Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29E6E7FCF34E11EF941ED24F762E951A.roa
File: 29E6E7FCF34E11EF941ED24F762E951A.roa (raw, json)
Hash identifier: z7p+tdX0hWGnY4Mxf1c4kRWdLosFPTqu/x0ylJGHtxc=
Subject key identifier: E6:27:6E:B5:64:B6:52:95:5C:9B:14:F3:B3:AF:88:47:8B:4C:71:8D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 012DD5
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29E6E7FCF34E11EF941ED24F762E951A.roa
Signing time: Tue 25 Feb 2025 07:57:31 +0000
ROA not before: Tue 25 Feb 2025 07:57:27 +0000
ROA not after: Sat 19 Feb 2028 07:57:27 +0000
asID: 17561
IP address blocks: 156.249.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77269 (0x12dd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 25 07:57:27 2025 GMT
Not After : Feb 19 07:57:27 2028 GMT
Subject: CN=67bd77eb-de06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:3e:73:04:ff:7e:23:c1:b3:ad:b7:64:71:
d5:d4:7a:f5:7d:e2:c8:fc:07:db:69:54:6c:b2:76:
20:e7:d8:72:19:ff:96:24:2e:b2:c6:2f:72:1b:c8:
a5:a8:08:31:e1:83:9e:8c:8f:71:d8:c0:c8:14:4c:
ca:a6:aa:eb:80:8b:d7:a1:e0:ef:f6:05:08:fe:b9:
f6:d0:e5:90:d2:46:87:a3:f2:00:d7:f0:b9:69:87:
1f:99:24:2a:b6:76:fd:44:c2:39:6f:b9:61:0b:ca:
37:7a:5a:59:0e:00:59:9c:37:0d:8e:74:37:b9:12:
39:d2:96:1c:4f:ed:71:e9:38:e3:e5:02:b8:4e:2c:
6c:6d:aa:ba:2e:1a:fb:24:c5:11:00:0f:04:12:c1:
4b:7e:bb:dd:71:f1:77:fd:82:d3:f7:ce:8d:2d:1e:
33:d5:88:cc:72:11:02:f7:99:de:74:41:cc:18:15:
98:08:98:7a:c3:3a:6c:51:78:ec:d1:c4:ef:cb:b7:
7b:a5:8b:f5:76:89:bb:ec:62:91:3c:78:d3:22:48:
b8:c0:07:24:50:0c:07:30:b6:56:c7:d6:c2:bc:57:
1e:2b:42:05:4b:6b:8d:77:bf:27:52:34:ac:7b:29:
96:fa:79:d4:2e:dd:2b:77:b9:39:ce:79:d8:01:1c:
16:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:27:6E:B5:64:B6:52:95:5C:9B:14:F3:B3:AF:88:47:8B:4C:71:8D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/29E6E7FCF34E11EF941ED24F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.239.0/24
Signature Algorithm: sha256WithRSAEncryption
07:df:21:2c:35:ac:f1:82:d1:c5:e3:9d:1e:a0:44:b3:bd:af:
28:a4:a4:e4:56:2c:90:ed:55:26:ec:0e:44:3e:8f:fa:19:0a:
42:4c:03:fa:40:e3:ed:6b:0e:5c:86:7c:51:c8:d7:49:7b:6a:
ee:82:c7:c8:1e:24:e7:12:3e:c6:ad:97:db:b9:ea:5c:66:5b:
0d:ca:30:3b:45:fe:af:04:8e:27:fb:de:f9:06:2f:8b:b6:9d:
9b:17:80:9b:36:1c:de:13:b8:92:dc:8e:5f:32:d7:55:f4:5d:
56:ef:45:09:61:08:61:5c:76:16:5c:e6:74:84:97:00:42:66:
df:6e:57:10:15:55:42:3b:c7:f9:4c:5e:a4:4c:26:00:d9:3a:
89:e5:31:db:f1:e8:16:29:71:4f:40:db:6a:b0:50:e2:9c:5c:
2a:7c:0f:b5:c7:34:d1:49:49:cd:21:03:d6:7b:95:36:7a:54:
0d:7d:04:36:2a:6f:d4:f9:40:26:3f:7f:81:25:fc:cb:6c:b9:
77:a3:39:56:b1:ad:a2:6e:db:f6:e6:5b:b1:06:b7:14:23:5b:
28:4a:ad:c7:2c:52:2b:96:e8:9c:84:31:1b:d7:79:6b:d9:72:
b6:cb:16:44:6b:90:f8:60:cc:e0:ed:27:f7:48:55:37:19:37:
8b:15:9e:71
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAS3VMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI1MDc1NzI3WhcNMjgwMjE5MDc1NzI3WjAYMRYw
FAYDVQQDEw02N2JkNzdlYi1kZTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvEk+cwT/fiPBs623ZHHV1Hr1feLI/AfbaVRssnYg59hyGf+WJC6yxi9y
G8ilqAgx4YOejI9x2MDIFEzKpqrrgIvXoeDv9gUI/rn20OWQ0kaHo/IA1/C5aYcf
mSQqtnb9RMI5b7lhC8o3elpZDgBZnDcNjnQ3uRI50pYcT+1x6Tjj5QK4Tixsbaq6
Lhr7JMURAA8EEsFLfrvdcfF3/YLT986NLR4z1YjMchEC95nedEHMGBWYCJh6wzps
UXjs0cTvy7d7pYv1dom77GKRPHjTIki4wAckUAwHMLZWx9bCvFceK0IFS2uNd78n
UjSseymW+nnULt0rd7k5znnYARwWRwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOYn
brVktlKVXJsU87OviEeLTHGNMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yOUU2RTdGQ0YzNEUxMUVGOTQxRUQyNEY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPnvMA0GCSqGSIb3DQEBCwUA
A4IBAQAH3yEsNazxgtHF450eoESzva8opKTkViyQ7VUm7A5EPo/6GQpCTAP6QOPt
aw5chnxRyNdJe2rugsfIHiTnEj7GrZfbuepcZlsNyjA7Rf6vBI4n+975Bi+Ltp2b
F4CbNhzeE7iS3I5fMtdV9F1W70UJYQhhXHYWXOZ0hJcAQmbfblcQFVVCO8f5TF6k
TCYA2TqJ5THb8egWKXFPQNtqsFDinFwqfA+1xzTRSUnNIQPWe5U2elQNfQQ2Km/U
+UAmP3+BJfzLbLl3ozlWsa2ibtv25luxBrcUI1soSq3HLFIrluichDEb13lr2XK2
yxZEa5D4YMzg7Sf3SFU3GTeLFZ5x
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:40 2025 by rpki-client