Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7E5E09CCD1611EFAEF055B8762E951A.roa
File: C7E5E09CCD1611EFAEF055B8762E951A.roa (raw, json)
Hash identifier: /IT/5+0vGyzOUcuYjW+7u9QHWA/AdeYzgWaQICAnVwE=
Subject key identifier: CB:23:51:8C:94:1B:09:D8:CF:25:6D:ED:2F:CA:CE:90:77:14:D2:5E
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FD21
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7E5E09CCD1611EFAEF055B8762E951A.roa
Signing time: Tue 07 Jan 2025 16:45:20 +0000
ROA not before: Tue 07 Jan 2025 16:45:16 +0000
ROA not after: Mon 13 Dec 2027 16:45:16 +0000
asID: 17561
IP address blocks: 156.241.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64801 (0xfd21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 16:45:16 2025 GMT
Not After : Dec 13 16:45:16 2027 GMT
Subject: CN=677d5a20-4403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d4:3a:a4:04:f3:11:16:83:41:17:55:80:5d:
2e:ba:d6:61:59:10:fc:c5:92:60:22:70:7e:bd:d9:
5b:27:2c:1c:f1:3b:e7:43:7a:a2:59:ab:d7:80:14:
6a:32:88:21:25:34:94:17:03:70:43:7b:ed:3a:61:
a5:69:24:36:b6:2a:90:18:70:09:10:0f:c9:24:f3:
be:9a:3b:46:fd:06:77:42:e3:02:3b:98:7d:f5:47:
b0:c2:75:5e:74:3d:5f:51:69:57:44:03:7e:98:f2:
16:0a:a3:ae:a8:07:76:91:7c:d2:54:1c:40:0a:0a:
7a:e4:18:f1:3c:59:db:5f:37:95:06:a5:31:be:31:
21:7b:39:47:bf:f8:23:5d:32:46:6c:22:17:1b:c5:
57:55:eb:94:b0:2f:2c:cf:00:8d:ab:6c:b3:88:a3:
e1:99:3a:f8:f7:fb:36:94:dd:00:c7:43:9e:93:3e:
fe:c2:23:30:f3:b9:2e:8c:4f:c0:cc:eb:0f:90:a4:
a8:c8:8f:35:86:90:9a:54:30:e0:79:f4:e2:d4:34:
3a:8e:bf:ab:c8:2c:e1:7a:fe:38:58:35:a2:9c:54:
bc:34:46:7d:bb:3e:66:de:09:44:ea:f8:51:a8:39:
61:be:c8:9f:ce:40:dd:28:17:02:c2:81:85:77:5b:
f3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:23:51:8C:94:1B:09:D8:CF:25:6D:ED:2F:CA:CE:90:77:14:D2:5E
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C7E5E09CCD1611EFAEF055B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.241.20.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:8d:b4:f2:35:3f:f3:29:85:7f:ed:cb:d4:47:16:45:b1:50:
d4:b1:75:fd:4d:20:2a:f2:8e:d2:99:f7:26:b5:a5:4b:2b:b5:
64:17:dc:2b:1d:49:be:df:e6:d0:fc:e8:da:af:9a:29:2e:c3:
73:0d:fd:55:74:a7:11:0b:48:14:35:45:b2:08:f3:f9:05:42:
cb:f2:b9:33:69:c8:98:06:40:d8:09:c0:94:2a:5d:4e:e8:ea:
2f:64:ac:7f:01:b6:28:bd:b1:61:c0:16:32:d5:c1:19:3e:c6:
f2:9f:9a:b4:6b:ab:94:57:a5:2d:30:47:47:a1:05:08:a9:79:
41:42:07:e6:01:60:4d:e8:1c:92:81:ce:2d:60:d2:78:5c:39:
b3:98:96:2a:0f:5a:bb:20:b2:c7:92:67:d1:1e:d6:67:c8:79:
c2:de:5a:99:ed:1a:eb:aa:cb:19:08:6e:e9:f8:26:04:e6:53:
45:c1:c5:1b:42:03:1d:20:08:53:0e:da:c9:01:91:e7:86:ff:
fe:1f:f1:9a:f8:e1:fe:a8:1b:b2:3e:aa:ee:12:2a:79:15:8b:
53:e2:0d:e6:b6:46:2a:d2:b7:a4:40:71:39:21:a2:e5:c8:57:
4c:ab:80:c2:77:02:95:d9:40:93:0d:73:ce:73:70:8a:74:2c:
6a:9f:32:5b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAP0hMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTY0NTE2WhcNMjcxMjEzMTY0NTE2WjAYMRYw
FAYDVQQDEw02NzdkNWEyMC00NDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy9Q6pATzERaDQRdVgF0uutZhWRD8xZJgInB+vdlbJywc8TvnQ3qiWavX
gBRqMoghJTSUFwNwQ3vtOmGlaSQ2tiqQGHAJEA/JJPO+mjtG/QZ3QuMCO5h99Uew
wnVedD1fUWlXRAN+mPIWCqOuqAd2kXzSVBxACgp65BjxPFnbXzeVBqUxvjEhezlH
v/gjXTJGbCIXG8VXVeuUsC8szwCNq2yziKPhmTr49/s2lN0Ax0Oekz7+wiMw87ku
jE/AzOsPkKSoyI81hpCaVDDgefTi1DQ6jr+ryCzhev44WDWinFS8NEZ9uz5m3glE
6vhRqDlhvsifzkDdKBcCwoGFd1vzewIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMsj
UYyUGwnYzyVt7S/KzpB3FNJeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DN0U1RTA5Q0NEMTYxMUVGQUVGMDU1Qjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPEUMA0GCSqGSIb3DQEBCwUA
A4IBAQB8jbTyNT/zKYV/7cvURxZFsVDUsXX9TSAq8o7SmfcmtaVLK7VkF9wrHUm+
3+bQ/Ojar5opLsNzDf1VdKcRC0gUNUWyCPP5BULL8rkzaciYBkDYCcCUKl1O6Oov
ZKx/AbYovbFhwBYy1cEZPsbyn5q0a6uUV6UtMEdHoQUIqXlBQgfmAWBN6BySgc4t
YNJ4XDmzmJYqD1q7ILLHkmfRHtZnyHnC3lqZ7RrrqssZCG7p+CYE5lNFwcUbQgMd
IAhTDtrJAZHnhv/+H/Ga+OH+qBuyPqruEip5FYtT4g3mtkYq0rekQHE5IaLlyFdM
q4DCdwKV2UCTDXPOc3CKdCxqnzJb
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:00:55 2025 by rpki-client