Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/470CED18D0C111EF85564B85762E951A.roa
File: 470CED18D0C111EF85564B85762E951A.roa (raw, json)
Hash identifier: lp81nANpxP0wgSMfmufIZZ4yKIXHka/Ae3+b7t2kwfo=
Subject key identifier: 19:4F:F2:26:B6:96:8B:94:DF:97:C3:63:FF:B9:55:B2:E9:1E:DE:B5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01063D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/470CED18D0C111EF85564B85762E951A.roa
Signing time: Sun 12 Jan 2025 08:43:21 +0000
ROA not before: Sun 12 Jan 2025 08:43:17 +0000
ROA not after: Wed 26 Feb 2025 08:43:17 +0000
asID: 149440
IP address blocks: 156.235.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67133 (0x1063d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 12 08:43:17 2025 GMT
Not After : Feb 26 08:43:17 2025 GMT
Subject: CN=678380a9-156f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:42:94:c6:95:56:fd:8e:e8:68:c7:aa:1e:
9d:3c:9b:f4:69:b1:7f:fe:b6:36:fa:23:ac:1b:3d:
03:39:0a:a3:6b:37:e3:4e:5f:47:6d:39:58:08:f2:
a7:ed:dd:af:09:c2:01:8f:45:c7:2a:cb:28:34:d5:
81:9c:1b:4e:2f:b5:1a:2b:85:cd:99:97:cb:33:8b:
1c:a3:36:c8:45:e7:24:e0:80:53:2f:62:50:90:58:
5e:a3:34:ac:5d:8a:d2:d4:b6:f4:2e:cc:da:3c:a2:
fd:4a:fb:13:2c:21:ab:46:a9:35:06:fb:37:cb:3d:
9d:e3:7d:e2:26:35:a5:e1:82:5a:55:bd:ea:e4:15:
5f:71:e6:ae:61:50:00:03:37:e5:4d:a3:c4:e8:51:
ca:7c:d1:63:22:8b:40:c3:56:7d:86:99:7e:ed:0a:
89:1e:5d:c5:f1:f7:13:b8:00:35:3f:61:9f:67:cd:
d8:74:6c:85:18:8f:6b:39:de:99:2f:60:ef:97:19:
bc:cd:01:ad:dd:60:e5:cd:8b:42:d2:87:33:98:e2:
d4:7f:9b:39:ae:61:ba:db:29:0a:8f:2b:9d:37:d2:
24:c8:77:eb:00:f6:40:09:31:32:34:35:f4:04:34:
6f:5a:01:5a:a2:3e:04:a4:bb:45:9e:46:0b:bf:a8:
ff:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:4F:F2:26:B6:96:8B:94:DF:97:C3:63:FF:B9:55:B2:E9:1E:DE:B5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/470CED18D0C111EF85564B85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.235.89.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d2:73:2c:0c:c6:17:26:89:c7:e4:9a:9a:ba:35:4c:22:c7:
83:a1:5a:4e:4d:b5:a5:5e:bf:de:5e:f4:25:35:37:fb:4b:0b:
0e:34:c9:37:f5:75:2c:82:e4:7b:df:6a:86:15:b3:54:7a:7b:
50:c5:36:69:7e:05:c6:16:36:21:3d:a1:c6:22:54:61:d3:97:
bd:8c:3d:f8:b0:a9:5f:a4:cf:87:0f:3d:8a:77:b4:59:19:40:
f8:1d:15:2f:1a:34:55:16:61:e0:db:d8:ca:10:17:ca:7c:2f:
ab:fd:66:be:fa:ce:12:12:cc:63:ff:6a:27:5a:cf:50:3e:94:
78:d9:52:de:51:74:21:64:6f:47:07:03:86:af:4f:ab:54:c2:
d2:66:9d:61:80:3b:39:ca:f8:83:75:47:3d:10:29:d0:1c:fc:
85:83:3a:38:54:50:b1:a2:a3:97:c0:5c:16:78:c4:ba:58:9c:
2a:ab:dd:fb:7a:22:49:e1:3a:fc:41:bc:50:83:ca:68:a0:72:
b1:5e:96:f8:13:fe:b7:e7:4e:56:b3:63:53:4d:33:67:fe:65:
0b:f2:02:88:4e:c7:bb:13:ce:a8:30:94:6e:d7:15:dc:e2:05:
f1:67:22:b3:f0:af:76:e4:20:3d:6c:53:e2:aa:99:fd:1d:88:
b4:d7:03:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQY9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEyMDg0MzE3WhcNMjUwMjI2MDg0MzE3WjAYMRYw
FAYDVQQDEw02NzgzODBhOS0xNTZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs0RClMaVVv2O6GjHqh6dPJv0abF//rY2+iOsGz0DOQqjazfjTl9HbTlY
CPKn7d2vCcIBj0XHKssoNNWBnBtOL7UaK4XNmZfLM4scozbIReck4IBTL2JQkFhe
ozSsXYrS1Lb0LszaPKL9SvsTLCGrRqk1Bvs3yz2d433iJjWl4YJaVb3q5BVfceau
YVAAAzflTaPE6FHKfNFjIotAw1Z9hpl+7QqJHl3F8fcTuAA1P2GfZ83YdGyFGI9r
Od6ZL2Dvlxm8zQGt3WDlzYtC0oczmOLUf5s5rmG62ykKjyudN9IkyHfrAPZACTEy
NDX0BDRvWgFaoj4EpLtFnkYLv6j/sQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBlP
8ia2louU35fDY/+5VbLpHt61MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80NzBDRUQxOEQwQzExMUVGODU1NjRCODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOtZMA0GCSqGSIb3DQEBCwUA
A4IBAQCV0nMsDMYXJonH5JqaujVMIseDoVpOTbWlXr/eXvQlNTf7SwsONMk39XUs
guR732qGFbNUentQxTZpfgXGFjYhPaHGIlRh05e9jD34sKlfpM+HDz2Kd7RZGUD4
HRUvGjRVFmHg29jKEBfKfC+r/Wa++s4SEsxj/2onWs9QPpR42VLeUXQhZG9HBwOG
r0+rVMLSZp1hgDs5yviDdUc9ECnQHPyFgzo4VFCxoqOXwFwWeMS6WJwqq937eiJJ
4Tr8QbxQg8pooHKxXpb4E/63505Ws2NTTTNn/mUL8gKITse7E86oMJRu1xXc4gXx
ZyKz8K925CA9bFPiqpn9HYi01wPE
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:40:40 2025 by rpki-client