Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/413CAD36CCEA11EF9BF783A0762E951A.roa
File: 413CAD36CCEA11EF9BF783A0762E951A.roa (raw, json)
Hash identifier: gsBTHDSpYCsx7o5v+01AMbR80eVOddO3e2DhfPmwv38=
Subject key identifier: 19:F0:A8:8F:B5:1B:0B:68:8C:F6:DA:AE:CA:12:4F:C6:46:77:7E:0B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FBF3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/413CAD36CCEA11EF9BF783A0762E951A.roa
Signing time: Tue 07 Jan 2025 11:26:36 +0000
ROA not before: Tue 07 Jan 2025 11:26:32 +0000
ROA not after: Mon 13 Dec 2027 11:26:32 +0000
asID: 17561
IP address blocks: 156.236.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64499 (0xfbf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 11:26:32 2025 GMT
Not After : Dec 13 11:26:32 2027 GMT
Subject: CN=677d0f6c-7adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1c:14:b3:17:fb:73:24:f9:2a:db:6f:2c:53:
02:8c:94:33:c2:c5:3a:4c:a6:cc:9a:3f:d2:a6:4e:
98:9e:06:4b:c2:c2:01:02:95:0e:85:a1:e7:cf:eb:
7a:e0:4a:d4:63:72:d7:a0:e2:b0:be:0c:ab:5e:a1:
f9:3b:11:81:47:97:d0:02:57:df:7f:28:9f:60:17:
72:55:3e:f2:fe:e9:d1:65:27:63:5b:a7:48:b7:65:
45:3e:56:2b:7e:a0:3a:5b:ae:b4:e1:d1:22:42:38:
75:48:42:c3:14:f3:fc:25:a9:1d:6f:ab:03:b2:57:
2a:00:ac:7a:a2:43:84:6a:de:fd:82:88:bc:3f:21:
06:64:96:c9:6f:c2:59:8f:bd:c4:ac:ae:c0:a4:fa:
19:75:70:15:ba:40:e1:24:e9:c1:19:2c:7a:55:1f:
fc:e4:d5:6d:7f:07:c5:a3:df:7c:ef:ac:78:17:83:
00:b5:86:3a:5e:d5:c3:34:0d:aa:fd:63:b2:7f:10:
04:b2:01:5e:4d:6d:29:38:25:f5:b4:7e:b0:9a:ca:
d8:8f:af:6a:7d:13:57:cb:c1:23:52:9b:d1:4c:f2:
0d:78:e2:be:01:3d:eb:e6:cc:41:91:3e:27:a0:9c:
49:c0:54:af:07:19:f6:10:2a:ad:bb:62:da:7e:0e:
9c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F0:A8:8F:B5:1B:0B:68:8C:F6:DA:AE:CA:12:4F:C6:46:77:7E:0B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/413CAD36CCEA11EF9BF783A0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.4.0/24
Signature Algorithm: sha256WithRSAEncryption
60:38:ea:62:cb:65:0c:b3:49:9f:26:8b:13:1f:e0:61:76:fe:
8b:ae:dd:10:e1:e8:dd:a8:1c:d0:19:48:2d:f0:0e:9e:8c:4b:
69:3a:3f:33:a4:ee:da:5e:d3:1e:4a:2b:b4:5d:11:ca:35:ea:
fb:42:a4:b6:7f:b4:f3:67:5f:12:d8:d6:f1:59:e3:36:bc:8f:
77:72:12:0e:54:5a:c9:97:9f:9b:cf:c5:6f:98:50:98:5a:67:
fd:f5:8f:81:2c:08:38:20:08:ab:cc:d1:f7:74:f2:bd:6c:57:
60:d8:b5:1c:22:66:bf:f3:c8:6b:8f:76:c6:08:33:fd:70:28:
0c:69:9b:25:91:69:8a:46:e3:19:c5:f6:8e:f6:48:4b:3d:0c:
8b:61:d3:a7:5c:b5:7c:3d:34:45:69:30:e0:94:b5:9d:9d:88:
cd:78:45:f4:7f:79:83:9e:03:6a:81:48:81:58:30:75:e4:95:
b4:d3:e2:e9:de:3c:02:d8:54:cf:4c:0b:be:8c:8e:2b:9b:13:
20:92:97:a2:42:4d:6a:78:b6:a3:c6:e5:c2:5c:4d:28:ba:d1:
ff:54:4d:c9:85:2d:c9:c8:30:7f:c8:d0:3e:f7:e4:3f:c6:96:
dc:68:45:6e:83:71:e4:69:cd:16:ae:16:d0:89:2e:be:41:0c:
b4:86:16:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPvzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTEyNjMyWhcNMjcxMjEzMTEyNjMyWjAYMRYw
FAYDVQQDEw02NzdkMGY2Yy03YWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3RwUsxf7cyT5KttvLFMCjJQzwsU6TKbMmj/Spk6YngZLwsIBApUOhaHn
z+t64ErUY3LXoOKwvgyrXqH5OxGBR5fQAlfffyifYBdyVT7y/unRZSdjW6dIt2VF
PlYrfqA6W6604dEiQjh1SELDFPP8Jakdb6sDslcqAKx6okOEat79goi8PyEGZJbJ
b8JZj73ErK7ApPoZdXAVukDhJOnBGSx6VR/85NVtfwfFo99876x4F4MAtYY6XtXD
NA2q/WOyfxAEsgFeTW0pOCX1tH6wmsrYj69qfRNXy8EjUpvRTPINeOK+AT3r5sxB
kT4noJxJwFSvBxn2ECqtu2Lafg6cGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBnw
qI+1GwtojPbarsoST8ZGd34LMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80MTNDQUQzNkNDRUExMUVGOUJGNzgzQTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwEMA0GCSqGSIb3DQEBCwUA
A4IBAQBgOOpiy2UMs0mfJosTH+Bhdv6Lrt0Q4ejdqBzQGUgt8A6ejEtpOj8zpO7a
XtMeSiu0XRHKNer7QqS2f7TzZ18S2NbxWeM2vI93chIOVFrJl5+bz8VvmFCYWmf9
9Y+BLAg4IAirzNH3dPK9bFdg2LUcIma/88hrj3bGCDP9cCgMaZslkWmKRuMZxfaO
9khLPQyLYdOnXLV8PTRFaTDglLWdnYjNeEX0f3mDngNqgUiBWDB15JW00+Lp3jwC
2FTPTAu+jI4rmxMgkpeiQk1qeLajxuXCXE0outH/VE3JhS3JyDB/yNA+9+Q/xpbc
aEVug3Hkac0WrhbQiS6+QQy0hhbc
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:42:23 2025 by rpki-client