Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D1E8B24C98E11EF81521258762E951A.roa
File: 9D1E8B24C98E11EF81521258762E951A.roa (raw, json)
Hash identifier: J7GUqTWOQdJyVdIuKyQ+z13Sg8JQsNwlB9NmTi8TCVo=
Subject key identifier: B6:4C:40:A4:3C:17:E5:1C:9F:D7:F9:35:AD:1B:5B:27:91:E9:8A:1E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F5CD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D1E8B24C98E11EF81521258762E951A.roa
Signing time: Fri 03 Jan 2025 04:53:03 +0000
ROA not before: Fri 03 Jan 2025 04:52:59 +0000
ROA not after: Mon 13 Dec 2027 04:52:59 +0000
asID: 17561
IP address blocks: 156.233.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62925 (0xf5cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 3 04:52:59 2025 GMT
Not After : Dec 13 04:52:59 2027 GMT
Subject: CN=67776d2f-3d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:2b:ad:c7:9a:65:51:f8:b1:4e:7d:c1:1d:
53:a5:f6:80:32:84:c1:02:03:7f:ee:c2:85:b8:c7:
f0:09:99:25:d7:f3:c0:68:00:fd:10:7e:ad:41:34:
b8:73:c8:ce:9b:47:cb:48:07:73:50:69:97:6a:2f:
2d:9c:f2:60:f9:d4:63:48:bd:bf:8f:2f:68:ff:95:
5d:07:47:62:26:d5:cd:0e:2f:c4:df:06:a6:28:e5:
c2:93:14:ed:c8:56:e8:54:34:27:36:b0:8d:5e:4c:
d9:c4:bb:90:9d:dc:5a:85:0b:39:02:68:20:66:bb:
f4:6b:54:3c:d5:b7:c2:1b:f0:a7:c2:04:4d:98:e9:
d4:2a:53:e7:71:44:da:1a:03:7b:ca:3b:c3:01:1e:
53:2f:52:d9:89:c2:0d:6c:ee:4e:eb:4d:fb:51:11:
39:de:ba:e6:1a:8b:b7:a1:e7:b0:d0:1e:5e:c3:5e:
2f:2b:f2:f6:ae:98:4d:6d:9e:12:97:65:6c:32:01:
71:90:c8:8b:d0:96:b2:27:3c:c2:ce:61:eb:a4:58:
b5:bb:96:6d:ff:f4:23:95:51:ad:4a:67:40:96:b7:
63:34:72:5a:a4:cd:76:9f:6e:68:42:53:4c:ea:ac:
6c:99:6d:59:bf:d2:c4:25:d3:06:58:74:99:72:08:
b6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4C:40:A4:3C:17:E5:1C:9F:D7:F9:35:AD:1B:5B:27:91:E9:8A:1E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9D1E8B24C98E11EF81521258762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.233.59.0/24
Signature Algorithm: sha256WithRSAEncryption
09:38:d2:7a:82:5f:8c:1e:83:02:47:38:c5:db:3a:5b:b9:a9:
e9:e0:ef:1f:f9:23:8b:b5:92:f4:43:32:e0:f1:b2:3b:b1:34:
8f:3c:f4:25:13:27:71:e4:d7:14:0a:e3:01:4c:34:e7:af:3d:
93:ae:12:78:5f:e9:e7:f0:da:83:92:a1:26:0a:d1:34:9d:fd:
0e:72:dd:ca:c9:0f:23:33:a3:7b:eb:e5:c3:e2:29:78:4b:19:
20:37:2a:fb:30:5f:81:81:f0:18:3c:18:24:8a:1d:55:fa:c2:
29:8e:8c:c5:91:99:4c:45:f5:30:de:df:8f:cd:cb:4b:11:0a:
06:62:2d:02:4c:26:35:a1:90:9e:a4:55:a7:ae:18:84:b9:f7:
57:76:ce:53:db:c4:ca:ff:7c:45:fb:c1:dd:da:34:62:4a:8a:
48:43:1b:0f:d7:f4:ae:ce:17:80:b6:f5:28:e1:07:5a:4b:28:
51:b2:cd:8f:dc:2e:32:d4:94:0e:84:76:a1:32:50:18:3d:78:
c9:3c:ff:36:77:5f:24:f1:24:0a:7f:28:83:1c:06:fe:0a:b4:
db:aa:58:a7:98:90:e9:41:6f:8c:b6:95:a4:c9:7e:0e:71:fb:
fe:7e:b4:81:d9:40:35:b1:42:8a:3c:74:f5:91:ac:4d:bd:23:
d2:f4:d0:05
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPXNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAzMDQ1MjU5WhcNMjcxMjEzMDQ1MjU5WjAYMRYw
FAYDVQQDEw02Nzc3NmQyZi0zZDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtfQrrceaZVH4sU59wR1TpfaAMoTBAgN/7sKFuMfwCZkl1/PAaAD9EH6t
QTS4c8jOm0fLSAdzUGmXai8tnPJg+dRjSL2/jy9o/5VdB0diJtXNDi/E3wamKOXC
kxTtyFboVDQnNrCNXkzZxLuQndxahQs5AmggZrv0a1Q81bfCG/CnwgRNmOnUKlPn
cUTaGgN7yjvDAR5TL1LZicINbO5O6037URE53rrmGou3oeew0B5ew14vK/L2rphN
bZ4Sl2VsMgFxkMiL0JayJzzCzmHrpFi1u5Zt//QjlVGtSmdAlrdjNHJapM12n25o
QlNM6qxsmW1Zv9LEJdMGWHSZcgi2XwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLZM
QKQ8F+Ucn9f5Na0bWyeR6YoeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RDFFOEIyNEM5OEUxMUVGODE1MjEyNTg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOk7MA0GCSqGSIb3DQEBCwUA
A4IBAQAJONJ6gl+MHoMCRzjF2zpbuanp4O8f+SOLtZL0QzLg8bI7sTSPPPQlEydx
5NcUCuMBTDTnrz2TrhJ4X+nn8NqDkqEmCtE0nf0Oct3KyQ8jM6N76+XD4il4Sxkg
Nyr7MF+BgfAYPBgkih1V+sIpjozFkZlMRfUw3t+PzctLEQoGYi0CTCY1oZCepFWn
rhiEufdXds5T28TK/3xF+8Hd2jRiSopIQxsP1/SuzheAtvUo4QdaSyhRss2P3C4y
1JQOhHahMlAYPXjJPP82d18k8SQKfyiDHAb+CrTbqlinmJDpQW+MtpWkyX4Ocfv+
frSB2UA1sUKKPHT1kaxNvSPS9NAF
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:50:22 2025 by rpki-client