Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFAD0D72A25B11EFB4C8D976762E951A.roa
File: CFAD0D72A25B11EFB4C8D976762E951A.roa (raw, json)
Hash identifier: CCPdZs8sQSJGuAdqPOXNu913Uxdng/o6lWzQfVn0FFg=
Subject key identifier: 5B:3C:B4:92:2F:5D:DB:06:18:10:04:EB:9C:16:5F:AF:FD:E0:05:DE
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D275
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFAD0D72A25B11EFB4C8D976762E951A.roa
Signing time: Thu 14 Nov 2024 07:41:08 +0000
ROA not before: Thu 14 Nov 2024 07:41:05 +0000
ROA not after: Tue 10 Dec 2024 07:41:05 +0000
asID: 64267
IP address blocks: 156.239.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53877 (0xd275)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 14 07:41:05 2024 GMT
Not After : Dec 10 07:41:05 2024 GMT
Subject: CN=6735a994-d3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:17:ee:b7:b3:d0:71:f9:a6:a5:c1:fe:3d:67:
56:8e:08:cf:16:08:e8:10:79:d7:96:18:31:4a:18:
4c:56:ef:76:5b:ca:2e:c7:fe:fc:47:7f:ff:b5:19:
60:e6:f4:90:6b:da:55:75:14:46:a6:23:33:a9:62:
d8:94:ad:50:cf:c3:1b:bf:e2:16:f9:8d:bd:c4:4e:
a3:b7:a7:b7:6d:14:e7:4f:03:e6:82:68:9f:71:5f:
7c:c9:da:11:35:72:37:ac:12:a8:3d:b9:ec:52:c8:
19:0b:8b:e0:58:4b:07:c4:1b:7d:d7:7c:ad:e2:ef:
da:f5:f4:fa:35:78:7a:15:14:2e:a7:94:81:40:16:
29:aa:cd:e3:93:53:ab:7f:07:f9:19:65:88:05:40:
10:9a:f1:27:d1:1b:45:3d:1b:16:3a:28:6c:73:af:
ea:24:d6:b3:0a:4d:11:e8:00:29:a4:54:c7:89:14:
b1:aa:b6:a9:f1:52:f8:3b:a9:dc:40:46:fd:bc:ae:
0f:28:ec:7d:9d:89:e2:04:a4:76:09:2d:e8:dc:87:
ff:bc:7e:f8:18:e3:51:29:79:fd:ff:00:a3:db:d3:
a7:d1:58:95:bc:b8:f0:6b:82:0d:da:80:fe:d9:52:
c0:34:7d:73:f6:42:e5:af:f2:82:01:bd:56:a9:52:
67:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:3C:B4:92:2F:5D:DB:06:18:10:04:EB:9C:16:5F:AF:FD:E0:05:DE
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CFAD0D72A25B11EFB4C8D976762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.239.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:36:63:c2:dd:82:90:db:73:2c:fc:22:61:be:2f:54:57:b1:
af:bd:bb:23:2c:26:9b:de:9f:af:ed:8f:2d:d0:37:9c:4b:41:
e4:53:29:0e:07:34:8e:e4:80:e2:96:0c:42:6e:b8:ae:9d:93:
4b:0e:58:96:ec:b7:61:c0:df:3c:cc:2c:60:54:63:53:79:02:
84:eb:72:4d:4a:d3:1b:bb:c4:31:60:b1:59:16:4d:ed:11:25:
c3:96:31:c7:37:80:f2:59:02:2e:66:e9:ed:eb:5d:cc:91:53:
5b:45:d9:49:2b:9c:7c:59:d2:5b:b4:93:94:40:2f:b8:4f:4a:
0c:8c:88:f6:ed:9f:e8:a7:ba:cb:43:9e:24:76:08:8a:2f:21:
bc:ba:52:75:87:95:58:8f:1b:f0:9f:61:8c:db:6e:33:92:9e:
2c:3e:9e:cf:cd:af:91:fd:16:eb:8f:44:11:d5:b3:f8:b5:b7:
25:7f:a5:8d:d3:e3:01:78:60:e4:e7:a3:b3:1d:5b:50:96:2f:
d4:ee:21:5b:63:9c:4f:72:dd:2d:53:76:22:fc:93:f0:57:f8:
27:fa:fd:b4:8a:7c:91:f5:65:e4:1b:65:06:c8:7e:b3:c6:9c:
cb:78:b2:eb:99:97:35:4c:80:60:9e:3a:fe:8a:94:35:94:ac:
df:15:18:3f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANJ1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTE0MDc0MTA1WhcNMjQxMjEwMDc0MTA1WjAYMRYw
FAYDVQQDEw02NzM1YTk5NC1kM2M1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAyxfut7PQcfmmpcH+PWdWjgjPFgjoEHnXlhgxShhMVu92W8oux/78R3//
tRlg5vSQa9pVdRRGpiMzqWLYlK1Qz8Mbv+IW+Y29xE6jt6e3bRTnTwPmgmifcV98
ydoRNXI3rBKoPbnsUsgZC4vgWEsHxBt913yt4u/a9fT6NXh6FRQup5SBQBYpqs3j
k1Orfwf5GWWIBUAQmvEn0RtFPRsWOihsc6/qJNazCk0R6AAppFTHiRSxqrap8VL4
O6ncQEb9vK4PKOx9nYniBKR2CS3o3If/vH74GONRKXn9/wCj29On0ViVvLjwa4IN
2oD+2VLANH1z9kLlr/KCAb1WqVJnswIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFs8
tJIvXdsGGBAE65wWX6/94AXeMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRkFEMEQ3MkEyNUIxMUVGQjRDOEQ5NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO88MA0GCSqGSIb3DQEBCwUA
A4IBAQA+NmPC3YKQ23Ms/CJhvi9UV7GvvbsjLCab3p+v7Y8t0DecS0HkUykOBzSO
5IDilgxCbriunZNLDliW7LdhwN88zCxgVGNTeQKE63JNStMbu8QxYLFZFk3tESXD
ljHHN4DyWQIuZunt613MkVNbRdlJK5x8WdJbtJOUQC+4T0oMjIj27Z/op7rLQ54k
dgiKLyG8ulJ1h5VYjxvwn2GM224zkp4sPp7Pza+R/Rbrj0QR1bP4tbclf6WN0+MB
eGDk56OzHVtQli/U7iFbY5xPct0tU3Yi/JPwV/gn+v20inyR9WXkG2UGyH6zxpzL
eLLrmZc1TIBgnjr+ipQ1lKzfFRg/
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:48 2024 by rpki-client on console-fra.rpki-client.org