Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E7FF7CC929A11EE8B66D85CD25BE465.roa
File: 4E7FF7CC929A11EE8B66D85CD25BE465.roa (raw, json)
Hash identifier: usfDYNwLNiUrixSzqFtMwsMta1+xEikg48hCbxUYsdA=
Subject key identifier: F0:C8:2B:1E:81:42:F3:BF:B6:6D:29:F1:E6:C9:AC:25:B1:0E:DC:58
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 4EEB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E7FF7CC929A11EE8B66D85CD25BE465.roa
Signing time: Mon 04 Dec 2023 11:43:13 +0000
ROA not before: Mon 04 Dec 2023 11:43:10 +0000
ROA not after: Thu 28 Nov 2024 11:43:10 +0000
asID: 137443
IP address blocks: 156.253.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20203 (0x4eeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Dec 4 11:43:10 2023 GMT
Not After : Nov 28 11:43:10 2024 GMT
Subject: CN=656dbb51-ff67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f4:6c:07:4d:db:23:3c:e3:16:06:fb:67:86:
d5:0f:f1:e8:e2:00:04:dd:0a:bf:16:1f:18:98:9c:
1e:00:95:67:c1:c3:c2:25:4d:ba:b0:be:d9:21:bc:
70:64:88:7a:f2:33:cc:89:44:7e:60:0d:26:2d:bd:
09:a3:06:a2:3e:59:9d:b2:91:37:27:9f:35:a2:9e:
13:59:eb:bb:93:70:38:63:d5:5f:05:90:b8:9a:89:
74:8a:69:bc:90:1b:12:48:64:b3:78:25:35:0e:ed:
84:4d:73:e7:e3:d5:29:7f:68:9f:24:fe:76:63:50:
a0:15:3a:d2:b5:38:02:e2:b9:f4:c9:3d:3b:f6:82:
dc:af:0f:aa:b7:ed:81:0d:a1:25:2e:6b:57:76:5c:
f1:aa:e0:7a:33:02:a4:55:ea:ff:9b:0e:50:e2:b3:
45:21:49:c6:ba:8c:be:79:9f:69:94:9d:fd:4f:55:
d8:e9:fe:b5:6c:f1:4c:a0:fd:b3:f2:5e:ec:94:bd:
37:84:18:61:6c:f1:35:07:d3:25:0c:b3:84:34:e6:
c7:19:45:98:85:56:eb:1f:b1:d1:f8:04:6b:a4:90:
23:38:70:08:48:b6:bd:13:31:31:2c:04:6f:fb:f7:
51:c5:18:52:30:a4:41:1a:28:44:19:b5:34:8b:a1:
62:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C8:2B:1E:81:42:F3:BF:B6:6D:29:F1:E6:C9:AC:25:B1:0E:DC:58
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4E7FF7CC929A11EE8B66D85CD25BE465.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:de:86:7b:90:e4:bf:be:b6:9d:37:28:2d:ed:61:37:3c:91:
3d:66:04:61:02:98:29:5e:c8:44:7d:ff:da:1b:83:f5:a9:72:
76:71:52:10:02:12:28:ba:e7:dd:b5:cb:0c:cd:50:a4:d2:a7:
c2:cd:a1:00:28:b5:4c:65:87:46:2f:89:51:3e:f7:57:2c:47:
2d:de:bd:92:ac:af:25:f0:60:da:05:77:10:a9:20:62:5d:23:
1a:db:61:4e:bf:ad:18:bf:c3:2e:de:18:3f:dc:6a:a3:5c:04:
ac:16:ad:7f:07:82:a0:7e:0a:7b:fa:01:51:bf:83:01:ef:0a:
43:bf:71:87:b2:84:36:61:d6:0c:79:28:31:fc:56:f7:20:14:
8f:ef:68:7c:d3:27:d7:ef:dc:4c:fa:59:2a:6d:b6:06:ac:8d:
90:83:ce:dc:7f:ec:91:bb:21:15:a7:ad:44:95:cf:5d:cc:e1:
15:1c:05:e5:f2:01:b0:23:c2:e6:a6:24:74:49:01:87:4e:40:
6e:72:1d:71:98:32:bb:54:d4:52:c3:30:e9:d2:8b:c8:7e:eb:
68:a2:1c:15:23:2f:79:d3:86:b1:b2:a9:a3:aa:04:62:ef:c8:
d7:e9:de:5d:65:d1:9d:46:1e:16:cc:37:74:1f:29:2d:75:7a:
9a:f5:47:1d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICTuswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMDQxMTQzMTBaFw0yNDExMjgxMTQzMTBaMBgxFjAU
BgNVBAMTDTY1NmRiYjUxLWZmNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC09GwHTdsjPOMWBvtnhtUP8ejiAATdCr8WHxiYnB4AlWfBw8IlTbqwvtkh
vHBkiHryM8yJRH5gDSYtvQmjBqI+WZ2ykTcnnzWinhNZ67uTcDhj1V8FkLiaiXSK
abyQGxJIZLN4JTUO7YRNc+fj1Sl/aJ8k/nZjUKAVOtK1OALiufTJPTv2gtyvD6q3
7YENoSUua1d2XPGq4HozAqRV6v+bDlDis0UhSca6jL55n2mUnf1PVdjp/rVs8Uyg
/bPyXuyUvTeEGGFs8TUH0yUMs4Q05scZRZiFVusfsdH4BGukkCM4cAhItr0TMTEs
BG/791HFGFIwpEEaKEQZtTSLoWJtAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU8Mgr
HoFC87+2bSnx5smsJbEO3FgwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzRFN0ZGN0NDOTI5QTExRUU4QjY2RDg1Q0QyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOc/QgwDQYJKoZIhvcNAQELBQAD
ggEBAKTehnuQ5L++tp03KC3tYTc8kT1mBGECmCleyER9/9obg/WpcnZxUhACEii6
5921ywzNUKTSp8LNoQAotUxlh0YviVE+91csRy3evZKsryXwYNoFdxCpIGJdIxrb
YU6/rRi/wy7eGD/caqNcBKwWrX8HgqB+Cnv6AVG/gwHvCkO/cYeyhDZh1gx5KDH8
VvcgFI/vaHzTJ9fv3Ez6WSpttgasjZCDztx/7JG7IRWnrUSVz13M4RUcBeXyAbAj
wuamJHRJAYdOQG5yHXGYMrtU1FLDMOnSi8h+62iiHBUjL3nThrGyqaOqBGLvyNfp
3l1l0Z1GHhbMN3QfKS11epr1Rx0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:28 2024 by rpki-client on console-fra.rpki-client.org