Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/871E01B0D58C11EFB13A4750762E951A.roa
File: 871E01B0D58C11EFB13A4750762E951A.roa (raw, json)
Hash identifier: wtOPF13iOJp2ZFRcCb03ZWSdx0r1qtJfo85iZTTdj6I=
Subject key identifier: C0:6B:76:9D:AF:F8:49:3D:3D:8A:06:F2:5C:88:37:83:9C:2D:00:A0
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010B9B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/871E01B0D58C11EFB13A4750762E951A.roa
Signing time: Sat 18 Jan 2025 11:08:21 +0000
ROA not before: Sat 18 Jan 2025 11:08:17 +0000
ROA not after: Thu 22 Jan 2026 11:08:17 +0000
asID: 63199
IP address blocks: 156.227.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68507 (0x10b9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 18 11:08:17 2025 GMT
Not After : Jan 22 11:08:17 2026 GMT
Subject: CN=678b8ba5-d717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7b:70:e6:b2:62:2f:a8:e0:14:c8:36:04:6b:
a2:c2:56:13:27:a5:e2:e6:c1:11:00:ce:9a:47:18:
58:db:79:e8:7b:95:14:0a:58:61:1f:cd:cf:8d:af:
99:a9:9c:dd:a7:e0:54:fc:5b:03:a9:13:1d:e2:c2:
c6:24:68:67:eb:27:1f:c3:22:18:1d:06:c9:11:63:
8a:84:60:33:cf:b2:49:02:c9:54:9a:3f:c9:e7:74:
d9:40:a4:7e:d3:82:57:ba:8c:de:5c:a7:ba:e5:6b:
00:3a:ae:a1:78:8f:cf:81:26:77:50:75:df:19:fd:
44:54:1e:05:c8:f3:db:46:23:1b:86:6b:c5:fd:6a:
13:3c:23:56:bf:5a:5d:cc:6a:12:98:86:24:ff:96:
dd:23:83:28:6b:43:19:11:c0:ea:29:22:11:b2:3b:
32:70:53:e3:84:c1:90:f6:ac:e3:ce:2c:ad:28:f4:
d6:0e:f5:24:14:80:3b:b3:f4:f6:77:16:1a:3f:97:
2c:27:05:d8:37:8c:7c:5b:8c:ab:e2:62:94:f0:04:
68:b3:12:8b:08:b9:a5:8b:aa:8d:86:38:94:4f:ae:
e9:0d:a2:b7:58:3c:aa:ac:1d:d0:8e:9f:3e:90:39:
35:d1:c7:63:d0:2a:5a:8e:1a:57:74:65:c7:49:f2:
f6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6B:76:9D:AF:F8:49:3D:3D:8A:06:F2:5C:88:37:83:9C:2D:00:A0
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/871E01B0D58C11EFB13A4750762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:64:19:9d:30:9c:2a:76:dc:ed:a9:be:5b:da:de:b5:e0:46:
eb:44:cf:e5:ce:e7:ff:ba:14:a1:1c:ed:91:2c:88:10:36:97:
ff:16:f0:d6:5d:22:eb:61:96:ba:44:3c:d6:ea:3e:ac:56:04:
38:c1:3b:8b:2c:de:11:59:8e:92:ff:54:f3:3c:ff:e8:85:18:
ad:02:cb:7c:07:84:e0:57:bf:7a:94:99:b0:74:28:81:28:46:
57:75:78:a6:d1:9c:72:7f:f9:42:19:2d:92:19:87:f2:01:e7:
43:8b:a3:ba:c8:6b:bb:d4:95:bb:d0:a7:63:00:0d:ff:39:75:
4a:be:3b:46:11:2b:7e:cc:93:64:46:32:d7:99:ec:94:81:56:
01:d8:54:c4:36:ff:85:bf:46:ac:6f:7b:32:b9:0e:c0:54:f2:
e2:00:79:0e:6b:07:e2:5f:1d:5b:93:ad:93:3d:9d:0c:45:d1:
ed:33:b7:66:95:8a:73:42:0f:8c:07:29:81:31:03:d7:5b:71:
ad:b8:c1:f1:f6:1f:f2:27:b2:ab:33:ef:63:01:05:76:4a:bf:
f9:a6:8f:bb:0f:12:f3:b5:b5:92:4d:7b:0c:91:0d:74:b4:ee:
ed:04:08:3c:e4:00:1a:8d:07:01:c6:3c:8e:69:27:bb:d3:37:
35:db:c3:0e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQubMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE4MTEwODE3WhcNMjYwMTIyMTEwODE3WjAYMRYw
FAYDVQQDEw02NzhiOGJhNS1kNzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAontw5rJiL6jgFMg2BGuiwlYTJ6Xi5sERAM6aRxhY23noe5UUClhhH83P
ja+ZqZzdp+BU/FsDqRMd4sLGJGhn6ycfwyIYHQbJEWOKhGAzz7JJAslUmj/J53TZ
QKR+04JXuozeXKe65WsAOq6heI/PgSZ3UHXfGf1EVB4FyPPbRiMbhmvF/WoTPCNW
v1pdzGoSmIYk/5bdI4Moa0MZEcDqKSIRsjsycFPjhMGQ9qzjziytKPTWDvUkFIA7
s/T2dxYaP5csJwXYN4x8W4yr4mKU8ARosxKLCLmli6qNhjiUT67pDaK3WDyqrB3Q
jp8+kDk10cdj0CpajhpXdGXHSfL27wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFMBr
dp2v+Ek9PYoG8lyIN4OcLQCgMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC84NzFFMDFCMEQ1OEMxMUVGQjEzQTQ3NTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOP4MA0GCSqGSIb3DQEBCwUA
A4IBAQCjZBmdMJwqdtztqb5b2t614EbrRM/lzuf/uhShHO2RLIgQNpf/FvDWXSLr
YZa6RDzW6j6sVgQ4wTuLLN4RWY6S/1TzPP/ohRitAst8B4TgV796lJmwdCiBKEZX
dXim0Zxyf/lCGS2SGYfyAedDi6O6yGu71JW70KdjAA3/OXVKvjtGESt+zJNkRjLX
meyUgVYB2FTENv+Fv0asb3syuQ7AVPLiAHkOawfiXx1bk62TPZ0MRdHtM7dmlYpz
Qg+MBymBMQPXW3GtuMHx9h/yJ7KrM+9jAQV2Sr/5po+7DxLztbWSTXsMkQ10tO7t
BAg85AAajQcBxjyOaSe70zc128MO
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:54 2025 by rpki-client