Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0B5FA20F42B11EF9A0737B6762E951A.roa
File: A0B5FA20F42B11EF9A0737B6762E951A.roa (raw, json)
Hash identifier: w5MaCVb/IQM+4aHv50EJkzb+OmL9m1TNnhc0vEZtGLM=
Subject key identifier: EE:EA:BF:2B:69:66:B8:07:6E:08:C6:5F:F4:82:84:6C:DE:98:77:90
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0130F9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0B5FA20F42B11EF9A0737B6762E951A.roa
Signing time: Wed 26 Feb 2025 10:22:49 +0000
ROA not before: Wed 26 Feb 2025 10:22:45 +0000
ROA not after: Thu 19 Feb 2026 10:22:45 +0000
asID: 984
IP address blocks: 156.252.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78073 (0x130f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 10:22:45 2025 GMT
Not After : Feb 19 10:22:45 2026 GMT
Subject: CN=67beeb79-802d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:56:fe:ce:69:a0:8b:f9:82:8b:be:97:d8:16:
2b:13:e7:67:2e:90:01:83:f1:d3:3d:b6:40:f1:37:
d4:15:13:70:11:08:92:cb:bd:ac:be:55:1c:c2:fa:
c6:8f:16:fa:3c:a5:68:d5:4b:26:ff:45:c9:f0:2c:
a2:37:e8:0e:f4:46:bd:6c:16:3f:95:88:fe:a5:45:
63:18:c5:8e:2f:ca:ec:b6:98:6d:92:12:56:37:7d:
ab:ec:ea:9f:2b:63:80:c5:b1:ce:3b:b1:78:19:19:
eb:91:c0:77:73:b0:55:c7:bf:a0:67:a5:9f:74:70:
97:db:31:61:9c:e3:df:b2:2b:0d:94:3c:b9:ea:4a:
d1:cf:b9:02:ad:5a:7c:b0:5a:6c:2d:37:47:ed:d3:
3e:73:a4:b9:10:ae:ae:6b:0e:22:80:66:76:c7:21:
26:d7:38:7a:fe:ab:95:6b:19:42:88:9e:50:64:67:
a7:90:ca:e9:36:13:2c:2e:81:27:c3:14:b0:54:3a:
31:b7:1b:5e:7b:2f:13:0e:de:44:4e:fc:d9:ce:ad:
95:58:8a:d8:35:b3:16:68:88:0e:73:e0:88:39:14:
4c:05:39:cf:f4:d0:44:24:c4:d6:4c:29:d4:bc:0a:
75:31:b0:2e:c0:13:a9:2f:97:66:60:94:af:fa:b5:
6e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EA:BF:2B:69:66:B8:07:6E:08:C6:5F:F4:82:84:6C:DE:98:77:90
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A0B5FA20F42B11EF9A0737B6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.85.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:c2:e1:16:e1:48:37:2f:e0:f6:8b:93:0b:8e:9c:91:bf:ee:
e6:05:61:2f:01:5b:b0:7f:8a:0e:7c:da:5e:42:b9:53:ed:30:
3f:98:7d:84:67:3f:df:99:74:04:4c:67:2a:c7:c0:1b:4a:34:
53:88:95:6c:9e:71:50:f9:3e:91:1e:15:f2:f5:91:7f:76:b4:
4e:e7:2d:c6:d2:03:cf:45:54:98:a6:71:6b:24:9f:b2:6e:fe:
a6:64:df:a3:c9:64:98:a4:88:50:b3:56:d7:fe:95:4f:99:8f:
ed:cb:64:3d:17:4a:bb:ef:b6:fb:71:05:d8:fa:4c:bd:d8:a5:
c8:56:ab:0d:6b:2a:8b:fe:cc:0e:cc:0a:0a:0f:78:a9:a9:f8:
6f:c8:79:68:63:2e:ce:17:9f:c8:de:64:22:aa:92:fb:d2:dd:
34:a2:82:9f:f4:b7:2d:20:d2:54:06:fd:69:9e:04:83:0f:55:
99:0f:90:32:1a:cf:60:c5:0f:91:c6:e8:f6:bd:5a:36:ad:8d:
f7:c5:f5:e2:9c:79:d3:1d:dd:7e:d7:15:d8:7c:18:45:09:a0:
1a:ad:0f:30:b5:c3:35:c6:25:06:6f:16:b0:0d:96:f9:07:46:
0a:24:e4:f9:11:fe:e4:28:bf:23:9e:42:b1:7e:f8:7c:28:96:
fa:b9:d4:57
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATD5MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTAyMjQ1WhcNMjYwMjE5MTAyMjQ1WjAYMRYw
FAYDVQQDEw02N2JlZWI3OS04MDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwVb+zmmgi/mCi76X2BYrE+dnLpABg/HTPbZA8TfUFRNwEQiSy72svlUc
wvrGjxb6PKVo1Usm/0XJ8CyiN+gO9Ea9bBY/lYj+pUVjGMWOL8rstphtkhJWN32r
7OqfK2OAxbHOO7F4GRnrkcB3c7BVx7+gZ6WfdHCX2zFhnOPfsisNlDy56krRz7kC
rVp8sFpsLTdH7dM+c6S5EK6uaw4igGZ2xyEm1zh6/quVaxlCiJ5QZGenkMrpNhMs
LoEnwxSwVDoxtxteey8TDt5ETvzZzq2VWIrYNbMWaIgOc+CIORRMBTnP9NBEJMTW
TCnUvAp1MbAuwBOpL5dmYJSv+rVuWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFO7q
vytpZrgHbgjGX/SChGzemHeQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BMEI1RkEyMEY0MkIxMUVGOUEwNzM3QjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPxVMA0GCSqGSIb3DQEBCwUA
A4IBAQCtwuEW4Ug3L+D2i5MLjpyRv+7mBWEvAVuwf4oOfNpeQrlT7TA/mH2EZz/f
mXQETGcqx8AbSjRTiJVsnnFQ+T6RHhXy9ZF/drRO5y3G0gPPRVSYpnFrJJ+ybv6m
ZN+jyWSYpIhQs1bX/pVPmY/ty2Q9F0q777b7cQXY+ky92KXIVqsNayqL/swOzAoK
D3ipqfhvyHloYy7OF5/I3mQiqpL70t00ooKf9LctINJUBv1pngSDD1WZD5AyGs9g
xQ+Rxuj2vVo2rY33xfXinHnTHd1+1xXYfBhFCaAarQ8wtcM1xiUGbxawDZb5B0YK
JOT5Ef7kKL8jnkKxfvh8KJb6udRX
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:58 2025 by rpki-client