Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E450A92B20A11EF92AC54B8762E951A.roa
File: 3E450A92B20A11EF92AC54B8762E951A.roa (raw, json)
Hash identifier: aBBNDYLT4u2iLvs7bfvbmnb4824PRtSCzUoDjG7xOk4=
Subject key identifier: 9D:1E:5F:FD:72:4B:F6:F8:F0:6F:A8:62:71:59:34:0C:A8:19:A0:12
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF22
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E450A92B20A11EF92AC54B8762E951A.roa
Signing time: Wed 04 Dec 2024 06:37:34 +0000
ROA not before: Wed 04 Dec 2024 06:37:30 +0000
ROA not after: Sat 12 Apr 2025 06:37:30 +0000
asID: 141167
IP address blocks: 156.254.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57122 (0xdf22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 06:37:30 2024 GMT
Not After : Apr 12 06:37:30 2025 GMT
Subject: CN=674ff8ad-e62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:38:c1:32:61:48:a8:f4:1f:2d:cd:b3:22:
b0:8f:38:fe:e6:43:27:f4:f2:6b:13:76:fe:f1:3a:
35:ff:1f:ba:db:27:93:af:b0:7a:f4:28:d5:07:22:
7f:5d:3e:00:47:c6:b3:33:54:09:ab:d6:e4:31:a4:
7d:15:c3:2d:0d:c1:44:97:0e:e6:28:fb:fe:1d:04:
6f:17:68:3a:e9:53:e3:9f:65:79:e4:02:80:ac:c9:
26:7d:a5:b2:2a:02:7f:39:87:32:92:4c:bd:2a:39:
21:46:e7:a0:0e:fa:df:8a:e3:2c:de:c7:26:d8:5c:
75:de:eb:79:f3:86:8a:8a:e4:aa:b4:f6:b5:49:25:
cf:82:48:14:d6:73:9d:55:95:33:7d:62:68:8b:02:
ca:a9:03:64:fd:c9:2b:da:3d:cf:93:d3:a7:fa:d2:
9d:0b:95:3f:ec:b5:47:b6:d4:02:73:0d:fc:1e:aa:
d0:eb:ca:09:09:aa:1e:a2:9c:d3:c6:d4:79:18:61:
9d:f8:f3:8d:ea:4d:92:17:37:26:05:b0:db:21:07:
1f:84:49:76:22:f7:07:41:2a:44:2c:86:f8:29:0d:
ee:8b:aa:12:70:16:08:49:35:3a:e7:9e:e2:ee:66:
0d:a7:bd:e6:a5:dc:a0:de:f4:ac:ab:b5:39:87:6e:
4e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:1E:5F:FD:72:4B:F6:F8:F0:6F:A8:62:71:59:34:0C:A8:19:A0:12
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3E450A92B20A11EF92AC54B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.124.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:64:40:95:f5:18:1f:72:60:e2:b9:bd:b5:b6:66:7c:aa:75:
f3:44:87:45:37:fb:15:c7:ad:4a:e7:73:56:08:b9:97:dc:e9:
ef:a3:20:d4:1d:58:01:e6:3a:70:8e:7f:01:b5:36:04:00:42:
c7:c8:12:dd:78:b3:c3:4f:a3:4d:b1:eb:a7:f3:e0:64:11:28:
68:1c:a7:ec:4e:29:b2:f5:bf:88:2a:95:2c:90:b4:80:8f:ba:
a0:a5:ff:e3:d6:0e:d4:f8:12:80:8d:ed:9b:21:2c:6a:df:59:
b0:d3:b1:20:7e:79:5d:10:e2:87:1c:de:19:f2:a9:72:30:7b:
d5:4e:4b:6a:b0:c9:eb:35:83:c4:13:fc:9f:8d:b3:78:fb:d1:
e6:0b:87:2e:49:6f:a3:23:c9:35:09:f7:b2:72:e0:a4:6f:22:
dd:b9:a0:61:d7:dd:cd:2b:02:eb:f4:9f:c3:06:7b:fb:83:0e:
19:33:b3:2f:35:69:7a:b7:80:2a:89:e9:83:d7:0f:46:cf:ed:
7f:f7:28:c2:3f:2f:4f:d8:c1:05:1f:ca:0f:60:b3:1e:ac:96:
22:6b:46:8c:26:c4:d2:49:2c:0c:d7:85:48:65:fa:b7:84:da:
6b:37:a1:99:8b:f8:f6:34:d3:d9:53:4e:70:b8:dd:50:6d:da:
4b:59:75:4e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN8iMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MDYzNzMwWhcNMjUwNDEyMDYzNzMwWjAYMRYw
FAYDVQQDEw02NzRmZjhhZC1lNjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvfA4wTJhSKj0Hy3NsyKwjzj+5kMn9PJrE3b+8To1/x+62yeTr7B69CjV
ByJ/XT4AR8azM1QJq9bkMaR9FcMtDcFElw7mKPv+HQRvF2g66VPjn2V55AKArMkm
faWyKgJ/OYcykky9KjkhRuegDvrfiuMs3scm2Fx13ut584aKiuSqtPa1SSXPgkgU
1nOdVZUzfWJoiwLKqQNk/ckr2j3Pk9On+tKdC5U/7LVHttQCcw38HqrQ68oJCaoe
opzTxtR5GGGd+PON6k2SFzcmBbDbIQcfhEl2IvcHQSpELIb4KQ3ui6oScBYISTU6
557i7mYNp73mpdyg3vSsq7U5h25OMwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJ0e
X/1yS/b48G+oYnFZNAyoGaASMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRTQ1MEE5MkIyMEExMUVGOTJBQzU0Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP58MA0GCSqGSIb3DQEBCwUA
A4IBAQC3ZECV9RgfcmDiub21tmZ8qnXzRIdFN/sVx61K53NWCLmX3OnvoyDUHVgB
5jpwjn8BtTYEAELHyBLdeLPDT6NNseun8+BkEShoHKfsTimy9b+IKpUskLSAj7qg
pf/j1g7U+BKAje2bISxq31mw07EgfnldEOKHHN4Z8qlyMHvVTktqsMnrNYPEE/yf
jbN4+9HmC4cuSW+jI8k1CfeycuCkbyLduaBh193NKwLr9J/DBnv7gw4ZM7MvNWl6
t4AqiemD1w9Gz+1/9yjCPy9P2MEFH8oPYLMerJYia0aMJsTSSSwM14VIZfq3hNpr
N6GZi/j2NNPZU05wuN1QbdpLWXVO
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:39:17 2025 by rpki-client