Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D3CED82CCFA11EF887E8B84762E951A.roa
File: 6D3CED82CCFA11EF887E8B84762E951A.roa (raw, json)
Hash identifier: P32VFQ0DlLYTqw9e/8t7rrm+sg/rJtQaA5Lb2p6eCHM=
Subject key identifier: 75:0E:40:98:7D:78:32:A3:1E:C2:6B:B6:56:65:8C:69:DD:B4:56:3B
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: FC3B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D3CED82CCFA11EF887E8B84762E951A.roa
Signing time: Tue 07 Jan 2025 13:22:22 +0000
ROA not before: Tue 07 Jan 2025 13:22:18 +0000
ROA not after: Sat 13 Dec 2025 13:22:18 +0000
asID: 984
IP address blocks: 156.238.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64571 (0xfc3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 7 13:22:18 2025 GMT
Not After : Dec 13 13:22:18 2025 GMT
Subject: CN=677d2a8e-e254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5c:32:26:a6:fd:89:6e:2a:47:45:ae:1f:de:
59:1f:2e:a7:2b:4a:f6:ce:a4:a5:7a:a9:e9:25:9e:
0b:af:a1:c9:18:ff:5e:17:2d:c6:eb:cd:b4:1c:9b:
44:cc:9a:16:f4:5c:69:a2:f5:fb:0d:5f:e8:1c:bb:
07:82:60:98:8f:b5:a1:94:a3:b4:5a:bb:19:64:3d:
80:c5:fc:63:aa:52:1a:80:3d:77:c8:e0:2b:55:20:
b3:e4:0c:1b:ac:86:e1:4f:f0:bd:be:0d:01:42:27:
9a:f2:cc:cc:c1:48:5e:10:2e:37:ba:7e:ef:dc:8d:
36:fb:c7:4c:6e:a5:c7:b8:40:6e:aa:35:0f:ba:12:
70:b1:22:e5:c6:69:2e:5a:22:2a:06:19:58:9b:be:
b1:56:67:0f:0e:9d:8a:dd:23:74:ec:e7:0e:99:a8:
fd:dd:1d:a9:36:bd:ec:48:c3:56:12:e4:02:2c:54:
5f:b1:f8:e3:8d:c0:52:bd:07:5a:28:58:49:7b:02:
d9:0a:80:94:81:15:f1:17:f1:c0:30:b7:6a:30:bd:
66:8e:55:e2:5e:03:c9:43:f2:96:64:c1:1f:4a:f3:
37:bb:a7:5f:2e:38:56:78:90:7b:52:ca:95:c8:0a:
3f:d2:95:c1:59:59:e8:07:6d:72:46:f0:bb:14:24:
1a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:0E:40:98:7D:78:32:A3:1E:C2:6B:B6:56:65:8C:69:DD:B4:56:3B
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6D3CED82CCFA11EF887E8B84762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.12.0/24
Signature Algorithm: sha256WithRSAEncryption
73:05:b4:eb:86:4f:e1:a5:02:66:7b:46:d3:32:9d:27:ce:08:
ca:d0:82:49:87:e3:91:d0:dc:02:c1:e5:d8:df:d2:41:ef:a5:
aa:8d:f7:ad:21:37:8e:7b:4a:41:f7:08:c8:ff:b0:2f:d3:79:
03:72:ac:d2:7f:6d:e5:57:af:27:cf:ec:3e:72:d0:df:61:02:
8c:84:20:5a:89:d0:fc:38:9c:e2:1a:55:e7:57:5b:d3:5f:44:
53:91:cb:4e:f1:f0:35:e4:b0:9b:73:b0:aa:3e:a3:4f:24:fa:
f7:e6:e0:49:04:30:28:4a:ce:73:ef:5b:3b:eb:41:88:0c:32:
bd:6a:5a:b9:0f:70:fc:1b:f9:ff:e2:4a:92:bd:5d:a4:b8:42:
85:08:49:56:34:3c:2e:5b:71:b6:43:52:cc:51:cb:83:75:cd:
7c:9b:d8:7b:92:f8:6d:bf:13:d6:70:47:2a:c3:5b:3c:0c:f3:
a3:8a:35:48:bf:dc:b2:f4:95:32:8b:b8:2d:ef:d8:fc:30:da:
66:c1:6f:4e:42:ba:ad:54:8b:7d:3a:3c:6f:fe:a8:76:ef:3e:
84:04:ad:5d:45:ed:24:7c:43:39:3f:88:5e:a0:39:05:d8:13:
8d:c5:a1:c0:47:e7:f1:54:89:47:66:7c:0a:63:ed:b4:b6:b1:
32:69:bd:63
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPw7MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA3MTMyMjE4WhcNMjUxMjEzMTMyMjE4WjAYMRYw
FAYDVQQDEw02NzdkMmE4ZS1lMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvFwyJqb9iW4qR0WuH95ZHy6nK0r2zqSleqnpJZ4Lr6HJGP9eFy3G6820
HJtEzJoW9FxpovX7DV/oHLsHgmCYj7WhlKO0WrsZZD2AxfxjqlIagD13yOArVSCz
5AwbrIbhT/C9vg0BQiea8szMwUheEC43un7v3I02+8dMbqXHuEBuqjUPuhJwsSLl
xmkuWiIqBhlYm76xVmcPDp2K3SN07OcOmaj93R2pNr3sSMNWEuQCLFRfsfjjjcBS
vQdaKFhJewLZCoCUgRXxF/HAMLdqML1mjlXiXgPJQ/KWZMEfSvM3u6dfLjhWeJB7
UsqVyAo/0pXBWVnoB21yRvC7FCQaxwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHUO
QJh9eDKjHsJrtlZljGndtFY7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RDNDRUQ4MkNDRkExMUVGODg3RThCODQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4MMA0GCSqGSIb3DQEBCwUA
A4IBAQBzBbTrhk/hpQJme0bTMp0nzgjK0IJJh+OR0NwCweXY39JB76WqjfetITeO
e0pB9wjI/7Av03kDcqzSf23lV68nz+w+ctDfYQKMhCBaidD8OJziGlXnV1vTX0RT
kctO8fA15LCbc7CqPqNPJPr35uBJBDAoSs5z71s760GIDDK9alq5D3D8G/n/4kqS
vV2kuEKFCElWNDwuW3G2Q1LMUcuDdc18m9h7kvhtvxPWcEcqw1s8DPOjijVIv9yy
9JUyi7gt79j8MNpmwW9OQrqtVIt9Ojxv/qh27z6EBK1dRe0kfEM5P4heoDkF2BON
xaHAR+fxVIlHZnwKY+20trEyab1j
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:43:37 2025 by rpki-client