Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B835BA70CDA511EFA67A1354762E951A.roa
File: B835BA70CDA511EFA67A1354762E951A.roa (raw, json)
Hash identifier: QnFM6317JtYlSW7E16d9T2hCY6OLD8ejPlfREPsOMDU=
Subject key identifier: E2:13:F8:1E:31:F6:19:C0:E4:7F:EE:97:B8:6D:0A:0B:37:8C:1E:38
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010125
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B835BA70CDA511EFA67A1354762E951A.roa
Signing time: Wed 08 Jan 2025 09:48:31 +0000
ROA not before: Wed 08 Jan 2025 09:48:28 +0000
ROA not after: Mon 13 Dec 2027 09:48:28 +0000
asID: 17561
IP address blocks: 156.253.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65829 (0x10125)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 8 09:48:28 2025 GMT
Not After : Dec 13 09:48:28 2027 GMT
Subject: CN=677e49ef-453a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:96:61:81:cc:2d:41:80:d8:59:6f:66:c2:be:
c7:bd:23:94:13:88:c4:12:fe:cf:a7:1c:ec:4c:6a:
21:ec:1f:87:2d:32:c3:81:63:84:45:31:b9:87:d2:
3f:6e:45:a3:53:34:9d:0a:87:28:15:e6:b7:ad:37:
6e:a4:54:ba:93:31:c2:bf:7b:f3:65:66:f5:89:a9:
1e:ad:80:b4:2e:63:dd:3f:e2:33:4a:2d:07:49:53:
27:be:9c:c5:d3:42:ba:6e:22:d3:97:3e:45:9d:68:
96:54:fc:e3:e3:90:b7:ea:ab:47:01:d9:60:67:61:
9f:14:14:f8:ea:63:a0:9e:e4:bd:ee:43:13:fb:bf:
9c:19:2f:f8:32:39:ec:6b:1a:e8:16:5d:af:19:76:
4b:52:d7:02:f3:0e:2a:7d:cb:dd:81:74:e6:4a:45:
3a:86:d1:4a:04:7d:a4:0d:4c:ed:53:0d:58:a7:11:
3f:d0:62:c1:09:91:55:21:12:de:bf:5f:1a:3c:5a:
e3:a5:0f:75:6f:0e:eb:68:11:f3:20:9c:b5:cf:2a:
44:cf:ab:d1:e4:ee:d9:2c:a4:9d:58:5a:15:32:96:
cc:c5:e9:e3:b0:d4:c5:c0:17:d2:69:26:78:b8:42:
5f:74:c6:1e:02:e3:d0:00:fc:0f:bf:af:86:79:97:
6a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:13:F8:1E:31:F6:19:C0:E4:7F:EE:97:B8:6D:0A:0B:37:8C:1E:38
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B835BA70CDA511EFA67A1354762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.253.59.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:d7:dd:cc:48:7b:8c:c9:b3:ea:4e:1c:86:62:c7:1e:4b:ef:
b7:a1:32:be:b1:c3:9a:97:ea:77:59:bb:27:86:05:89:ab:a5:
a0:7f:da:64:20:7d:7a:40:1d:0b:b5:f8:18:fc:49:6b:fb:93:
f9:5f:67:cb:7d:d7:31:bb:af:24:d2:2d:25:a6:05:69:ef:a0:
90:15:cd:de:2e:cd:98:33:ce:19:72:f8:ef:21:2b:d0:f0:0c:
5d:58:cf:d1:6a:69:8c:19:5c:0d:36:c3:04:93:55:19:11:26:
c0:7d:07:7c:c5:45:32:e1:4a:ce:7f:f9:63:13:a5:40:37:36:
32:73:4b:0d:fa:e5:23:fb:43:05:71:0d:a5:db:4a:76:fb:71:
ec:57:31:4f:5c:17:b5:42:70:57:64:02:e4:f9:6a:c8:f1:d5:
0c:6d:fd:e0:2a:59:aa:93:3b:8d:67:a6:6f:d2:b8:2f:79:23:
73:38:4f:84:6a:d9:0c:0f:a5:b7:87:fe:31:f2:f5:10:11:25:
e0:15:e0:00:45:43:73:47:c0:84:c8:d7:48:09:f8:03:a9:06:
70:70:c1:ae:89:5c:02:da:a9:4f:6c:63:a5:6a:ee:02:bb:75:
d0:46:38:6c:fb:f3:d6:d0:35:ba:4e:4b:f9:a6:f2:03:95:21:
8e:c9:1e:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQElMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA4MDk0ODI4WhcNMjcxMjEzMDk0ODI4WjAYMRYw
FAYDVQQDEw02NzdlNDllZi00NTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4JZhgcwtQYDYWW9mwr7HvSOUE4jEEv7PpxzsTGoh7B+HLTLDgWOERTG5
h9I/bkWjUzSdCocoFea3rTdupFS6kzHCv3vzZWb1iakerYC0LmPdP+IzSi0HSVMn
vpzF00K6biLTlz5FnWiWVPzj45C36qtHAdlgZ2GfFBT46mOgnuS97kMT+7+cGS/4
MjnsaxroFl2vGXZLUtcC8w4qfcvdgXTmSkU6htFKBH2kDUztUw1YpxE/0GLBCZFV
IRLev18aPFrjpQ91bw7raBHzIJy1zypEz6vR5O7ZLKSdWFoVMpbMxenjsNTFwBfS
aSZ4uEJfdMYeAuPQAPwPv6+GeZdqBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOIT
+B4x9hnA5H/ul7htCgs3jB44MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CODM1QkE3MENEQTUxMUVGQTY3QTEzNTQ3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnP07MA0GCSqGSIb3DQEBCwUA
A4IBAQC7193MSHuMybPqThyGYsceS++3oTK+scOal+p3WbsnhgWJq6Wgf9pkIH16
QB0LtfgY/Elr+5P5X2fLfdcxu68k0i0lpgVp76CQFc3eLs2YM84ZcvjvISvQ8Axd
WM/RammMGVwNNsMEk1UZESbAfQd8xUUy4UrOf/ljE6VANzYyc0sN+uUj+0MFcQ2l
20p2+3HsVzFPXBe1QnBXZALk+WrI8dUMbf3gKlmqkzuNZ6Zv0rgveSNzOE+EatkM
D6W3h/4x8vUQESXgFeAARUNzR8CEyNdICfgDqQZwcMGuiVwC2qlPbGOlau4Cu3XQ
Rjhs+/PW0DW6Tkv5pvIDlSGOyR6S
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:48:48 2025 by rpki-client