Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A86020C6DFE911EFB2A35C9A762E951A.roa
File: A86020C6DFE911EFB2A35C9A762E951A.roa (raw, json)
Hash identifier: 2lETKu8BQSWSl24zfQWEPvSNZra/y+kG4hYPcgGeVoc=
Subject key identifier: BE:C4:65:F5:4C:9F:C0:D8:27:69:EC:F7:49:30:44:9E:01:B7:DD:45
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 011633
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A86020C6DFE911EFB2A35C9A762E951A.roa
Signing time: Fri 31 Jan 2025 15:40:12 +0000
ROA not before: Fri 31 Jan 2025 15:40:08 +0000
ROA not after: Sat 03 Jan 2026 15:40:08 +0000
asID: 40065
IP address blocks: 156.227.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71219 (0x11633)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 31 15:40:08 2025 GMT
Not After : Jan 3 15:40:08 2026 GMT
Subject: CN=679ceedc-039a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:34:f6:2c:aa:ba:6e:d1:2c:6d:78:61:41:0d:
3d:fd:48:f1:8d:cf:b8:ac:3a:68:07:53:15:79:33:
a5:67:6f:40:a7:6a:bd:4d:5e:02:cf:bc:f7:da:cb:
97:cf:34:e4:fc:1c:5b:22:a3:08:c7:9e:ea:c0:66:
56:e0:1b:d1:13:9d:fb:99:61:30:e6:ca:23:ad:8a:
d4:88:78:dd:cd:73:9c:4d:b0:e2:6a:a1:31:9f:ff:
89:31:28:0a:22:03:52:55:ad:79:ca:09:c3:f7:a1:
58:19:6b:4b:dd:3b:51:d4:0b:57:6d:f6:34:28:6a:
e2:77:3c:b9:00:4e:09:1a:2b:03:41:d5:49:40:b9:
20:2f:38:d3:98:42:a9:34:23:ad:48:9b:f3:70:29:
b9:7f:8d:34:db:4b:b5:17:38:24:7c:81:d5:ea:00:
f5:77:5a:24:b1:b8:37:7a:96:25:dc:1a:02:fa:53:
a7:41:cd:da:30:c7:8c:16:c0:b3:12:10:48:bc:72:
65:ca:5f:8e:c3:70:60:ad:ad:31:3e:09:63:de:ad:
17:38:13:3b:8f:68:dd:78:01:68:63:1c:47:cc:60:
a4:21:ed:e0:3b:8e:b7:65:a9:1a:fc:96:32:7f:75:
9b:07:77:68:ca:82:8b:81:98:96:9e:9e:ff:68:37:
9e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C4:65:F5:4C:9F:C0:D8:27:69:EC:F7:49:30:44:9E:01:B7:DD:45
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A86020C6DFE911EFB2A35C9A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.227.16.0/22
Signature Algorithm: sha256WithRSAEncryption
00:29:76:1a:d2:c6:46:ed:2f:36:48:90:23:23:f3:6d:ce:d6:
6a:4c:cc:e3:40:cc:c9:95:ef:e4:9f:55:2c:a1:18:ad:5c:ab:
0f:75:48:60:c9:5d:ea:ab:95:3e:0c:e6:0c:41:db:cb:26:bb:
b2:af:dd:bc:e0:b6:7b:6f:63:ed:94:85:46:c0:ac:61:bf:1f:
e2:d9:68:95:bf:fa:d2:e2:82:dc:65:b3:9b:94:7a:19:b2:b5:
47:fd:9b:59:50:9a:ef:5e:aa:dc:66:9d:c5:fa:50:6d:3b:3f:
8d:ed:84:ea:be:f4:e4:12:11:7f:dd:14:4a:79:a6:a4:a0:8f:
40:2b:73:88:d6:4e:4a:6b:a0:22:c2:02:d0:77:4a:76:ba:1b:
40:72:1f:b7:e2:51:8e:0f:73:98:be:7c:d4:ad:ca:3f:f7:06:
64:51:f2:1c:30:5b:2c:41:93:1b:ca:83:3d:c9:40:a3:ec:aa:
01:b4:98:b6:18:24:09:d2:0f:1e:4a:25:ae:c7:53:b7:06:af:
c0:b3:db:98:c7:e3:70:8b:d2:a2:ae:7b:38:10:e6:5c:22:4c:
50:d6:c3:2f:ee:54:d3:7c:f5:5b:a6:ed:06:38:7a:81:b3:cd:
3f:0c:d8:2e:a3:4a:ac:31:de:a8:b0:de:8e:07:c9:1c:e5:c4:
e7:89:aa:64
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDARYzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTMxMTU0MDA4WhcNMjYwMTAzMTU0MDA4WjAYMRYw
FAYDVQQDEw02NzljZWVkYy0wMzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3zT2LKq6btEsbXhhQQ09/Ujxjc+4rDpoB1MVeTOlZ29Ap2q9TV4Cz7z3
2suXzzTk/BxbIqMIx57qwGZW4BvRE537mWEw5sojrYrUiHjdzXOcTbDiaqExn/+J
MSgKIgNSVa15ygnD96FYGWtL3TtR1AtXbfY0KGridzy5AE4JGisDQdVJQLkgLzjT
mEKpNCOtSJvzcCm5f40020u1FzgkfIHV6gD1d1oksbg3epYl3BoC+lOnQc3aMMeM
FsCzEhBIvHJlyl+Ow3Bgra0xPglj3q0XOBM7j2jdeAFoYxxHzGCkIe3gO463Zaka
/JYyf3WbB3doyoKLgZiWnp7/aDeeVQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFL7E
ZfVMn8DYJ2ns90kwRJ4Bt91FMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BODYwMjBDNkRGRTkxMUVGQjJBMzVDOUE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOMQMA0GCSqGSIb3DQEBCwUA
A4IBAQAAKXYa0sZG7S82SJAjI/NtztZqTMzjQMzJle/kn1UsoRitXKsPdUhgyV3q
q5U+DOYMQdvLJruyr9284LZ7b2PtlIVGwKxhvx/i2WiVv/rS4oLcZbOblHoZsrVH
/ZtZUJrvXqrcZp3F+lBtOz+N7YTqvvTkEhF/3RRKeaakoI9AK3OI1k5Ka6AiwgLQ
d0p2uhtAch+34lGOD3OYvnzUrco/9wZkUfIcMFssQZMbyoM9yUCj7KoBtJi2GCQJ
0g8eSiWux1O3Bq/As9uYx+Nwi9Kirns4EOZcIkxQ1sMv7lTTfPVbpu0GOHqBs80/
DNguo0qsMd6osN6OB8kc5cTniapk
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:06 2025 by rpki-client