Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CA63498F45911EFB4869876762E951A.roa
File: 0CA63498F45911EFB4869876762E951A.roa (raw, json)
Hash identifier: Wq3O8iCBNCs2AxYOdbt+dS+qKWjcz+pmncCAYRSIxA4=
Subject key identifier: B9:FB:54:FB:2F:6A:A8:3D:EC:9D:18:FB:57:7F:84:D6:99:5F:B3:21
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01346D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CA63498F45911EFB4869876762E951A.roa
Signing time: Wed 26 Feb 2025 15:47:58 +0000
ROA not before: Wed 26 Feb 2025 15:47:39 +0000
ROA not after: Thu 19 Feb 2026 15:47:39 +0000
asID: 984
IP address blocks: 156.252.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78957 (0x1346d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 15:47:39 2025 GMT
Not After : Feb 19 15:47:39 2026 GMT
Subject: CN=67bf37ae-8aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9e:39:67:f1:f6:b8:92:c4:0c:4a:0c:f0:8e:
a3:45:93:b0:c8:9d:e7:eb:06:5c:a8:bb:fe:59:0c:
dd:eb:71:c4:c0:29:0e:a4:4e:af:a5:d9:b3:a4:f0:
c9:42:2c:4c:54:ab:61:cf:f0:f9:74:a8:1f:b9:31:
5f:46:c8:52:17:54:60:b5:18:55:45:62:92:95:fe:
a5:fc:f4:80:3f:e3:1e:4a:b0:14:d6:19:41:ea:53:
61:8f:cc:a6:dd:9f:0f:0c:9b:cc:39:41:2d:f5:11:
9d:0a:d5:47:0d:13:94:d5:5a:3d:e2:07:6f:fc:dd:
cd:ce:eb:87:d2:c1:d1:7c:e4:66:d7:50:e6:e6:2f:
7b:90:87:e7:b3:37:83:70:46:6d:3e:f7:de:38:2b:
e6:e0:e4:db:1a:e5:b1:61:aa:4f:80:2b:59:0c:7a:
5b:eb:73:ca:c4:c2:a2:ca:30:4f:cf:35:15:4b:d6:
e9:ea:4e:8c:cf:0d:6e:c6:0b:47:fb:6d:0c:ad:3d:
f9:c3:c0:6e:e6:c4:86:06:b1:e5:6a:c8:ec:9d:ac:
0d:3e:c0:0a:1b:f6:0a:36:85:d7:32:5f:cd:1b:4b:
a2:49:f2:c6:fb:b7:42:32:31:e7:1b:d6:62:17:50:
a0:0c:a7:55:c5:e4:09:13:2f:5d:9d:22:3c:04:69:
4a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:FB:54:FB:2F:6A:A8:3D:EC:9D:18:FB:57:7F:84:D6:99:5F:B3:21
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0CA63498F45911EFB4869876762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.221.0/24
Signature Algorithm: sha256WithRSAEncryption
89:58:ae:af:d4:b1:26:f4:7b:ce:72:56:be:53:aa:79:8c:58:
21:aa:cb:fc:64:ef:ef:9b:b2:c4:31:7b:5b:4d:a2:44:ed:3a:
c2:9b:64:57:d0:6b:84:bd:b7:b7:bb:73:f1:3d:91:ff:e0:20:
5c:18:e0:36:65:ad:80:89:f9:a8:0b:5d:58:49:ac:e0:3a:43:
39:de:82:4c:7b:08:08:61:35:0c:50:23:cd:86:7d:c0:c5:7d:
4f:5a:0d:44:db:67:51:f4:82:1b:e3:42:50:80:1f:c8:50:6c:
97:09:d2:3a:15:b5:24:08:41:dc:6d:01:83:3b:04:08:8d:19:
d4:c1:89:fc:86:7f:7e:e4:b2:74:be:dd:85:37:87:0b:da:06:
3d:8e:31:7f:66:63:48:0a:68:d8:a1:c5:e6:b0:90:82:8c:15:
21:86:84:b1:03:20:ae:7b:79:dc:57:4d:14:f7:b5:f6:48:c0:
a4:ca:0c:67:3b:a4:3c:db:c5:ed:49:08:f4:55:e8:88:e6:8b:
cd:c5:f9:5a:3e:7d:89:8f:53:6d:16:6e:b0:eb:91:3f:81:8f:
0b:15:43:ae:ad:af:c5:75:7e:8d:48:62:70:2a:2c:91:90:63:
2e:d6:5d:07:f9:44:e2:33:4d:a4:33:2a:78:68:93:8f:aa:0b:
47:c6:55:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATRtMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTU0NzM5WhcNMjYwMjE5MTU0NzM5WjAYMRYw
FAYDVQQDEw02N2JmMzdhZS04YWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxp45Z/H2uJLEDEoM8I6jRZOwyJ3n6wZcqLv+WQzd63HEwCkOpE6vpdmz
pPDJQixMVKthz/D5dKgfuTFfRshSF1RgtRhVRWKSlf6l/PSAP+MeSrAU1hlB6lNh
j8ym3Z8PDJvMOUEt9RGdCtVHDROU1Vo94gdv/N3NzuuH0sHRfORm11Dm5i97kIfn
szeDcEZtPvfeOCvm4OTbGuWxYapPgCtZDHpb63PKxMKiyjBPzzUVS9bp6k6Mzw1u
xgtH+20MrT35w8Bu5sSGBrHlasjsnawNPsAKG/YKNoXXMl/NG0uiSfLG+7dCMjHn
G9ZiF1CgDKdVxeQJEy9dnSI8BGlKXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFLn7
VPsvaqg97J0Y+1d/hNaZX7MhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wQ0E2MzQ5OEY0NTkxMUVGQjQ4Njk4NzY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPzdMA0GCSqGSIb3DQEBCwUA
A4IBAQCJWK6v1LEm9HvOcla+U6p5jFghqsv8ZO/vm7LEMXtbTaJE7TrCm2RX0GuE
vbe3u3PxPZH/4CBcGOA2Za2AifmoC11YSazgOkM53oJMewgIYTUMUCPNhn3AxX1P
Wg1E22dR9IIb40JQgB/IUGyXCdI6FbUkCEHcbQGDOwQIjRnUwYn8hn9+5LJ0vt2F
N4cL2gY9jjF/ZmNICmjYocXmsJCCjBUhhoSxAyCue3ncV00U97X2SMCkygxnO6Q8
28XtSQj0VeiI5ovNxflaPn2Jj1NtFm6w65E/gY8LFUOura/FdX6NSGJwKiyRkGMu
1l0H+UTiM02kMyp4aJOPqgtHxlX7
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:57 2025 by rpki-client