Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F2E90649B8911EFA01B915A762E951A.roa
File: 3F2E90649B8911EFA01B915A762E951A.roa (raw, json)
Hash identifier: UkKug3ndm4gewqoEGwYSHsVZD6BysRol0FQeKJ2a36U=
Subject key identifier: 86:7E:CB:94:2A:2B:B6:4F:22:F6:E6:3E:78:B9:42:AB:D2:87:A9:FD
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CED1
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F2E90649B8911EFA01B915A762E951A.roa
Signing time: Tue 05 Nov 2024 15:18:44 +0000
ROA not before: Tue 05 Nov 2024 15:18:41 +0000
ROA not after: Wed 04 Dec 2024 15:18:41 +0000
asID: 200373
IP address blocks: 156.240.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52945 (0xced1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 15:18:41 2024 GMT
Not After : Dec 4 15:18:41 2024 GMT
Subject: CN=672a3754-3e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:12:69:cc:e8:f6:e6:fb:fe:76:3e:af:27:f2:
a9:9a:f1:c4:b1:05:e9:d7:77:78:f2:69:7d:83:c1:
65:db:17:ba:ed:05:2d:b1:54:0a:8c:85:f5:7f:f1:
97:13:96:8f:6d:95:b1:d5:9b:ba:41:58:43:2a:c0:
ad:c3:9f:78:be:6c:c6:68:1a:65:44:0b:5c:e2:01:
f8:e8:31:83:5e:14:e6:eb:75:6f:e4:9d:67:28:67:
3a:cd:32:7f:ff:77:55:90:12:df:4c:72:23:c2:cb:
b9:44:cc:c3:1b:62:b8:df:c5:98:da:ff:ee:44:2b:
d9:71:68:e0:75:e9:3b:a4:f2:88:2c:5f:1e:4c:23:
b6:b9:55:79:e4:38:5d:54:66:37:65:dd:f2:79:12:
87:2e:2a:19:70:6f:de:15:d1:53:26:5e:cd:e9:b0:
04:29:33:dc:36:12:fd:dc:66:cf:f5:ed:20:67:bb:
ae:a3:07:46:8a:be:de:28:b5:0d:1e:62:40:fb:16:
35:63:7f:10:09:8d:1e:01:a2:92:94:8a:aa:d1:e7:
bb:c1:6f:c9:f2:59:b1:fe:23:0a:25:80:a1:ff:6b:
70:65:6a:f2:2a:e1:4d:63:2b:cc:2b:44:45:91:11:
8c:9f:7e:2e:80:60:be:8c:00:7a:70:d4:54:69:57:
78:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7E:CB:94:2A:2B:B6:4F:22:F6:E6:3E:78:B9:42:AB:D2:87:A9:FD
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3F2E90649B8911EFA01B915A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.99.0/24
Signature Algorithm: sha256WithRSAEncryption
43:99:f5:a2:fd:6f:21:9f:6d:15:1e:33:ff:42:2f:0c:be:79:
8f:87:82:c5:dc:b7:49:32:cc:64:3a:1f:95:90:7c:b9:66:b0:
0c:72:04:a9:e2:73:a9:59:7c:38:ad:dc:43:a4:12:f2:8c:62:
4f:9f:68:81:93:7b:35:97:83:af:48:d7:8d:f7:b9:63:f7:ec:
c2:33:d7:11:3c:ef:cf:eb:93:4f:3c:1d:a0:69:8c:68:68:cf:
11:76:a4:f0:53:d4:41:65:87:8c:1b:6f:55:0c:06:bf:a7:0d:
bc:3a:80:c8:6b:88:0c:17:56:ef:9a:ce:5e:2a:58:f4:93:3a:
19:95:3d:ca:1d:a8:ff:ec:8c:d2:ed:73:56:31:8c:9c:c2:a9:
67:33:cf:b9:dc:54:c5:dd:6c:d9:d5:71:50:84:e5:90:13:92:
1b:bc:88:3b:9c:ac:08:50:f4:25:47:42:cf:2f:bb:e3:88:df:
74:30:b2:e2:cb:c0:7d:18:0e:24:84:a8:90:1d:a7:3f:58:bf:
c2:62:d2:72:df:f5:12:01:3a:2b:75:1b:92:60:76:44:ad:28:
80:4d:96:4d:29:d8:c4:3d:40:03:93:15:73:e9:93:f9:4c:63:
b3:c4:25:42:2f:08:e3:0f:4f:a0:62:63:30:b8:4b:91:fa:3d:
c2:b1:6b:6e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM7RMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTUxODQxWhcNMjQxMjA0MTUxODQxWjAYMRYw
FAYDVQQDEw02NzJhMzc1NC0zZTk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuxJpzOj25vv+dj6vJ/KpmvHEsQXp13d48ml9g8Fl2xe67QUtsVQKjIX1
f/GXE5aPbZWx1Zu6QVhDKsCtw594vmzGaBplRAtc4gH46DGDXhTm63Vv5J1nKGc6
zTJ//3dVkBLfTHIjwsu5RMzDG2K438WY2v/uRCvZcWjgdek7pPKILF8eTCO2uVV5
5DhdVGY3Zd3yeRKHLioZcG/eFdFTJl7N6bAEKTPcNhL93GbP9e0gZ7uuowdGir7e
KLUNHmJA+xY1Y38QCY0eAaKSlIqq0ee7wW/J8lmx/iMKJYCh/2twZWryKuFNYyvM
K0RFkRGMn34ugGC+jAB6cNRUaVd4lwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFIZ+
y5QqK7ZPIvbmPni5QqvSh6n9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zRjJFOTA2NDlCODkxMUVGQTAxQjkxNUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPBjMA0GCSqGSIb3DQEBCwUA
A4IBAQBDmfWi/W8hn20VHjP/Qi8MvnmPh4LF3LdJMsxkOh+VkHy5ZrAMcgSp4nOp
WXw4rdxDpBLyjGJPn2iBk3s1l4OvSNeN97lj9+zCM9cRPO/P65NPPB2gaYxoaM8R
dqTwU9RBZYeMG29VDAa/pw28OoDIa4gMF1bvms5eKlj0kzoZlT3KHaj/7IzS7XNW
MYycwqlnM8+53FTF3WzZ1XFQhOWQE5IbvIg7nKwIUPQlR0LPL7vjiN90MLLiy8B9
GA4khKiQHac/WL/CYtJy3/USATordRuSYHZErSiATZZNKdjEPUADkxVz6ZP5TGOz
xCVCLwjjD0+gYmMwuEuR+j3CsWtu
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:27 2024 by rpki-client on console-ams.rpki-client.org