwFAsgZmDR6LIyo07UoqT8aGrI
SksaSUzMSrvbycdk+wK/Zm599FeUm1/81gOvGImZzabz2EtbWoSb9m9nzDDvnstF
ztiCiO7EgLTtbv/S8hCgJP6Xj0bAW5/40HGpi3hLF/DMdZWpRi12ff3gMyhCiGu+
o9fauaqQTi1uxOJFpHb4wqG5PdkbKZypne7X5Z7v46yWS8zziGE+rreQVCIsuNPB
4+Eps1o3jouq/7ca4WZmPnWuvPrN
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org