Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE08556CB23411EF940CA452762E951A.roa
File: FE08556CB23411EF940CA452762E951A.roa (raw, json)
Hash identifier: eZCucSYg4TTCFPU75rHkoD6fg1MOtB1HnULbTx5Iv/w=
Subject key identifier: 1C:3E:C2:A0:D0:E3:F2:EC:9A:C3:0E:2B:8C:81:2F:23:45:03:AC:F1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: DF7C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE08556CB23411EF940CA452762E951A.roa
Signing time: Wed 04 Dec 2024 11:43:34 +0000
ROA not before: Wed 04 Dec 2024 11:43:30 +0000
ROA not after: Mon 02 Dec 2030 11:43:30 +0000
asID: 17561
IP address blocks: 156.252.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57212 (0xdf7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 4 11:43:30 2024 GMT
Not After : Dec 2 11:43:30 2030 GMT
Subject: CN=67504066-2dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e6:73:c9:05:b2:4d:41:5d:41:75:fa:63:e5:
93:5c:4c:37:00:17:fa:a6:fe:2d:d8:d0:73:fd:9c:
4a:f6:67:92:19:fc:0f:c1:64:bc:0e:bd:6f:e1:5c:
69:4b:9e:a8:f8:7d:0f:2e:6b:2c:72:b6:fa:aa:6a:
55:71:e1:18:18:cb:c0:bf:d9:86:b8:8b:b6:e3:c7:
5e:be:ce:e8:98:57:81:a3:33:d1:54:d3:00:99:90:
6c:6e:b8:4e:39:14:90:da:1c:29:82:ff:d5:75:a8:
f6:ae:c4:84:0b:a4:6a:10:c6:d5:ca:2f:f3:2b:16:
d5:bb:fc:6f:72:40:e6:c9:b7:dd:19:2f:91:3f:ce:
37:40:68:a2:ba:b9:c4:89:5e:e2:06:f4:28:5f:2d:
cf:bf:67:01:40:1a:6d:86:d8:9f:fb:d3:b1:da:c2:
10:d3:81:cc:3f:26:b0:40:60:7f:e4:ed:d3:76:10:
a1:b8:9d:96:bf:cc:ce:b0:ea:6c:c3:32:4a:b6:8e:
39:7b:8a:0e:1a:44:95:39:e6:87:4b:04:13:a4:58:
56:bf:f4:b1:78:bc:7d:38:de:e4:d1:25:b7:9b:81:
b4:5a:75:b9:13:9d:de:5e:7b:ad:62:81:de:1d:c1:
64:d8:0c:97:3a:23:e2:95:76:dd:44:1c:be:7d:fa:
77:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3E:C2:A0:D0:E3:F2:EC:9A:C3:0E:2B:8C:81:2F:23:45:03:AC:F1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FE08556CB23411EF940CA452762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:17:06:ac:4a:2f:12:3a:24:49:86:7f:7f:3d:d3:6c:ba:30:
b4:6d:4d:46:15:eb:20:05:e6:51:6d:90:94:3b:5b:5b:a3:ff:
29:6c:e8:d9:2d:79:e8:b9:41:50:12:20:cb:29:1e:05:af:65:
c1:c4:54:a3:21:66:56:08:ac:db:a7:16:5f:03:e6:7b:2e:7b:
1d:7d:b5:1a:3c:c8:76:d3:1a:3e:dc:e7:a0:f0:02:10:5a:85:
cb:47:7a:da:81:4f:c1:cd:b0:f8:40:45:c5:12:56:9c:65:d7:
90:07:cb:f2:12:1b:03:d1:a2:bd:5b:74:1c:e4:c2:60:78:01:
53:7c:8e:62:b4:34:0e:3d:bf:25:48:5a:11:d4:cc:af:0f:bd:
13:c0:f7:87:24:e9:60:d3:9d:93:e3:8a:61:4e:18:40:0c:00:
a3:92:e7:31:32:94:82:11:3b:30:3f:ff:0e:3b:87:cc:05:19:
cd:35:4c:42:34:92:6e:6b:70:30:b2:34:51:fa:d1:1c:27:57:
8f:3f:81:fb:39:37:eb:a9:cd:98:2b:78:64:b4:a1:16:74:d5:
09:6b:8b:7a:52:98:8f:f8:f0:d7:d5:be:bf:bc:94:cd:d0:c0:
7d:87:f7:e6:0d:52:71:85:3f:d9:9f:f2:06:5f:52:76:2d:db:
1e:bb:ce:ab
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAN98MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjA0MTE0MzMwWhcNMzAxMjAyMTE0MzMwWjAYMRYw
FAYDVQQDEw02NzUwNDA2Ni0yZGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAl+ZzyQWyTUFdQXX6Y+WTXEw3ABf6pv4t2NBz/ZxK9meSGfwPwWS8Dr1v
4VxpS56o+H0PLmsscrb6qmpVceEYGMvAv9mGuIu248devs7omFeBozPRVNMAmZBs
brhOORSQ2hwpgv/Vdaj2rsSEC6RqEMbVyi/zKxbVu/xvckDmybfdGS+RP843QGii
urnEiV7iBvQoXy3Pv2cBQBpthtif+9Ox2sIQ04HMPyawQGB/5O3TdhChuJ2Wv8zO
sOpswzJKto45e4oOGkSVOeaHSwQTpFhWv/SxeLx9ON7k0SW3m4G0WnW5E53eXnut
YoHeHcFk2AyXOiPilXbdRBy+ffp3UwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBw+
wqDQ4/LsmsMOK4yBLyNFA6zxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GRTA4NTU2Q0IyMzQxMUVGOTQwQ0E0NTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPxAMA0GCSqGSIb3DQEBCwUA
A4IBAQBOFwasSi8SOiRJhn9/PdNsujC0bU1GFesgBeZRbZCUO1tbo/8pbOjZLXno
uUFQEiDLKR4Fr2XBxFSjIWZWCKzbpxZfA+Z7LnsdfbUaPMh20xo+3Oeg8AIQWoXL
R3ragU/BzbD4QEXFElacZdeQB8vyEhsD0aK9W3Qc5MJgeAFTfI5itDQOPb8lSFoR
1MyvD70TwPeHJOlg052T44phThhADACjkucxMpSCETswP/8OO4fMBRnNNUxCNJJu
a3AwsjRR+tEcJ1ePP4H7OTfrqc2YK3hktKEWdNUJa4t6UpiP+PDX1b6/vJTN0MB9
h/fmDVJxhT/Zn/IGX1J2Ldseu86r
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:57:35 2025 by rpki-client