Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/132FEA7E9B8611EFA74B5147762E951A.roa
File: 132FEA7E9B8611EFA74B5147762E951A.roa (raw, json)
Hash identifier: t5Zd+vKAY+PXrGpFciTuIV4LW0t6+W6bYM5OFecN2Tc=
Subject key identifier: 71:5F:0F:C4:99:DD:6F:46:F8:8C:BB:33:C9:C7:87:FA:C9:F1:4F:6C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CEB7
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/132FEA7E9B8611EFA74B5147762E951A.roa
Signing time: Tue 05 Nov 2024 14:56:02 +0000
ROA not before: Tue 05 Nov 2024 14:55:59 +0000
ROA not after: Wed 04 Dec 2024 14:55:59 +0000
asID: 32708
IP address blocks: 156.236.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52919 (0xceb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 14:55:59 2024 GMT
Not After : Dec 4 14:55:59 2024 GMT
Subject: CN=672a3202-6840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:dc:25:ec:5d:3e:e3:43:59:5f:f4:f9:57:c7:
7f:53:78:ee:7b:5a:a0:32:0b:4e:40:76:fb:66:d3:
b8:e2:09:fe:de:d4:62:74:cd:9e:6b:51:bc:e0:09:
04:e9:14:7f:50:bc:46:ac:5c:04:df:ed:05:b2:8a:
4d:2a:71:28:4b:ac:1e:04:fa:5c:69:f0:2a:50:46:
52:ab:65:29:0d:f1:0b:b5:d2:66:33:e8:04:45:20:
d7:ed:97:70:a1:2a:fe:db:43:b9:59:30:ba:b9:cc:
10:bb:74:96:45:8b:3a:fe:af:39:0e:6a:9c:d3:87:
3a:51:d2:ef:87:6e:07:b0:60:7b:c4:1e:a2:a0:9a:
fc:a3:6a:ed:11:b2:5e:88:f4:0a:c3:3a:c6:3f:36:
1f:45:1b:49:81:a7:c9:3c:c5:6a:cd:fe:f4:9e:37:
fd:13:fa:6b:33:38:a9:fd:62:dd:17:70:b1:22:52:
f9:21:7a:17:0a:6e:2b:5d:a5:2b:49:0e:b3:a1:13:
ee:06:b5:7c:76:3c:e1:c0:d7:b8:12:ef:18:bd:8c:
fb:9f:ee:2c:ab:ec:7d:38:d7:ef:e2:a0:d5:b8:aa:
ae:b8:59:a8:20:a8:52:aa:fc:fa:3d:52:63:7f:26:
6b:16:4b:55:62:e0:13:87:57:bf:7b:a0:6f:42:7e:
f8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:5F:0F:C4:99:DD:6F:46:F8:8C:BB:33:C9:C7:87:FA:C9:F1:4F:6C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/132FEA7E9B8611EFA74B5147762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.43.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:32:9d:8f:1e:a0:d3:af:16:c5:a2:83:98:31:d7:50:80:f4:
c9:f8:0c:bf:29:59:b7:f4:9b:1f:a9:6b:ba:13:87:2d:1d:02:
2e:6f:77:4d:be:a9:62:ca:01:66:f2:b6:4d:4f:49:84:2a:5c:
cd:8a:81:ec:a4:7e:1a:91:76:04:b0:e0:87:cf:79:a9:43:b6:
a8:7f:2b:5b:9a:1a:33:35:f5:a4:a5:7e:dd:fc:17:83:fb:b7:
9d:fd:16:df:d4:8c:4d:2f:bf:63:90:f8:3a:a2:be:11:aa:1a:
b9:fb:50:6f:a8:b0:a7:1b:6a:4d:3c:e3:d4:37:25:ac:c6:cd:
d7:bd:ae:7f:57:1b:fd:1f:8b:4c:d8:1d:78:86:73:88:4c:10:
8c:59:22:7a:ea:7a:a6:b6:1c:15:22:4e:bd:b1:05:55:c2:0e:
46:99:5f:8a:9e:b9:b3:c5:3b:35:a8:28:3c:c7:d6:60:6a:ad:
e2:b3:ce:80:ee:65:83:4d:24:05:f5:6f:f0:e6:3c:ef:6d:8b:
1e:c4:74:f3:c2:c0:67:66:c6:56:17:f3:e3:67:d1:59:67:63:
a8:35:8f:47:7e:d8:90:5b:97:3d:e0:38:db:2e:d7:38:be:47:
8b:8f:0c:8f:cb:22:0f:f7:41:f6:b1:f0:ac:0d:f1:33:1c:52:
ec:5e:37:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM63MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTQ1NTU5WhcNMjQxMjA0MTQ1NTU5WjAYMRYw
FAYDVQQDEw02NzJhMzIwMi02ODQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx9wl7F0+40NZX/T5V8d/U3jue1qgMgtOQHb7ZtO44gn+3tRidM2ea1G8
4AkE6RR/ULxGrFwE3+0FsopNKnEoS6weBPpcafAqUEZSq2UpDfELtdJmM+gERSDX
7ZdwoSr+20O5WTC6ucwQu3SWRYs6/q85Dmqc04c6UdLvh24HsGB7xB6ioJr8o2rt
EbJeiPQKwzrGPzYfRRtJgafJPMVqzf70njf9E/prMzip/WLdF3CxIlL5IXoXCm4r
XaUrSQ6zoRPuBrV8djzhwNe4Eu8YvYz7n+4sq+x9ONfv4qDVuKquuFmoIKhSqvz6
PVJjfyZrFktVYuATh1e/e6BvQn745QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHFf
D8SZ3W9G+Iy7M8nHh/rJ8U9sMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzJGRUE3RTlCODYxMUVGQTc0QjUxNDc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwrMA0GCSqGSIb3DQEBCwUA
A4IBAQCgMp2PHqDTrxbFooOYMddQgPTJ+Ay/KVm39JsfqWu6E4ctHQIub3dNvqli
ygFm8rZNT0mEKlzNioHspH4akXYEsOCHz3mpQ7aofytbmhozNfWkpX7d/BeD+7ed
/Rbf1IxNL79jkPg6or4Rqhq5+1BvqLCnG2pNPOPUNyWsxs3Xva5/Vxv9H4tM2B14
hnOITBCMWSJ66nqmthwVIk69sQVVwg5GmV+KnrmzxTs1qCg8x9Zgaq3is86A7mWD
TSQF9W/w5jzvbYsexHTzwsBnZsZWF/PjZ9FZZ2OoNY9HftiQW5c94DjbLtc4vkeL
jwyPyyIP90H2sfCsDfEzHFLsXjdO
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org