Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6DC410649B7C11EFA0618E89762E951A.roa
File: 6DC410649B7C11EFA0618E89762E951A.roa (raw, json)
Hash identifier: KqF+SIWhT6T8MubPsspMEOFruaF1AJ1/Qmw/5YhyNOo=
Subject key identifier: E5:5C:76:ED:84:F6:91:02:FD:34:E1:86:AA:4B:D4:C0:ED:01:C4:3A
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: CE75
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6DC410649B7C11EFA0618E89762E951A.roa
Signing time: Tue 05 Nov 2024 13:46:59 +0000
ROA not before: Tue 05 Nov 2024 13:46:55 +0000
ROA not after: Mon 13 Jan 2025 13:46:55 +0000
asID: 22773
IP address blocks: 156.237.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52853 (0xce75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 5 13:46:55 2024 GMT
Not After : Jan 13 13:46:55 2025 GMT
Subject: CN=672a21d3-5980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8f:d8:dd:d9:63:2a:90:e1:59:07:ee:c4:64:
ce:ec:aa:d1:8e:9b:83:4e:ff:13:3b:29:ce:70:f8:
7d:fa:84:48:d0:86:48:dd:a9:91:4e:41:f1:2c:70:
a9:1c:b9:d2:d5:4f:56:54:60:9a:4e:7d:e2:4c:07:
70:56:34:f2:9e:fe:d6:f9:f0:b0:b9:4e:25:c3:6a:
a9:d1:a7:34:44:ab:74:2b:0e:b2:9c:c6:2a:cc:d2:
19:5c:0c:ac:c6:c6:9c:51:51:1c:74:9c:c8:f3:28:
f6:c2:4b:2b:61:52:0a:d4:e3:8a:07:dd:28:65:ab:
d9:e6:f7:c4:a7:53:03:7d:2d:4b:8e:a9:33:98:8e:
91:e2:a6:02:53:6e:d0:a1:0b:aa:25:d7:72:99:39:
fe:40:91:6e:21:21:34:1d:2b:9c:8c:78:ce:b7:7c:
fe:ed:6d:68:75:bf:23:3e:c4:97:16:e7:dc:77:f3:
b8:9b:a8:9c:19:2a:5d:95:23:db:9a:50:e8:81:81:
25:cb:5c:46:e5:9c:20:0b:13:ac:74:7d:52:06:96:
8d:ab:e5:44:b0:7f:13:d8:58:e9:1f:61:9d:02:8c:
b7:9f:24:76:e2:4e:0e:80:31:6d:30:c5:f2:6b:9f:
78:c2:f9:a5:8a:bd:c4:bd:32:a4:23:de:09:e6:b5:
87:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:5C:76:ED:84:F6:91:02:FD:34:E1:86:AA:4B:D4:C0:ED:01:C4:3A
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6DC410649B7C11EFA0618E89762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.237.6.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:fd:1a:da:25:3f:1e:de:ac:f0:e1:b7:5c:de:e5:58:c9:5f:
c1:8d:83:53:23:f6:e0:5b:ed:2f:63:92:d4:42:eb:ab:12:78:
a4:f9:27:a0:27:aa:7c:26:eb:93:f1:8f:30:58:08:22:f4:3f:
2e:73:18:fb:9f:3d:e4:21:62:c5:0d:91:54:04:8e:b3:31:82:
f6:19:1d:95:3c:95:48:bf:47:8a:3a:97:f9:0b:39:db:0f:24:
46:75:cb:a8:2d:31:be:f1:6e:98:73:e0:06:e4:3e:72:64:11:
cd:da:45:ae:6d:54:a8:a4:0a:2d:c9:a5:27:8a:96:d7:f0:0d:
67:6f:42:7a:f1:69:d8:7a:56:1a:fa:06:ab:25:b4:7f:95:8e:
11:c9:71:da:54:5b:0e:73:81:80:40:ac:5c:35:cd:c3:4d:e8:
d6:0f:db:34:a6:c2:78:ac:4b:45:e3:be:4b:41:05:83:19:6a:
ad:33:19:f6:25:66:9f:87:d8:d1:f5:2c:c5:d4:9d:05:18:87:
81:d9:c7:5d:68:00:34:f8:35:56:7f:24:41:51:9b:b7:29:a8:
84:cf:41:2b:e6:58:40:51:30:2e:fd:58:21:5e:d6:ba:52:11:
44:75:25:aa:b5:54:01:00:14:b5:93:04:f1:4c:b7:7a:02:ed:
ce:a8:d8:85
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAM51MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA1MTM0NjU1WhcNMjUwMTEzMTM0NjU1WjAYMRYw
FAYDVQQDEw02NzJhMjFkMy01OTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6o/Y3dljKpDhWQfuxGTO7KrRjpuDTv8TOynOcPh9+oRI0IZI3amRTkHx
LHCpHLnS1U9WVGCaTn3iTAdwVjTynv7W+fCwuU4lw2qp0ac0RKt0Kw6ynMYqzNIZ
XAysxsacUVEcdJzI8yj2wksrYVIK1OOKB90oZavZ5vfEp1MDfS1LjqkzmI6R4qYC
U27QoQuqJddymTn+QJFuISE0HSucjHjOt3z+7W1odb8jPsSXFufcd/O4m6icGSpd
lSPbmlDogYEly1xG5ZwgCxOsdH1SBpaNq+VEsH8T2FjpH2GdAoy3nyR24k4OgDFt
MMXya594wvmlir3EvTKkI94J5rWHLwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOVc
du2E9pEC/TThhqpL1MDtAcQ6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82REM0MTA2NDlCN0MxMUVGQTA2MThFODk3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO0GMA0GCSqGSIb3DQEBCwUA
A4IBAQC7/RraJT8e3qzw4bdc3uVYyV/BjYNTI/bgW+0vY5LUQuurEnik+SegJ6p8
JuuT8Y8wWAgi9D8ucxj7nz3kIWLFDZFUBI6zMYL2GR2VPJVIv0eKOpf5CznbDyRG
dcuoLTG+8W6Yc+AG5D5yZBHN2kWubVSopAotyaUnipbX8A1nb0J68WnYelYa+gar
JbR/lY4RyXHaVFsOc4GAQKxcNc3DTejWD9s0psJ4rEtF475LQQWDGWqtMxn2JWaf
h9jR9SzF1J0FGIeB2cddaAA0+DVWfyRBUZu3KaiEz0Er5lhAUTAu/VghXta6UhFE
dSWqtVQBABS1kwTxTLd6Au3OqNiF
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:34 2024 by rpki-client on console-fra.rpki-client.org