Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6945FF84F43211EFAC792864762E951A.roa
File: 6945FF84F43211EFAC792864762E951A.roa (raw, json)
Hash identifier: bvQ+jr6SnNsllyq14yhSmF0NDviLMfOmrguSH6pViVU=
Subject key identifier: EC:91:47:38:4B:19:C3:0E:A8:E4:A2:83:03:42:73:F5:F0:E4:58:41
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0131A4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6945FF84F43211EFAC792864762E951A.roa
Signing time: Wed 26 Feb 2025 11:11:22 +0000
ROA not before: Wed 26 Feb 2025 11:11:19 +0000
ROA not after: Thu 19 Feb 2026 11:11:19 +0000
asID: 984
IP address blocks: 156.252.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78244 (0x131a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:11:19 2025 GMT
Not After : Feb 19 11:11:19 2026 GMT
Subject: CN=67bef6da-7638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:4f:fd:d0:f7:69:8f:c0:e8:95:40:5a:0b:
34:f2:3c:63:74:a3:bc:11:d4:17:fc:fe:34:c7:c7:
00:84:0e:14:af:25:2d:9c:c5:db:86:7d:31:58:f2:
e4:b3:4d:84:3d:d4:13:de:41:3e:60:e5:09:4b:e0:
ff:f4:0e:a1:5c:b2:72:2c:c2:62:80:a0:78:13:06:
12:01:8c:c9:28:91:76:2e:f4:a5:50:9a:04:fc:aa:
96:f5:d6:99:23:8f:24:34:26:b2:0f:d5:f7:e8:77:
1f:a6:19:f7:a3:fe:68:1b:1b:63:8d:c2:ec:36:0e:
76:83:5b:d7:a8:74:eb:1f:fe:5c:0d:1b:1a:dc:d1:
aa:3a:70:99:d8:8e:a3:9f:8d:58:2a:7b:92:37:60:
ab:cd:27:20:f6:d4:06:b2:b3:de:a2:6f:14:bd:b8:
f7:c4:14:7f:3a:c9:0c:27:b8:58:f1:36:ff:4e:bf:
84:92:7f:d0:03:b8:9a:ca:d7:3b:9f:41:24:eb:c8:
53:d4:c2:58:6d:db:25:77:34:8b:bf:3d:d6:14:6e:
93:c4:cd:fb:7f:61:5b:eb:79:5a:c1:c8:2f:52:32:
40:fc:ed:db:67:d3:6e:98:e5:67:aa:ff:63:3f:a2:
d7:3c:9a:10:f3:df:63:a6:ad:1f:03:7d:b4:a7:95:
0f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:91:47:38:4B:19:C3:0E:A8:E4:A2:83:03:42:73:F5:F0:E4:58:41
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6945FF84F43211EFAC792864762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.109.0/24
Signature Algorithm: sha256WithRSAEncryption
14:dd:43:d9:8d:b5:3c:28:85:ad:76:e8:61:42:4e:59:53:76:
22:c3:74:cb:26:38:14:9c:da:30:8b:af:7b:b8:00:27:4a:9a:
e4:2d:21:1b:7a:6f:19:fd:4d:e9:b4:3f:be:89:e4:50:f8:3f:
40:c9:bc:0f:86:9f:2f:6c:23:9b:4c:02:45:aa:85:65:cf:59:
18:73:c9:94:4c:f7:bd:51:84:50:39:bb:8e:b6:42:fd:da:d5:
62:ac:88:ea:cd:7a:43:c5:ed:7f:9d:cb:3a:1b:64:63:88:70:
40:4c:5a:83:96:22:54:1c:0a:91:ed:db:9e:f7:0e:c0:16:5b:
57:2b:3e:92:c0:9f:0d:9d:8c:a3:72:b2:1f:23:93:57:6b:f3:
74:4d:1d:7b:e6:d5:50:e1:82:8e:fe:26:6e:8a:08:91:4b:ed:
76:a2:1b:e8:8d:8f:f2:7f:9c:aa:7e:0e:88:41:dd:e7:e0:b5:
2d:7b:f8:67:bd:7d:e9:28:62:77:67:68:c2:b5:9c:e3:5f:c8:
e3:89:62:b0:50:5b:00:8c:14:66:aa:26:d6:6d:30:2e:e0:68:
f3:2d:18:12:49:3c:b8:84:20:85:66:a0:aa:e4:b7:48:29:49:
6a:0c:02:26:df:1e:c1:17:8d:fb:66:11:62:d8:fd:fe:1e:59:
d3:fe:7d:c2
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATGkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTExMTE5WhcNMjYwMjE5MTExMTE5WjAYMRYw
FAYDVQQDEw02N2JlZjZkYS03NjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvNhP/dD3aY/A6JVAWgs08jxjdKO8EdQX/P40x8cAhA4UryUtnMXbhn0x
WPLks02EPdQT3kE+YOUJS+D/9A6hXLJyLMJigKB4EwYSAYzJKJF2LvSlUJoE/KqW
9daZI48kNCayD9X36Hcfphn3o/5oGxtjjcLsNg52g1vXqHTrH/5cDRsa3NGqOnCZ
2I6jn41YKnuSN2CrzScg9tQGsrPeom8Uvbj3xBR/OskMJ7hY8Tb/Tr+Ekn/QA7ia
ytc7n0Ek68hT1MJYbdsldzSLvz3WFG6TxM37f2Fb63lawcgvUjJA/O3bZ9NumOVn
qv9jP6LXPJoQ899jpq0fA320p5UP8QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOyR
RzhLGcMOqOSigwNCc/Xw5FhBMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82OTQ1RkY4NEY0MzIxMUVGQUM3OTI4NjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxtMA0GCSqGSIb3DQEBCwUA
A4IBAQAU3UPZjbU8KIWtduhhQk5ZU3Yiw3TLJjgUnNowi697uAAnSprkLSEbem8Z
/U3ptD++ieRQ+D9AybwPhp8vbCObTAJFqoVlz1kYc8mUTPe9UYRQObuOtkL92tVi
rIjqzXpDxe1/ncs6G2RjiHBATFqDliJUHAqR7due9w7AFltXKz6SwJ8NnYyjcrIf
I5NXa/N0TR175tVQ4YKO/iZuigiRS+12ohvojY/yf5yqfg6IQd3n4LUte/hnvX3p
KGJ3Z2jCtZzjX8jjiWKwUFsAjBRmqibWbTAu4GjzLRgSSTy4hCCFZqCq5LdIKUlq
DAIm3x7BF437ZhFi2P3+HlnT/n3C
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:17 2025 by rpki-client