Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/92BB6E7ACCDD11EF97C7CC51762E951A.roa
File: 92BB6E7ACCDD11EF97C7CC51762E951A.roa (raw, json)
Hash identifier: Fu45S1+bE+dm+wMfXysd8UNG5mtVReWOIZ48ujXeg90=
Subject key identifier: 5B:FB:95:D6:0D:48:7A:1B:3C:A7:14:88:E8:DA:68:20:53:EA:DB:62
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FB81
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/92BB6E7ACCDD11EF97C7CC51762E951A.roa
Signing time: Tue 07 Jan 2025 09:55:49 +0000
ROA not before: Tue 07 Jan 2025 09:55:46 +0000
ROA not after: Mon 13 Dec 2027 09:55:46 +0000
asID: 17561
IP address blocks: 156.233.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64385 (0xfb81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 09:55:46 2025 GMT
Not After : Dec 13 09:55:46 2027 GMT
Subject: CN=677cfa25-2039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6b:28:ec:8f:39:c9:70:8a:3c:2d:d2:5a:66:
9b:81:86:1b:d9:3b:69:b3:d5:6c:ee:9c:75:9a:79:
f6:62:ba:a2:d1:53:f9:69:48:32:a2:84:57:0c:87:
b9:d1:2a:88:08:d3:20:f3:7a:4b:5a:01:85:cf:99:
17:7d:18:ec:b4:a2:68:d9:3a:ed:ad:d6:3a:f7:fc:
25:37:6a:97:e8:14:8e:1a:59:8d:7d:df:44:2a:85:
d4:60:00:59:25:52:45:7a:9e:13:b5:cd:b1:95:df:
d8:b5:fb:f6:80:40:3a:91:13:46:89:f0:df:3e:f4:
31:39:78:98:98:25:56:89:cb:22:fb:fa:4a:79:5e:
9b:0c:3a:b0:6a:10:7f:a7:11:bb:08:36:0e:c7:41:
63:2f:31:21:a7:eb:ac:fb:d3:8c:34:3f:c4:46:5a:
5e:07:0a:68:7f:0c:6b:fd:11:02:fa:3f:74:3d:4e:
46:45:b4:dc:33:54:31:fe:6d:44:24:c8:bb:c2:4b:
98:3a:09:fa:e6:6e:0f:62:bd:f5:12:93:03:51:80:
5e:f3:63:55:14:be:52:58:d2:45:5f:8a:f0:f4:b3:
ba:28:0a:10:ef:77:5b:b8:53:78:70:bc:d5:33:53:
63:bf:21:3c:38:45:f4:a3:36:9f:2f:3d:44:4f:c0:
4e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FB:95:D6:0D:48:7A:1B:3C:A7:14:88:E8:DA:68:20:53:EA:DB:62
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/92BB6E7ACCDD11EF97C7CC51762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.213.0/24
Signature Algorithm: sha256WithRSAEncryption
94:29:5c:29:e4:bc:a9:00:b4:98:78:de:49:75:26:3b:83:2f:
3e:e9:fc:8e:89:cb:29:d6:bf:0b:97:89:3b:8d:0e:e8:59:52:
bb:ea:19:61:a4:85:db:06:4a:1e:0c:84:47:fd:21:80:c1:7d:
34:da:8f:7d:9f:52:47:a7:bb:67:15:3d:95:1f:78:54:d7:13:
e4:ac:fb:21:56:db:08:f4:00:68:29:c5:53:be:84:73:dc:06:
23:18:dd:f7:24:ef:55:7f:2f:f8:d7:68:8f:dc:3f:34:17:85:
eb:2b:5b:d4:10:81:09:72:19:8b:76:23:4e:cc:81:d4:a0:b3:
f6:d1:dd:8e:4d:03:0e:8e:bc:51:00:28:ca:9e:89:10:04:c8:
84:5e:64:ec:42:f7:c8:c3:b4:0a:23:7e:0d:93:db:82:67:2d:
fa:ed:b2:a7:fa:f4:93:33:65:ac:1b:59:77:1d:ce:85:c3:a8:
d7:8b:b0:a5:fe:74:32:f9:af:ba:24:bf:d7:0f:0a:05:60:8e:
c7:88:ab:0e:fd:54:10:56:c0:17:f0:f1:72:83:95:7b:c8:4b:
ba:dc:aa:b3:00:d9:1a:41:29:81:5c:fd:87:41:f9:3a:e6:04:
6a:ba:86:60:dd:f0:c1:81:45:5e:ac:fd:bd:fd:46:9d:9a:4b:
6b:a5:5b:cb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPuBMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MDk1NTQ2WhcNMjcxMjEzMDk1NTQ2WjAYMRYw
FAYDVQQDEw02NzdjZmEyNS0yMDM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqWso7I85yXCKPC3SWmabgYYb2Ttps9Vs7px1mnn2Yrqi0VP5aUgyooRX
DIe50SqICNMg83pLWgGFz5kXfRjstKJo2TrtrdY69/wlN2qX6BSOGlmNfd9EKoXU
YABZJVJFep4Ttc2xld/Ytfv2gEA6kRNGifDfPvQxOXiYmCVWicsi+/pKeV6bDDqw
ahB/pxG7CDYOx0FjLzEhp+us+9OMND/ERlpeBwpofwxr/REC+j90PU5GRbTcM1Qx
/m1EJMi7wkuYOgn65m4PYr31EpMDUYBe82NVFL5SWNJFX4rw9LO6KAoQ73dbuFN4
cLzVM1NjvyE8OEX0ozafLz1ET8BOgQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFv7
ldYNSHobPKcUiOjaaCBT6ttiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85MkJCNkU3QUNDREQxMUVGOTdDN0NDNTE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOnVMA0GCSqGSIb3DQEBCwUA
A4IBAQCUKVwp5LypALSYeN5JdSY7gy8+6fyOicsp1r8Ll4k7jQ7oWVK76hlhpIXb
BkoeDIRH/SGAwX002o99n1JHp7tnFT2VH3hU1xPkrPshVtsI9ABoKcVTvoRz3AYj
GN33JO9Vfy/412iP3D80F4XrK1vUEIEJchmLdiNOzIHUoLP20d2OTQMOjrxRACjK
nokQBMiEXmTsQvfIw7QKI34Nk9uCZy367bKn+vSTM2WsG1l3Hc6Fw6jXi7Cl/nQy
+a+6JL/XDwoFYI7HiKsO/VQQVsAX8PFyg5V7yEu63KqzANkaQSmBXP2HQfk65gRq
uoZg3fDBgUVerP29/UadmktrpVvL
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:52:55 2025 by rpki-client