Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13EDCD2C5EEC11EFA202BC6F762E951A.roa
File: 13EDCD2C5EEC11EFA202BC6F762E951A.roa (raw, json)
Hash identifier: pq5RBzBmh8ttpRvBm56OHH5epj3WCULIKKZkraeCqWg=
Subject key identifier: A3:C0:ED:6F:10:8A:39:A8:B8:93:22:FB:1A:A8:78:70:E2:E3:D4:F7
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: A9A2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13EDCD2C5EEC11EFA202BC6F762E951A.roa
Signing time: Tue 20 Aug 2024 12:02:31 +0000
ROA not before: Tue 20 Aug 2024 12:02:28 +0000
ROA not after: Wed 27 Aug 2025 12:02:28 +0000
asID: 138995
IP address blocks: 156.245.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43426 (0xa9a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Aug 20 12:02:28 2024 GMT
Not After : Aug 27 12:02:28 2025 GMT
Subject: CN=66c485d7-0149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cc:04:8c:10:15:ad:9c:bb:db:0e:84:3e:f8:
8b:ab:8b:61:0f:32:de:24:3f:3e:1b:ec:03:3b:ee:
6f:3b:71:5a:fe:08:91:d3:93:5e:dc:a1:22:aa:92:
53:dd:36:a4:7a:3d:13:97:1f:9d:8c:f7:e7:25:bf:
e7:d9:e8:e5:a5:e4:b5:29:db:1e:77:e5:09:2b:30:
31:64:98:ad:d9:b5:2b:9c:53:81:d8:c0:ce:cb:a7:
b6:c0:af:57:75:1d:49:42:c6:2f:a1:f1:f7:d1:09:
d6:46:e6:30:29:ee:fa:dd:e2:1e:d4:20:61:b7:2c:
a9:73:25:ec:67:7e:51:9e:b3:b4:6d:4d:e2:b9:6f:
14:b0:01:a4:00:19:36:38:db:7a:2d:5d:6d:5a:61:
72:08:7c:3a:aa:a6:d2:82:99:bd:8f:42:22:02:aa:
4a:b6:7f:a4:ef:1a:90:ad:c4:9a:89:c8:f6:07:46:
17:92:66:eb:23:4e:14:12:b0:d0:0b:f5:02:0f:f6:
f2:e1:4c:d8:73:48:50:a7:55:16:3a:21:66:b6:2f:
c3:1b:54:73:e2:e4:13:9b:75:7e:48:cf:c1:7b:ea:
7c:26:54:00:61:ec:4b:2f:95:c9:c0:18:1b:a5:9f:
2e:58:61:76:84:49:02:09:70:85:5c:48:2c:dc:65:
dc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C0:ED:6F:10:8A:39:A8:B8:93:22:FB:1A:A8:78:70:E2:E3:D4:F7
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/13EDCD2C5EEC11EFA202BC6F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.17.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:93:d7:6a:5d:d8:b7:6d:b8:5e:88:80:5e:c6:95:2a:d1:21:
af:42:0d:3a:6f:b8:bb:ca:26:07:19:d8:ab:1e:b9:0e:05:d5:
12:49:64:40:46:c8:48:e8:ef:cc:34:85:f2:f1:27:db:79:46:
47:c1:fe:8a:c8:a1:cb:f7:4e:76:75:60:45:43:99:5e:54:31:
51:1d:cd:0b:9d:1f:e5:b9:e5:fe:b3:a9:2a:41:bc:16:e0:1f:
d3:2d:ba:9a:a1:4e:b7:5d:16:17:c6:dc:8f:bf:e7:9d:4c:5d:
59:52:eb:a1:ed:9d:e3:85:a5:58:81:7d:c5:6e:9c:79:f2:0d:
d6:08:f3:cf:42:70:16:8d:18:d8:62:4b:1f:41:1d:37:b0:f0:
75:2a:b4:36:0e:33:c4:5b:ef:86:a5:56:fe:75:81:87:3d:5a:
bb:6d:7e:87:ba:53:86:74:87:fa:57:c1:e0:47:04:03:05:53:
a7:83:51:a5:0b:20:24:da:15:e3:b1:38:57:14:82:15:22:3d:
33:d3:3e:3f:94:2b:08:5e:ef:bb:a2:94:09:6d:40:d3:b0:39:
e1:b6:da:6c:a7:e9:3e:8f:29:12:26:ab:00:db:10:d7:13:b4:
e8:13:28:54:36:7a:17:5d:6b:20:09:43:46:ad:cd:74:49:c4:
01:bb:c2:66
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKmiMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwODIwMTIwMjI4WhcNMjUwODI3MTIwMjI4WjAYMRYw
FAYDVQQDEw02NmM0ODVkNy0wMTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlcwEjBAVrZy72w6EPviLq4thDzLeJD8+G+wDO+5vO3Fa/giR05Ne3KEi
qpJT3Takej0Tlx+djPfnJb/n2ejlpeS1Kdsed+UJKzAxZJit2bUrnFOB2MDOy6e2
wK9XdR1JQsYvofH30QnWRuYwKe763eIe1CBhtyypcyXsZ35RnrO0bU3iuW8UsAGk
ABk2ONt6LV1tWmFyCHw6qqbSgpm9j0IiAqpKtn+k7xqQrcSaicj2B0YXkmbrI04U
ErDQC/UCD/by4UzYc0hQp1UWOiFmti/DG1Rz4uQTm3V+SM/Be+p8JlQAYexLL5XJ
wBgbpZ8uWGF2hEkCCXCFXEgs3GXcvQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKPA
7W8QijmouJMi+xqoeHDi49T3MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xM0VEQ0QyQzVFRUMxMUVGQTIwMkJDNkY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPURMA0GCSqGSIb3DQEBCwUA
A4IBAQB8k9dqXdi3bbheiIBexpUq0SGvQg06b7i7yiYHGdirHrkOBdUSSWRARshI
6O/MNIXy8SfbeUZHwf6KyKHL9052dWBFQ5leVDFRHc0LnR/lueX+s6kqQbwW4B/T
LbqaoU63XRYXxtyPv+edTF1ZUuuh7Z3jhaVYgX3Fbpx58g3WCPPPQnAWjRjYYksf
QR03sPB1KrQ2DjPEW++GpVb+dYGHPVq7bX6HulOGdIf6V8HgRwQDBVOng1GlCyAk
2hXjsThXFIIVIj0z0z4/lCsIXu+7opQJbUDTsDnhttpsp+k+jykSJqsA2xDXE7To
EyhUNnoXXWsgCUNGrc10ScQBu8Jm
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org