Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29B3E2B4114211F0A58C128B762E951A.roa
File: 29B3E2B4114211F0A58C128B762E951A.roa (raw, json)
Hash identifier: WtPAqtXivWOY63kLZsLCO1a1IDU8uWK2zs2erYl2yK0=
Subject key identifier: C1:DB:0D:67:CC:E6:77:B0:C8:A9:7B:00:42:AC:4F:42:D5:B0:38:10
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 014A15
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29B3E2B4114211F0A58C128B762E951A.roa
Signing time: Fri 04 Apr 2025 10:47:11 +0000
ROA not before: Fri 04 Apr 2025 10:47:07 +0000
ROA not after: Thu 08 May 2025 10:47:07 +0000
asID: 44559
IP address blocks: 156.247.20.0/24 maxlen: 24
156.247.21.0/24 maxlen: 24
156.247.22.0/24 maxlen: 24
156.247.23.0/24 maxlen: 24
156.254.96.0/24 maxlen: 24
156.254.97.0/24 maxlen: 24
156.254.98.0/24 maxlen: 24
156.254.99.0/24 maxlen: 24
156.254.100.0/24 maxlen: 24
156.254.101.0/24 maxlen: 24
156.254.102.0/24 maxlen: 24
156.254.103.0/24 maxlen: 24
156.254.104.0/24 maxlen: 24
156.254.105.0/24 maxlen: 24
156.254.106.0/24 maxlen: 24
156.254.107.0/24 maxlen: 24
156.254.108.0/24 maxlen: 24
156.254.109.0/24 maxlen: 24
156.254.110.0/24 maxlen: 24
156.254.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84501 (0x14a15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Apr 4 10:47:07 2025 GMT
Not After : May 8 10:47:07 2025 GMT
Subject: CN=67efb8af-b3f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:f4:8b:52:18:40:0d:3b:ff:ee:d8:70:54:26:
3c:85:b4:14:67:11:f5:4a:83:fc:9b:6a:e0:b2:3f:
37:a4:11:9a:cd:ba:a7:e5:62:3d:f6:5c:c0:2d:61:
c6:06:7e:95:0e:44:c6:df:40:13:cf:5a:8b:1f:21:
36:b3:d0:b2:b6:64:44:05:a2:00:6a:b9:cc:89:58:
12:06:ff:b1:c6:17:7a:c7:43:d4:93:d0:0e:f1:86:
2d:79:f0:3a:c5:65:75:f2:45:18:aa:10:a9:6c:56:
2f:03:3f:11:08:73:13:cf:f3:f6:ff:ae:da:07:b5:
c3:86:05:1e:16:dc:47:cb:f5:9f:16:eb:4b:44:bd:
45:d3:f1:6e:1a:db:d2:b0:1e:8e:a7:97:48:8e:95:
c6:93:fc:f7:e0:a0:3a:0e:8e:c8:a8:40:d4:62:78:
c9:bb:93:8b:18:c6:50:93:31:d2:32:55:07:6a:2f:
a6:cc:b7:9a:b9:23:49:04:17:6a:eb:11:ab:08:39:
e2:90:90:15:9c:eb:65:9a:78:6e:1e:14:1a:b8:a8:
b2:a0:4b:b0:12:be:b5:8c:05:97:e0:dc:ea:52:a8:
a4:34:57:38:74:45:a1:38:e7:a6:aa:54:dd:f3:c3:
e6:2b:37:52:6d:c0:13:3c:0e:52:13:8e:88:2b:62:
3a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DB:0D:67:CC:E6:77:B0:C8:A9:7B:00:42:AC:4F:42:D5:B0:38:10
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29B3E2B4114211F0A58C128B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.247.20.0/22
156.254.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5c:21:70:ca:81:a9:72:b9:ce:f8:f5:18:10:6c:75:db:30:04:
62:d1:48:0f:d7:92:98:ba:c0:bf:ea:ff:c5:e4:9e:5f:d0:11:
07:24:59:74:6e:f1:dc:97:95:04:fb:75:c0:d6:12:c6:b8:1b:
d4:e4:77:18:a5:fc:d3:fd:04:fd:46:b3:23:63:f4:d6:47:e1:
12:5b:7a:82:2e:68:29:17:bd:3b:32:1b:3d:72:31:6c:00:e2:
fb:c8:f8:61:60:b3:60:d6:80:e7:07:e6:17:8b:32:bb:e4:a7:
35:f8:0f:b3:a3:87:18:aa:11:0a:5f:b7:38:6b:31:0f:d9:5e:
2d:c3:76:a4:b9:7e:ac:37:32:c0:6b:c5:83:1c:b1:7a:a9:5e:
f2:a4:7b:1f:ea:6f:c6:95:7f:9d:04:81:22:a2:8e:e6:38:f8:
71:b1:d0:68:81:26:08:5f:d2:6c:0a:06:32:ee:47:fe:3f:5f:
55:df:28:ed:a5:12:cb:82:7e:01:45:b2:0d:cd:56:11:c9:99:
06:1f:cf:ec:a4:62:2c:ca:7a:45:77:36:bc:00:6d:cd:59:31:
fe:d9:ca:9a:78:de:f4:b8:04:7d:46:6d:97:6f:77:e0:d7:2f:
29:8f:d7:97:4e:83:b5:3f:7a:b8:dc:fc:ab:1e:e4:79:74:48:
95:a7:d7:23
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAUoVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNDA0MTA0NzA3WhcNMjUwNTA4MTA0NzA3WjAYMRYw
FAYDVQQDEw02N2VmYjhhZi1iM2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5vSLUhhADTv/7thwVCY8hbQUZxH1SoP8m2rgsj83pBGazbqn5WI99lzA
LWHGBn6VDkTG30ATz1qLHyE2s9CytmREBaIAarnMiVgSBv+xxhd6x0PUk9AO8YYt
efA6xWV18kUYqhCpbFYvAz8RCHMTz/P2/67aB7XDhgUeFtxHy/WfFutLRL1F0/Fu
GtvSsB6Op5dIjpXGk/z34KA6Do7IqEDUYnjJu5OLGMZQkzHSMlUHai+mzLeauSNJ
BBdq6xGrCDnikJAVnOtlmnhuHhQauKiyoEuwEr61jAWX4NzqUqikNFc4dEWhOOem
qlTd88PmKzdSbcATPA5SE46IK2I6KwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMHb
DWfM5newyKl7AEKsT0LVsDgQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOUIzRTJCNDExNDIxMUYwQTU4QzEyOEI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCnPcUAwQEnP5gMA0GCSqGSIb3
DQEBCwUAA4IBAQBcIXDKgalyuc749RgQbHXbMARi0UgP15KYusC/6v/F5J5f0BEH
JFl0bvHcl5UE+3XA1hLGuBvU5HcYpfzT/QT9RrMjY/TWR+ESW3qCLmgpF707Mhs9
cjFsAOL7yPhhYLNg1oDnB+YXizK75Kc1+A+zo4cYqhEKX7c4azEP2V4tw3akuX6s
NzLAa8WDHLF6qV7ypHsf6m/GlX+dBIEioo7mOPhxsdBogSYIX9JsCgYy7kf+P19V
3yjtpRLLgn4BRbINzVYRyZkGH8/spGIsynpFdza8AG3NWTH+2cqaeN70uAR9Rm2X
b3fg1y8pj9eXToO1P3q43PyrHuR5dEiVp9cj
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:12:45 2025 by rpki-client