Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13923C56A44B11EFAE8EBDA2762E951A.roa
File: 13923C56A44B11EFAE8EBDA2762E951A.roa (raw, json)
Hash identifier: 6neNZGzYx46u7OrcRL4zZVX3unqsGNmit1K9/6iFIfg=
Subject key identifier: 68:2A:AB:95:FE:D3:80:D4:22:70:79:B5:55:5C:F6:6D:23:00:1C:7B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D3AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13923C56A44B11EFAE8EBDA2762E951A.roa
Signing time: Sat 16 Nov 2024 18:46:23 +0000
ROA not before: Sat 16 Nov 2024 18:46:19 +0000
ROA not after: Mon 25 Nov 2024 18:46:19 +0000
asID: 399989
IP address blocks: 156.238.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54190 (0xd3ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 16 18:46:19 2024 GMT
Not After : Nov 25 18:46:19 2024 GMT
Subject: CN=6738e87f-e066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:43:4d:cc:e6:3c:0b:3f:a0:db:7c:3c:9f:
47:fe:fb:69:85:05:9d:f1:02:31:2e:1a:0d:50:79:
ba:7b:bc:6a:c8:06:0d:05:46:9c:e9:24:71:3e:c4:
16:4a:3e:12:a2:3f:d4:6b:3e:ff:04:90:26:4e:00:
ed:1b:7a:2a:cd:37:4c:f0:c5:76:e4:1e:0e:d5:9a:
40:12:a3:4b:6e:45:86:2e:ed:08:95:25:e3:8b:af:
ef:c4:e7:d7:bc:fb:ec:24:87:49:f2:3e:9f:68:01:
e4:a9:58:bd:eb:82:f2:b6:f7:4c:3e:e1:12:df:85:
73:d9:ed:fe:28:7d:8c:57:5b:fa:c6:1a:45:8d:5c:
27:4c:4c:db:f7:58:36:c9:27:0f:a1:f0:a2:4a:fb:
7d:6e:62:74:8c:ba:f4:5c:fa:39:17:34:59:94:7b:
2a:aa:dd:75:37:7a:7b:06:50:a1:ff:36:a1:50:bb:
c1:66:6d:0d:82:90:49:af:05:cd:c5:07:75:e0:59:
44:71:fa:6f:c0:68:2c:0b:84:a4:96:04:fa:51:b5:
7a:05:69:67:7d:8f:25:64:b0:44:ea:e0:0c:11:0d:
7e:d0:b2:55:f2:52:dc:58:92:70:90:a4:a7:2d:12:
c9:26:c6:01:0a:f0:f3:bf:14:30:09:95:b2:7e:84:
10:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2A:AB:95:FE:D3:80:D4:22:70:79:B5:55:5C:F6:6D:23:00:1C:7B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13923C56A44B11EFAE8EBDA2762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.176.0/22
Signature Algorithm: sha256WithRSAEncryption
13:6f:fe:94:56:67:ff:45:e7:7e:9d:61:e8:37:4f:17:b2:7d:
0b:6a:13:02:17:3c:54:1e:ba:68:a1:37:0e:51:2e:fc:d2:5f:
19:4c:a6:c7:33:19:e2:47:71:36:f8:98:81:da:83:7e:86:b4:
0b:d9:72:3a:c9:79:84:f2:1e:e6:aa:51:ac:00:e1:10:0d:14:
84:1d:af:4c:81:d5:8a:b3:e7:c2:9d:f7:05:f1:4e:dc:49:4e:
bc:82:b5:af:b4:7c:7e:f1:8d:7a:1c:cb:dc:bf:2a:52:be:f1:
b2:81:cd:21:35:2b:c1:1a:18:84:65:01:cb:a0:03:1d:4e:e6:
9c:a4:1c:e7:03:48:15:ee:05:04:c6:9e:fa:e5:4a:32:c2:0b:
84:b8:66:89:35:79:66:93:19:b2:ca:e8:b4:80:b2:81:a9:cf:
0d:08:13:c3:92:03:16:91:96:ff:a4:8c:3e:21:d1:d2:67:a8:
20:22:38:8b:3c:b3:1b:13:96:c8:ed:71:d4:be:60:6b:81:39:
28:58:62:30:c3:a4:98:f6:bd:1f:32:49:83:26:ea:8b:6d:92:
da:06:ed:73:f8:1a:3a:70:26:af:15:55:a4:94:6c:5e:32:58:
4d:d5:23:05:32:3b:4a:06:87:81:13:dd:6b:ab:85:f7:6b:49:
f2:69:5a:96
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANOuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE2MTg0NjE5WhcNMjQxMTI1MTg0NjE5WjAYMRYw
FAYDVQQDEw02NzM4ZTg3Zi1lMDY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtUtDTczmPAs/oNt8PJ9H/vtphQWd8QIxLhoNUHm6e7xqyAYNBUac6SRx
PsQWSj4Soj/Uaz7/BJAmTgDtG3oqzTdM8MV25B4O1ZpAEqNLbkWGLu0IlSXji6/v
xOfXvPvsJIdJ8j6faAHkqVi964LytvdMPuES34Vz2e3+KH2MV1v6xhpFjVwnTEzb
91g2yScPofCiSvt9bmJ0jLr0XPo5FzRZlHsqqt11N3p7BlCh/zahULvBZm0NgpBJ
rwXNxQd14FlEcfpvwGgsC4SklgT6UbV6BWlnfY8lZLBE6uAMEQ1+0LJV8lLcWJJw
kKSnLRLJJsYBCvDzvxQwCZWyfoQQiwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGgq
q5X+04DUInB5tVVc9m0jABx7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xMzkyM0M1NkE0NEIxMUVGQUU4RUJEQTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnO6wMA0GCSqGSIb3DQEBCwUA
A4IBAQATb/6UVmf/Red+nWHoN08Xsn0LahMCFzxUHrpooTcOUS780l8ZTKbHMxni
R3E2+JiB2oN+hrQL2XI6yXmE8h7mqlGsAOEQDRSEHa9MgdWKs+fCnfcF8U7cSU68
grWvtHx+8Y16HMvcvypSvvGygc0hNSvBGhiEZQHLoAMdTuacpBznA0gV7gUExp76
5UoywguEuGaJNXlmkxmyyui0gLKBqc8NCBPDkgMWkZb/pIw+IdHSZ6ggIjiLPLMb
E5bI7XHUvmBrgTkoWGIww6SY9r0fMkmDJuqLbZLaBu1z+Bo6cCavFVWklGxeMlhN
1SMFMjtKBoeBE91rq4X3a0nyaVqW
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org