Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA0A70029EAD11EF987180A4762E951A.roa
File: FA0A70029EAD11EF987180A4762E951A.roa (raw, json)
Hash identifier: uozaBZxuZ0hHz+CwM9oJHqEr5DqzF+g8RfuQQQhhkKw=
Subject key identifier: 14:05:F1:B0:7A:BB:7F:E3:3C:14:0C:3F:1D:A7:98:BC:D8:7A:AF:70
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: D02D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA0A70029EAD11EF987180A4762E951A.roa
Signing time: Sat 09 Nov 2024 15:19:13 +0000
ROA not before: Sat 09 Nov 2024 15:19:10 +0000
ROA not after: Sat 30 Nov 2024 15:19:10 +0000
asID: 142403
IP address blocks: 156.236.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 23 Nov 2024 00:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53293 (0xd02d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: Nov 9 15:19:10 2024 GMT
Not After : Nov 30 15:19:10 2024 GMT
Subject: CN=672f7d71-dcc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:cc:7e:1d:63:4f:46:35:8e:37:c8:c6:15:
fc:56:89:dd:31:35:f4:a3:12:46:d6:28:65:8c:ac:
d3:d3:8e:ce:e0:06:42:12:fb:81:6e:c3:61:17:7c:
78:0d:85:86:23:d3:93:b5:6e:84:e9:4f:a9:cf:ab:
e6:4c:46:55:0c:2c:9e:b6:c6:6e:ae:f6:33:b3:f3:
b6:e0:f7:86:b8:5e:d8:48:22:15:1c:9d:8c:11:ad:
1f:c4:78:2c:ef:db:06:c4:09:29:c5:7f:a9:00:92:
26:65:e1:62:03:0d:ee:e0:6d:28:80:62:23:2b:86:
10:4e:0c:07:11:0e:72:c4:99:32:11:12:6f:72:42:
bf:cd:19:56:e3:f7:84:7e:b5:0a:78:d1:2f:a8:9a:
97:3a:65:3d:4c:09:01:a8:38:3e:f3:11:bc:43:2b:
a8:d1:d3:1d:2d:e5:9a:b3:9d:ca:1e:ec:5a:40:74:
2b:85:f9:d6:b9:87:01:41:f2:b3:02:fb:e6:f7:4b:
c6:80:53:ec:3d:a2:fa:a3:a8:c5:6f:69:f0:98:d9:
0c:16:58:af:9b:6e:ca:2c:8e:78:b0:e7:ae:b6:e6:
17:d9:8c:57:ce:3b:c3:0b:d1:8e:13:e3:c7:3a:71:
82:29:20:5c:42:cf:96:51:60:aa:5c:48:61:00:31:
75:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:05:F1:B0:7A:BB:7F:E3:3C:14:0C:3F:1D:A7:98:BC:D8:7A:AF:70
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FA0A70029EAD11EF987180A4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.72.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e0:ed:8a:9e:7b:cc:79:56:72:5a:9d:71:94:07:6c:73:e7:
56:79:01:d4:b7:61:7c:01:3e:cc:9c:dd:c8:2a:2b:6c:2b:f3:
d6:d6:06:f0:80:53:25:4c:54:b6:2e:a1:99:69:b7:f5:0d:43:
e0:4b:99:b2:7c:ae:c9:b2:e7:b0:f1:ed:7b:19:13:57:27:d6:
33:24:18:e4:0d:93:8e:fe:70:07:66:89:07:8f:05:0e:5d:db:
87:fa:d7:c2:0e:61:cd:0e:7f:1f:0b:e2:e5:6a:09:99:63:7f:
2f:ba:4b:29:0a:c3:76:90:60:a4:7a:ff:ce:54:98:ef:55:74:
ca:1c:db:d6:59:6a:23:69:4d:18:6d:a5:5d:c5:38:1b:29:87:
2a:e1:96:84:36:48:cb:1e:6f:99:6f:1d:06:7b:51:5a:55:f4:
d4:c8:41:50:38:07:24:f9:c8:c1:30:ab:7e:56:50:7d:2e:87:
13:1e:16:a5:e1:2f:b1:93:30:14:98:ba:e0:2a:77:e7:d1:55:
83:34:e2:c3:03:05:80:1f:55:80:4a:22:6c:f4:58:d1:d9:5e:
ca:62:82:f0:d6:f2:65:90:d7:77:a9:53:61:60:78:9f:b2:f0:
49:4c:81:88:00:84:1f:76:b5:19:7f:f2:97:fc:76:91:00:59:
8e:ac:31:4c
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANAtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTA5MTUxOTEwWhcNMjQxMTMwMTUxOTEwWjAYMRYw
FAYDVQQDEw02NzJmN2Q3MS1kY2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvm7Mfh1jT0Y1jjfIxhX8VondMTX0oxJG1ihljKzT047O4AZCEvuBbsNh
F3x4DYWGI9OTtW6E6U+pz6vmTEZVDCyetsZurvYzs/O24PeGuF7YSCIVHJ2MEa0f
xHgs79sGxAkpxX+pAJImZeFiAw3u4G0ogGIjK4YQTgwHEQ5yxJkyERJvckK/zRlW
4/eEfrUKeNEvqJqXOmU9TAkBqDg+8xG8Qyuo0dMdLeWas53KHuxaQHQrhfnWuYcB
QfKzAvvm90vGgFPsPaL6o6jFb2nwmNkMFlivm27KLI54sOeutuYX2YxXzjvDC9GO
E+PHOnGCKSBcQs+WUWCqXEhhADF1gQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBQF
8bB6u3/jPBQMPx2nmLzYeq9wMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQTBBNzAwMjlFQUQxMUVGOTg3MTgwQTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOxIMA0GCSqGSIb3DQEBCwUA
A4IBAQAD4O2KnnvMeVZyWp1xlAdsc+dWeQHUt2F8AT7MnN3IKitsK/PW1gbwgFMl
TFS2LqGZabf1DUPgS5myfK7Jsuew8e17GRNXJ9YzJBjkDZOO/nAHZokHjwUOXduH
+tfCDmHNDn8fC+LlagmZY38vukspCsN2kGCkev/OVJjvVXTKHNvWWWojaU0YbaVd
xTgbKYcq4ZaENkjLHm+Zbx0Ge1FaVfTUyEFQOAck+cjBMKt+VlB9LocTHhal4S+x
kzAUmLrgKnfn0VWDNOLDAwWAH1WASiJs9FjR2V7KYoLw1vJlkNd3qVNhYHifsvBJ
TIGIAIQfdrUZf/KX/HaRAFmOrDFM
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:55 2024 by rpki-client on console-fra.rpki-client.org