Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9E1A022AD2FC11EFA61263B4762E951A.roa
File: 9E1A022AD2FC11EFA61263B4762E951A.roa (raw, json)
Hash identifier: trzQRFm97NsrprsRhvm4uQfT6NopIMlUrJ41UJbyN1g=
Subject key identifier: 8E:47:30:E2:64:8D:5F:9F:88:E1:27:B5:1B:E8:4F:90:F7:74:88:63
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0107CF
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9E1A022AD2FC11EFA61263B4762E951A.roa
Signing time: Wed 15 Jan 2025 04:53:10 +0000
ROA not before: Wed 15 Jan 2025 04:53:06 +0000
ROA not after: Sat 03 Jan 2026 04:53:06 +0000
asID: 984
IP address blocks: 156.254.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67535 (0x107cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 15 04:53:06 2025 GMT
Not After : Jan 3 04:53:06 2026 GMT
Subject: CN=67873f36-4786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9d:62:6a:7b:b9:2b:df:31:b2:70:76:cc:b0:
22:82:1a:34:b7:02:b5:ca:8b:22:b1:ed:1e:ed:62:
e5:7d:05:0e:62:a6:9e:04:e6:0d:d3:75:da:37:99:
8e:fe:13:97:3b:6d:fc:28:77:6f:c8:9a:d8:b9:5f:
92:52:52:4e:ef:0d:a4:06:08:fa:be:c2:52:f6:72:
7a:6f:8e:cb:f0:85:86:fd:9c:e1:1d:39:77:54:20:
91:fb:59:6c:89:e9:17:89:00:5b:d0:9f:63:28:51:
3e:69:db:64:40:b8:5f:d3:35:a7:7e:db:1f:62:af:
52:0d:13:59:8f:02:2f:b3:cc:42:7f:f9:2c:f0:15:
d6:90:09:bd:cf:b4:d2:23:83:e9:f0:7c:6e:42:07:
97:17:73:4d:cc:21:17:30:07:16:6c:8d:da:ab:04:
a4:9f:38:b3:1d:3e:52:a7:ce:0d:74:17:df:fd:51:
ae:3f:6d:3f:0c:57:8c:c5:94:e8:58:51:0a:b7:ee:
1b:2f:64:61:e0:c6:86:6b:1a:9e:9a:6e:fd:87:28:
d3:4c:6a:e0:8f:e4:71:de:55:69:4a:12:ba:65:d5:
45:7f:61:46:86:a5:e9:2d:a7:7e:66:3e:a4:33:3c:
bb:c0:98:28:e3:77:c2:0b:50:ce:4b:61:47:05:58:
e1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:47:30:E2:64:8D:5F:9F:88:E1:27:B5:1B:E8:4F:90:F7:74:88:63
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/9E1A022AD2FC11EFA61263B4762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.254.18.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:8b:ca:7c:c3:9b:e2:22:a3:8a:eb:38:42:bc:7c:7b:cd:56:
cf:3b:eb:5e:9d:79:e7:ec:a7:c5:b9:03:12:a7:13:c4:a3:1d:
03:91:1a:8d:0b:fc:c5:34:d7:c2:a4:f3:c1:ff:fe:3e:26:00:
24:d5:b2:24:80:52:49:ef:53:2d:e2:89:1d:ed:e2:59:e0:5b:
29:92:14:c2:06:34:3a:76:00:5b:0f:d1:d7:82:b6:8c:2b:5e:
0e:30:cc:ad:02:f6:f6:7c:28:d3:88:8a:9d:32:7d:78:5e:46:
df:4d:14:78:85:bb:6b:6d:07:da:56:16:37:53:85:47:45:6e:
a5:8e:d9:a8:12:d6:df:5e:98:13:5d:95:07:94:12:ce:3f:fb:
58:47:27:c8:4e:4b:88:bb:3f:12:83:3a:1c:93:aa:f4:d2:31:
83:a6:b3:8d:6b:44:ff:f1:d4:45:ea:67:76:c4:e8:6e:e4:b7:
f0:c8:b7:5d:54:b8:f2:85:5c:72:d2:17:37:0b:ca:4d:8b:24:
6d:b4:63:2d:1e:d0:07:ff:36:bf:90:7c:a9:1a:20:7c:81:ac:
15:6b:2c:ec:a3:1e:09:83:64:17:a1:1b:6c:0a:f8:d9:00:06:
db:a7:06:0f:06:5b:da:8a:73:e7:9b:40:c6:58:13:de:c6:66:
6b:8a:09:e6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQfPMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE1MDQ1MzA2WhcNMjYwMTAzMDQ1MzA2WjAYMRYw
FAYDVQQDEw02Nzg3M2YzNi00Nzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxp1ianu5K98xsnB2zLAigho0twK1yosise0e7WLlfQUOYqaeBOYN03Xa
N5mO/hOXO238KHdvyJrYuV+SUlJO7w2kBgj6vsJS9nJ6b47L8IWG/ZzhHTl3VCCR
+1lsiekXiQBb0J9jKFE+adtkQLhf0zWnftsfYq9SDRNZjwIvs8xCf/ks8BXWkAm9
z7TSI4Pp8HxuQgeXF3NNzCEXMAcWbI3aqwSknzizHT5Sp84NdBff/VGuP20/DFeM
xZToWFEKt+4bL2Rh4MaGaxqemm79hyjTTGrgj+Rx3lVpShK6ZdVFf2FGhqXpLad+
Zj6kMzy7wJgo43fCC1DOS2FHBVjhOQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFI5H
MOJkjV+fiOEntRvoT5D3dIhjMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC85RTFBMDIyQUQyRkMxMUVGQTYxMjYzQjQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP4SMA0GCSqGSIb3DQEBCwUA
A4IBAQCki8p8w5viIqOK6zhCvHx7zVbPO+tenXnn7KfFuQMSpxPEox0DkRqNC/zF
NNfCpPPB//4+JgAk1bIkgFJJ71Mt4okd7eJZ4FspkhTCBjQ6dgBbD9HXgraMK14O
MMytAvb2fCjTiIqdMn14XkbfTRR4hbtrbQfaVhY3U4VHRW6ljtmoEtbfXpgTXZUH
lBLOP/tYRyfITkuIuz8Sgzock6r00jGDprONa0T/8dRF6md2xOhu5LfwyLddVLjy
hVxy0hc3C8pNiyRttGMtHtAH/za/kHypGiB8gawVayzsox4Jg2QXoRtsCvjZAAbb
pwYPBlvainPnm0DGWBPexmZrignm
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:04 2025 by rpki-client