Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFEAA7C6F46111EFA96B5CB0762E951A.roa
File: AFEAA7C6F46111EFA96B5CB0762E951A.roa (raw, json)
Hash identifier: KYzfIa38vIYxi7owTAaABB4SOIJ1/bGwOs89JIKpWeQ=
Subject key identifier: F4:F7:26:49:7D:14:FF:50:CD:73:B0:EE:AC:56:BE:61:94:4E:A3:A1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01351B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFEAA7C6F46111EFA96B5CB0762E951A.roa
Signing time: Wed 26 Feb 2025 16:49:47 +0000
ROA not before: Wed 26 Feb 2025 16:49:44 +0000
ROA not after: Thu 19 Feb 2026 16:49:44 +0000
asID: 984
IP address blocks: 156.245.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79131 (0x1351b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 16:49:44 2025 GMT
Not After : Feb 19 16:49:44 2026 GMT
Subject: CN=67bf462b-7b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4d:79:ea:29:9a:6c:4c:46:02:0c:84:f3:80:
2a:b8:bd:a2:f9:41:a0:3f:d0:0c:a7:58:d4:6d:a1:
22:6e:2b:23:31:d6:a3:90:27:58:34:92:4e:2a:4b:
76:ee:04:45:7f:3d:11:68:24:06:6b:87:1c:37:df:
e3:ee:85:fb:59:3f:cc:00:8f:c8:f9:4f:48:7b:56:
59:21:ef:c3:c3:b5:68:8e:70:18:6a:0d:36:40:d4:
f0:a8:a3:95:4f:54:00:61:17:78:b8:f9:4a:ab:4b:
21:2f:69:89:ce:60:4c:24:f3:8d:34:0f:1c:0c:6b:
95:1d:ae:2f:1d:e8:52:fd:bc:e6:f3:2f:0d:e1:7f:
0d:2a:36:8f:34:36:27:bd:70:27:43:07:d4:6d:80:
fc:fc:d9:21:ee:11:e0:69:7f:ed:b9:c4:8a:d7:1c:
ff:7c:ab:2f:68:78:56:ea:a2:ef:dd:1e:19:39:66:
90:e1:6d:57:86:7c:a1:89:f9:e1:84:53:d6:ed:d9:
8b:2d:69:d3:35:9a:46:c6:63:83:7b:d5:63:6c:a6:
ed:1c:45:ba:42:e8:2f:d3:9c:a0:4b:17:ab:8d:20:
c7:a7:92:37:b4:34:4c:ff:a5:ad:4e:4d:6e:77:80:
6d:c2:c9:78:ca:36:a7:19:29:56:ba:99:a7:7c:5a:
e6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F7:26:49:7D:14:FF:50:CD:73:B0:EE:AC:56:BE:61:94:4E:A3:A1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AFEAA7C6F46111EFA96B5CB0762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.245.68.0/24
Signature Algorithm: sha256WithRSAEncryption
16:4b:b6:65:27:d0:ff:5e:46:a8:f5:6d:f1:94:9a:86:dc:cf:
c8:fe:19:ac:c8:31:a7:47:1d:fb:e4:28:41:92:a4:81:4f:e5:
a5:36:35:6f:ca:65:4a:48:25:29:d2:fa:e8:3e:8c:f5:0d:ed:
0f:0e:6f:de:84:c8:25:1c:ab:65:ee:4b:26:03:82:13:5d:7d:
f5:c2:08:f5:de:7e:4e:e6:6a:66:f9:3a:ae:07:13:34:61:52:
77:4e:4c:3a:ac:7c:f0:e4:03:f6:59:42:5b:d9:c2:f5:ad:28:
f1:1f:67:c5:ba:f4:74:46:ff:b1:97:6f:cb:5c:c4:55:73:29:
fb:e5:68:25:49:c3:c4:32:e7:eb:55:dc:e5:eb:7a:55:d5:04:
43:93:ef:f2:21:a0:09:87:fe:ae:f6:a3:90:ad:e3:3d:b8:83:
f3:1d:c8:a8:8b:8f:b9:d9:05:f7:3c:42:03:5b:01:76:92:ed:
51:b0:7f:51:57:ec:f1:f5:d5:66:f5:77:af:83:bc:9e:0a:67:
5f:bb:1c:b8:eb:44:6c:24:e2:22:29:17:d8:12:df:e8:79:46:
e3:72:80:04:eb:db:db:7a:bf:3a:93:4c:85:76:22:39:43:c2:
17:68:05:15:be:32:36:3e:e7:6a:f6:47:b6:b1:a6:fb:9d:f2:
a2:9f:41:a1
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATUbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTY0OTQ0WhcNMjYwMjE5MTY0OTQ0WjAYMRYw
FAYDVQQDEw02N2JmNDYyYi03YjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuk156imabExGAgyE84AquL2i+UGgP9AMp1jUbaEibisjMdajkCdYNJJO
Kkt27gRFfz0RaCQGa4ccN9/j7oX7WT/MAI/I+U9Ie1ZZIe/Dw7VojnAYag02QNTw
qKOVT1QAYRd4uPlKq0shL2mJzmBMJPONNA8cDGuVHa4vHehS/bzm8y8N4X8NKjaP
NDYnvXAnQwfUbYD8/Nkh7hHgaX/tucSK1xz/fKsvaHhW6qLv3R4ZOWaQ4W1Xhnyh
ifnhhFPW7dmLLWnTNZpGxmODe9VjbKbtHEW6Qugv05ygSxerjSDHp5I3tDRM/6Wt
Tk1ud4Btwsl4yjanGSlWupmnfFrm7QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFPT3
Jkl9FP9QzXOw7qxWvmGUTqOhMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BRkVBQTdDNkY0NjExMUVGQTk2QjVDQjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPVEMA0GCSqGSIb3DQEBCwUA
A4IBAQAWS7ZlJ9D/Xkao9W3xlJqG3M/I/hmsyDGnRx375ChBkqSBT+WlNjVvymVK
SCUp0vroPoz1De0PDm/ehMglHKtl7ksmA4ITXX31wgj13n5O5mpm+TquBxM0YVJ3
Tkw6rHzw5AP2WUJb2cL1rSjxH2fFuvR0Rv+xl2/LXMRVcyn75WglScPEMufrVdzl
63pV1QRDk+/yIaAJh/6u9qOQreM9uIPzHcioi4+52QX3PEIDWwF2ku1RsH9RV+zx
9dVm9Xevg7yeCmdfuxy460RsJOIiKRfYEt/oeUbjcoAE69vber86k0yFdiI5Q8IX
aAUVvjI2Pudq9ke2sab7nfKin0Gh
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:19:06 2025 by rpki-client