Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B999B4ECEED011EF9231B460762E951A.roa
File: B999B4ECEED011EF9231B460762E951A.roa (raw, json)
Hash identifier: rRFgYWxHqK70BLkqtfoDQgeuXZM6Ve9N+1gQGzaQ+rU=
Subject key identifier: 7C:A2:E1:65:26:BD:73:82:63:A3:5A:D6:9F:79:D3:D0:E9:17:61:B1
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01258C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B999B4ECEED011EF9231B460762E951A.roa
Signing time: Wed 19 Feb 2025 14:49:31 +0000
ROA not before: Wed 19 Feb 2025 14:49:25 +0000
ROA not after: Fri 19 Feb 2027 14:49:25 +0000
asID: 328608
IP address blocks: 156.248.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75148 (0x1258c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 19 14:49:25 2025 GMT
Not After : Feb 19 14:49:25 2027 GMT
Subject: CN=67b5ef7b-852a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a5:26:e4:4e:c1:b3:5c:a4:28:e4:34:ff:0d:
cd:b1:ba:89:c9:2b:56:db:c3:a2:39:2f:d2:69:19:
32:12:9b:79:73:ff:f1:ea:e7:c6:c6:ad:22:1b:a2:
bc:e6:b6:96:6b:44:da:97:33:05:53:63:c3:03:84:
91:33:cb:19:c4:5c:fc:3c:0e:a2:c7:29:84:e8:8e:
36:11:09:73:64:fe:c0:ee:de:1f:ed:48:3b:31:a9:
86:4e:99:b2:ed:e5:db:e6:4f:55:b6:a9:9c:fc:86:
58:03:1f:67:1e:b7:e5:12:5f:53:68:8d:ed:18:73:
03:34:ba:e7:57:df:37:02:a1:41:3c:17:3b:93:96:
33:ce:fc:65:15:08:d2:49:28:e8:d0:9c:d8:48:b2:
3d:55:16:81:2e:c7:5e:0d:24:20:61:3e:b4:bc:12:
02:7d:d3:ac:e9:e3:e3:53:c3:d3:e0:70:15:dd:ea:
a7:8d:b0:65:58:f1:5d:52:fa:1d:93:4e:74:78:4c:
13:41:b3:da:4b:e3:c9:01:f2:f7:49:4b:43:f2:dc:
ed:b4:0e:b3:44:2c:90:f1:44:5a:fe:db:42:db:3a:
44:81:46:41:34:b0:3c:c9:93:6b:65:3d:43:7c:19:
0b:ac:3c:8c:17:45:28:f1:4f:93:4b:ab:8c:dc:d0:
5b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:A2:E1:65:26:BD:73:82:63:A3:5A:D6:9F:79:D3:D0:E9:17:61:B1
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B999B4ECEED011EF9231B460762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.248.22.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:43:63:2f:96:0f:41:26:45:d0:7b:1b:6e:df:bc:51:f6:3f:
75:2f:89:31:40:b4:aa:f2:00:e9:3e:61:9a:6b:73:e3:e3:cc:
34:eb:07:8e:10:eb:d7:96:82:87:1a:14:84:1d:f9:6d:83:6f:
19:26:8c:ea:db:78:e5:c7:45:18:a5:98:aa:e4:2f:34:8f:df:
f6:49:46:05:1e:6f:4a:04:f7:49:52:1a:6c:a8:57:7a:0c:09:
dd:7a:59:f0:39:02:b5:ef:5d:cf:75:6d:ef:62:4b:7f:a6:1f:
51:66:cb:47:45:2a:ff:75:c1:5e:da:51:3e:d1:c8:45:cf:6c:
21:6d:35:5f:e0:47:08:ef:95:83:27:a8:95:0f:82:53:b9:3d:
88:3b:13:84:83:a7:56:d2:c9:81:6d:29:f6:d8:01:18:3b:ce:
3a:24:d5:be:46:cc:c4:57:dc:7b:7f:78:ac:c3:60:d9:d9:4b:
ec:01:56:14:53:a8:83:83:8d:e1:d9:ec:cc:e7:4c:bd:9e:dd:
3c:45:4d:d7:b4:cd:41:7c:74:35:bb:82:23:f9:34:13:2b:7f:
d0:66:02:b1:aa:e7:4f:8b:91:bf:78:00:04:42:4d:69:7a:c5:
26:06:f3:36:ef:61:09:33:3c:4c:a7:59:3a:d5:41:cd:0d:8f:
53:79:55:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDASWMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjE5MTQ0OTI1WhcNMjcwMjE5MTQ0OTI1WjAYMRYw
FAYDVQQDEw02N2I1ZWY3Yi04NTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAu6Um5E7Bs1ykKOQ0/w3NsbqJyStW28OiOS/SaRkyEpt5c//x6ufGxq0i
G6K85raWa0TalzMFU2PDA4SRM8sZxFz8PA6ixymE6I42EQlzZP7A7t4f7Ug7MamG
Tpmy7eXb5k9Vtqmc/IZYAx9nHrflEl9TaI3tGHMDNLrnV983AqFBPBc7k5Yzzvxl
FQjSSSjo0JzYSLI9VRaBLsdeDSQgYT60vBICfdOs6ePjU8PT4HAV3eqnjbBlWPFd
Uvodk050eEwTQbPaS+PJAfL3SUtD8tzttA6zRCyQ8URa/ttC2zpEgUZBNLA8yZNr
ZT1DfBkLrDyMF0Uo8U+TS6uM3NBb2wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHyi
4WUmvXOCY6Na1p9509DpF2GxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9COTk5QjRFQ0VFRDAxMUVGOTIzMUI0NjA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPgWMA0GCSqGSIb3DQEBCwUA
A4IBAQCiQ2Mvlg9BJkXQextu37xR9j91L4kxQLSq8gDpPmGaa3Pj48w06weOEOvX
loKHGhSEHfltg28ZJozq23jlx0UYpZiq5C80j9/2SUYFHm9KBPdJUhpsqFd6DAnd
elnwOQK1713PdW3vYkt/ph9RZstHRSr/dcFe2lE+0chFz2whbTVf4EcI75WDJ6iV
D4JTuT2IOxOEg6dW0smBbSn22AEYO846JNW+RszEV9x7f3isw2DZ2UvsAVYUU6iD
g43h2ezM50y9nt08RU3XtM1BfHQ1u4Ij+TQTK3/QZgKxqudPi5G/eAAEQk1pesUm
BvM272EJMzxMp1k61UHNDY9TeVXE
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:24:54 2025 by rpki-client