Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E21EDCF6CDAD11EF8CE6D085762E951A.roa
File: E21EDCF6CDAD11EF8CE6D085762E951A.roa (raw, json)
Hash identifier: uVxdMUcAQ/7e31RLevgo27YL8ZEurhfXZA36LCjPbzE=
Subject key identifier: 7B:4B:24:3E:0B:43:D3:9E:41:D3:36:AA:18:D3:50:C7:56:B9:B1:65
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010167
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E21EDCF6CDAD11EF8CE6D085762E951A.roa
Signing time: Wed 08 Jan 2025 10:46:58 +0000
ROA not before: Wed 08 Jan 2025 10:46:54 +0000
ROA not after: Mon 13 Dec 2027 10:46:54 +0000
asID: 17561
IP address blocks: 156.255.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65895 (0x10167)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 10:46:54 2025 GMT
Not After : Dec 13 10:46:54 2027 GMT
Subject: CN=677e57a2-8d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0f:b7:b8:a1:bf:72:74:ec:b2:2c:36:8f:59:
5f:b1:62:07:fb:e2:1f:3d:1c:59:0a:11:8e:3f:0e:
28:51:5d:0b:39:8b:d0:9c:2b:a3:83:d4:ad:10:36:
f8:09:e4:b6:47:c3:f5:08:a7:46:b8:e3:a4:25:96:
3b:aa:fb:be:5e:6b:39:54:66:34:cd:4a:6c:19:ca:
c1:89:01:43:66:10:6d:29:7a:27:64:21:09:00:8b:
d2:df:6b:21:4d:76:5a:1d:7c:24:29:28:99:a5:a9:
8c:8c:a2:ef:d1:0d:9d:0b:7c:46:54:3b:ad:83:41:
7f:1d:83:e5:ef:f6:d0:c8:ac:5a:28:c2:16:cd:f8:
08:10:f0:63:a5:30:e7:93:64:91:69:40:30:97:3f:
d8:ce:e5:78:1e:8f:a1:0c:46:69:78:b7:3b:6e:1a:
34:df:18:92:fa:73:3a:10:f0:29:81:8d:d0:54:3c:
6b:b8:c0:08:3f:af:f9:43:38:7d:2e:8b:d8:ca:63:
aa:93:8a:9d:cd:f4:97:9e:c5:d4:54:7b:98:e1:38:
b8:5b:9f:ac:e9:da:68:6b:08:a7:bf:f2:93:bc:cd:
53:93:c8:c5:a5:dc:b1:0f:ab:ed:29:db:cc:7e:65:
4e:8b:e6:b4:52:36:61:a0:fc:f4:4c:7e:9f:58:a1:
6b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:4B:24:3E:0B:43:D3:9E:41:D3:36:AA:18:D3:50:C7:56:B9:B1:65
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/E21EDCF6CDAD11EF8CE6D085762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.255.54.0/24
Signature Algorithm: sha256WithRSAEncryption
10:3f:f6:dc:e9:1d:60:74:09:dc:ce:db:cf:68:52:46:b7:ea:
55:cf:09:f9:56:62:5e:15:a5:1a:ca:91:27:1d:d0:09:67:be:
a5:77:1b:9e:f8:0e:41:af:c5:1d:63:70:83:32:b1:d4:6d:f1:
19:8f:c4:1e:a2:7c:59:0a:04:3d:f5:3e:69:f4:72:3e:c4:1f:
5a:ea:9e:13:8c:78:f8:e9:56:6a:58:79:93:de:a8:9a:ed:1d:
df:e0:a8:b1:d9:fd:88:b5:18:45:4d:16:89:58:fb:58:65:52:
a8:37:52:7d:ad:3d:76:d5:9c:9c:fc:83:f6:16:82:20:f8:02:
d2:e7:7b:a0:7e:d5:da:65:7f:4f:b1:4e:09:08:4d:88:8c:48:
ae:b1:16:c9:d3:d8:8c:d9:cc:34:e3:5a:fd:eb:9e:fc:29:04:
11:70:e0:57:61:db:e6:16:8c:d5:fc:1a:a5:e9:77:75:b2:a3:
d4:02:73:19:2b:20:a2:c8:c7:44:e0:cf:13:a7:63:07:7e:e2:
e3:0d:03:9f:a6:2a:13:cc:eb:68:58:54:35:66:79:07:26:c0:
1b:fb:80:83:a9:b7:98:23:da:b3:dd:0b:1e:a7:74:b3:0d:a1:
b7:f6:9f:3c:31:d0:9f:9f:d4:27:c5:b3:df:c7:f2:bc:7c:37:
66:4d:67:39
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQFnMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MTA0NjU0WhcNMjcxMjEzMTA0NjU0WjAYMRYw
FAYDVQQDEw02NzdlNTdhMi04ZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvw+3uKG/cnTssiw2j1lfsWIH++IfPRxZChGOPw4oUV0LOYvQnCujg9St
EDb4CeS2R8P1CKdGuOOkJZY7qvu+Xms5VGY0zUpsGcrBiQFDZhBtKXonZCEJAIvS
32shTXZaHXwkKSiZpamMjKLv0Q2dC3xGVDutg0F/HYPl7/bQyKxaKMIWzfgIEPBj
pTDnk2SRaUAwlz/YzuV4Ho+hDEZpeLc7bho03xiS+nM6EPApgY3QVDxruMAIP6/5
Qzh9LovYymOqk4qdzfSXnsXUVHuY4Ti4W5+s6dpoawinv/KTvM1Tk8jFpdyxD6vt
KdvMfmVOi+a0UjZhoPz0TH6fWKFrKwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHtL
JD4LQ9OeQdM2qhjTUMdWubFlMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9FMjFFRENGNkNEQUQxMUVGOENFNkQwODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP82MA0GCSqGSIb3DQEBCwUA
A4IBAQAQP/bc6R1gdAncztvPaFJGt+pVzwn5VmJeFaUaypEnHdAJZ76ldxue+A5B
r8UdY3CDMrHUbfEZj8QeonxZCgQ99T5p9HI+xB9a6p4TjHj46VZqWHmT3qia7R3f
4Kix2f2ItRhFTRaJWPtYZVKoN1J9rT121Zyc/IP2FoIg+ALS53ugftXaZX9PsU4J
CE2IjEiusRbJ09iM2cw041r96578KQQRcOBXYdvmFozV/Bql6Xd1sqPUAnMZKyCi
yMdE4M8Tp2MHfuLjDQOfpioTzOtoWFQ1ZnkHJsAb+4CDqbeYI9qz3Qsep3SzDaG3
9p88MdCfn9QnxbPfx/K8fDdmTWc5
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:38:20 2025 by rpki-client