Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2829E336C34411EFBBEA7651762E951A.roa
File: 2829E336C34411EFBBEA7651762E951A.roa (raw, json)
Hash identifier: xOpaCXsWFOgjw6z8nu3XOL+Ztd2Doapw1LNd528Wdk4=
Subject key identifier: DD:DB:72:09:A1:37:D0:C7:63:69:BE:55:D5:4D:E6:A2:C9:43:A3:A6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EBEF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2829E336C34411EFBBEA7651762E951A.roa
Signing time: Thu 26 Dec 2024 04:44:57 +0000
ROA not before: Thu 26 Dec 2024 04:44:53 +0000
ROA not after: Fri 10 Dec 2027 04:44:53 +0000
asID: 17561
IP address blocks: 156.244.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60399 (0xebef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 04:44:53 2024 GMT
Not After : Dec 10 04:44:53 2027 GMT
Subject: CN=676cdf49-d4be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:26:ea:3e:af:a1:b7:64:1a:35:46:a8:70:
be:25:e7:eb:0d:f2:01:a1:98:71:cc:3c:53:64:85:
38:2a:14:ca:29:b8:9d:b5:5b:86:49:11:04:04:b5:
24:2a:6f:71:b1:f3:30:2e:86:3c:ee:70:d0:90:74:
25:1b:31:0a:af:9b:72:08:c5:16:0c:64:2a:56:1b:
81:f6:cb:36:55:d1:e2:28:5f:0f:07:50:38:54:44:
54:39:7f:5f:eb:0d:3f:5a:a5:a1:81:71:a0:cd:9f:
99:ea:2e:d5:c4:a6:a2:2e:61:da:1f:f9:af:31:93:
ad:c3:e7:c2:72:4f:58:57:a1:4b:24:25:25:2f:d0:
13:be:0b:69:2a:ac:e5:90:78:c0:68:1f:a0:08:5e:
22:52:97:06:5d:44:73:ac:14:d1:4a:53:88:a5:ab:
d3:52:e7:85:2e:5a:1b:f5:ed:9f:70:8e:fc:f8:b3:
b4:e3:3c:17:cd:47:c8:64:41:fb:d5:ce:a3:71:86:
42:1d:43:21:e8:80:07:9a:df:cf:13:06:0f:a6:5c:
9b:64:53:ce:e0:43:19:85:09:3e:5d:ab:93:b3:c3:
f6:7e:8c:ef:64:29:28:a0:23:27:c0:f0:b1:c6:b1:
d7:02:fe:d6:4a:9b:1f:a9:17:bf:70:8b:ce:26:f4:
d0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DB:72:09:A1:37:D0:C7:63:69:BE:55:D5:4D:E6:A2:C9:43:A3:A6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2829E336C34411EFBBEA7651762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.243.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:2b:3e:d6:80:2f:69:c3:d9:b7:da:31:ad:b2:20:ca:0b:de:
98:07:8d:c5:21:a1:d9:d3:24:2f:ba:12:8c:50:c8:84:d7:4f:
99:80:55:74:0d:33:39:22:74:1b:ab:c6:ae:68:1e:9b:f9:69:
c6:e7:d3:17:24:34:0a:94:14:67:f0:b1:34:d7:84:d4:4a:5f:
33:50:38:15:f5:cb:e2:18:59:5f:79:47:cf:07:10:ad:6a:e8:
9b:86:3b:02:79:31:a3:80:f4:76:b7:f3:55:92:9d:14:0d:aa:
bb:f4:0d:cb:e9:d9:01:77:10:32:e5:cd:a5:e9:47:28:93:b9:
f0:65:80:0c:4e:a3:36:e8:25:24:88:10:33:b5:9e:0e:fb:b7:
6c:38:07:b5:20:a9:d7:b6:16:a1:21:1c:ef:e7:75:77:95:7d:
8c:cb:8d:82:48:b8:1d:35:b6:fa:46:84:8e:73:76:94:81:7f:
94:fa:08:10:e3:3f:9a:1f:e9:45:0c:82:de:03:c9:1d:a6:6c:
e9:b5:25:63:cf:d8:e4:b7:f6:f9:7b:71:a9:b0:de:3e:5b:9a:
07:d8:a8:23:29:39:c2:04:40:fb:a7:0c:f6:70:b8:3a:60:df:
45:fe:92:9b:d9:cd:8c:f1:d1:68:18:07:45:c2:3c:aa:23:e2:
2b:b0:4b:b8
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAOvvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MDQ0NDUzWhcNMjcxMjEwMDQ0NDUzWjAYMRYw
FAYDVQQDEw02NzZjZGY0OS1kNGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAr9om6j6vobdkGjVGqHC+JefrDfIBoZhxzDxTZIU4KhTKKbidtVuGSREE
BLUkKm9xsfMwLoY87nDQkHQlGzEKr5tyCMUWDGQqVhuB9ss2VdHiKF8PB1A4VERU
OX9f6w0/WqWhgXGgzZ+Z6i7VxKaiLmHaH/mvMZOtw+fCck9YV6FLJCUlL9ATvgtp
KqzlkHjAaB+gCF4iUpcGXURzrBTRSlOIpavTUueFLlob9e2fcI78+LO04zwXzUfI
ZEH71c6jcYZCHUMh6IAHmt/PEwYPplybZFPO4EMZhQk+XauTs8P2fozvZCkooCMn
wPCxxrHXAv7WSpsfqRe/cIvOJvTQEQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN3b
cgmhN9DHY2m+VdVN5qLJQ6OmMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yODI5RTMzNkMzNDQxMUVGQkJFQTc2NTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPTzMA0GCSqGSIb3DQEBCwUA
A4IBAQBKKz7WgC9pw9m32jGtsiDKC96YB43FIaHZ0yQvuhKMUMiE10+ZgFV0DTM5
InQbq8auaB6b+WnG59MXJDQKlBRn8LE014TUSl8zUDgV9cviGFlfeUfPBxCtauib
hjsCeTGjgPR2t/NVkp0UDaq79A3L6dkBdxAy5c2l6Ucok7nwZYAMTqM26CUkiBAz
tZ4O+7dsOAe1IKnXthahIRzv53V3lX2My42CSLgdNbb6RoSOc3aUgX+U+ggQ4z+a
H+lFDILeA8kdpmzptSVjz9jkt/b5e3GpsN4+W5oH2KgjKTnCBED7pwz2cLg6YN9F
/pKb2c2M8dFoGAdFwjyqI+IrsEu4
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:55 2025 by rpki-client