Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CA01F92CD9C11EF90D27097762E951A.roa
File: 5CA01F92CD9C11EF90D27097762E951A.roa (raw, json)
Hash identifier: Mpvc1YIlLS56NFLHo/SO5BCSDtHuBuKxpAn9MeM3Rko=
Subject key identifier: 76:87:37:1A:F7:18:0D:23:74:EE:DA:4C:D4:E6:F4:8E:A7:76:C1:C5
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01008D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CA01F92CD9C11EF90D27097762E951A.roa
Signing time: Wed 08 Jan 2025 08:41:32 +0000
ROA not before: Wed 08 Jan 2025 08:41:29 +0000
ROA not after: Tue 16 Dec 2025 08:41:29 +0000
asID: 984
IP address blocks: 156.249.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65677 (0x1008d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 08:41:29 2025 GMT
Not After : Dec 16 08:41:29 2025 GMT
Subject: CN=677e3a3c-7b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:11:cb:71:24:27:d2:22:d5:04:0e:12:a2:79:
8b:82:db:8d:ed:39:fa:d3:f1:9d:be:24:dd:fb:4e:
53:79:9f:59:5f:3e:5c:a7:33:45:51:5a:a3:59:76:
5b:81:f8:62:4e:b7:1c:e1:64:31:fc:f1:37:c8:9c:
1d:6c:e6:10:78:4f:a4:ed:fc:d8:96:84:e7:b5:d7:
dc:90:5f:bb:5e:3d:cd:bd:40:80:b2:2c:2e:c1:2f:
bd:39:63:bf:f7:cc:79:09:6e:2b:f8:3e:e0:09:b9:
f9:1c:8b:98:8c:b0:d8:07:90:59:f5:1b:ab:2e:fe:
78:44:68:18:db:87:b5:53:d6:fb:a1:24:82:94:85:
17:1d:24:54:1a:ca:fa:77:31:85:39:3e:9a:78:9a:
b7:1d:64:42:48:f5:08:a0:70:bd:7d:6d:9e:4b:63:
df:df:6b:ac:5b:4d:86:94:08:d9:36:a9:1c:3c:67:
a5:0b:ca:7f:2e:7e:b0:ce:6e:e9:7f:82:35:c9:9d:
eb:4b:5b:e3:22:6f:63:ca:bc:27:ae:0c:e6:57:f0:
a0:98:9f:73:22:56:92:e0:73:4f:57:e4:9a:4e:38:
ff:25:97:a6:07:61:99:eb:cb:b0:51:c2:5c:79:e6:
55:5a:67:6b:ea:32:0d:6d:95:17:23:77:15:a8:79:
b6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:87:37:1A:F7:18:0D:23:74:EE:DA:4C:D4:E6:F4:8E:A7:76:C1:C5
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5CA01F92CD9C11EF90D27097762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.90.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f8:85:47:53:82:ea:ee:e0:a4:d4:06:cf:cf:5e:02:56:35:
ed:60:ba:eb:87:ce:0c:00:e7:e5:aa:f9:68:01:95:e5:3a:92:
58:d7:af:24:13:75:3a:92:21:ce:34:f5:c3:5a:d2:71:ec:04:
d6:9d:2a:b2:b0:4c:06:a6:ef:c5:69:c7:5b:10:1d:01:47:b7:
9e:e0:64:82:c9:19:a6:28:5e:ab:52:aa:1f:87:b0:94:fd:7e:
42:bc:2d:01:f0:9b:9f:67:81:84:c9:44:01:ee:2c:de:cf:7d:
05:f8:fc:45:1b:94:70:14:dc:cc:67:99:61:3c:c3:b5:9b:7d:
34:df:8c:f8:37:1b:86:d6:f3:8a:46:fa:3a:2e:bb:68:24:f6:
c1:75:53:50:bf:bf:ac:f3:a3:f5:90:d8:5d:d8:80:93:8a:6a:
9c:48:28:e2:06:63:38:77:56:fe:0a:2f:41:d5:f9:66:2b:e8:
97:25:b7:05:e8:a0:ff:e2:0c:93:95:21:5b:1f:b1:83:6c:bd:
70:55:4f:e3:d3:5a:a4:33:2c:c9:6e:12:42:d7:42:c4:ec:ce:
7c:e9:7f:9d:42:a7:9a:2f:de:43:cf:a0:88:bc:60:60:5c:b6:
d6:ed:f6:4f:e3:d8:1a:56:ed:f4:64:a9:e2:93:bc:dd:59:00:
42:b0:5c:1a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQCNMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDg0MTI5WhcNMjUxMjE2MDg0MTI5WjAYMRYw
FAYDVQQDEw02NzdlM2EzYy03YjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAnhHLcSQn0iLVBA4SonmLgtuN7Tn60/GdviTd+05TeZ9ZXz5cpzNFUVqj
WXZbgfhiTrcc4WQx/PE3yJwdbOYQeE+k7fzYloTntdfckF+7Xj3NvUCAsiwuwS+9
OWO/98x5CW4r+D7gCbn5HIuYjLDYB5BZ9RurLv54RGgY24e1U9b7oSSClIUXHSRU
Gsr6dzGFOT6aeJq3HWRCSPUIoHC9fW2eS2Pf32usW02GlAjZNqkcPGelC8p/Ln6w
zm7pf4I1yZ3rS1vjIm9jyrwnrgzmV/CgmJ9zIlaS4HNPV+SaTjj/JZemB2GZ68uw
UcJceeZVWmdr6jINbZUXI3cVqHm2mwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHaH
Nxr3GA0jdO7aTNTm9I6ndsHFMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC81Q0EwMUY5MkNEOUMxMUVGOTBEMjcwOTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPlaMA0GCSqGSIb3DQEBCwUA
A4IBAQBJ+IVHU4Lq7uCk1AbPz14CVjXtYLrrh84MAOflqvloAZXlOpJY168kE3U6
kiHONPXDWtJx7ATWnSqysEwGpu/FacdbEB0BR7ee4GSCyRmmKF6rUqofh7CU/X5C
vC0B8JufZ4GEyUQB7izez30F+PxFG5RwFNzMZ5lhPMO1m30034z4NxuG1vOKRvo6
LrtoJPbBdVNQv7+s86P1kNhd2ICTimqcSCjiBmM4d1b+Ci9B1flmK+iXJbcF6KD/
4gyTlSFbH7GDbL1wVU/j01qkMyzJbhJC10LE7M586X+dQqeaL95Dz6CIvGBgXLbW
7fZP49gaVu30ZKnik7zdWQBCsFwa
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:47:36 2025 by rpki-client