Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC5A008AF5E011EF9B3F0281762E951A.roa
File: BC5A008AF5E011EF9B3F0281762E951A.roa (raw, json)
Hash identifier: wT+EHiLHKoxdF8QTuBro5vYsL/uSgY487IkFAd7NZeU=
Subject key identifier: E0:A4:00:B5:59:97:DF:3B:1A:5A:6C:0F:47:1F:61:9F:E7:7E:50:A2
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 013E53
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC5A008AF5E011EF9B3F0281762E951A.roa
Signing time: Fri 28 Feb 2025 14:31:45 +0000
ROA not before: Fri 28 Feb 2025 14:31:41 +0000
ROA not after: Sun 13 Apr 2025 14:31:41 +0000
asID: 138915
IP address blocks: 156.244.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81491 (0x13e53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 28 14:31:41 2025 GMT
Not After : Apr 13 14:31:41 2025 GMT
Subject: CN=67c1c8d1-3e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b1:b2:bc:eb:4d:8c:99:4c:87:15:f9:79:e6:
76:15:f7:d6:95:e8:6f:ec:37:6e:e7:4f:42:39:e1:
be:49:9e:10:d9:3a:4a:f2:e2:4b:02:72:e0:36:4e:
53:ec:9e:4a:75:e8:4b:03:1e:22:be:0f:1c:c6:36:
ef:21:7e:33:aa:12:8a:40:41:47:d0:df:71:5b:85:
ea:45:d2:92:51:e9:ab:73:db:c1:aa:a2:63:68:85:
b7:25:17:0a:ac:c1:f0:46:1b:84:07:8b:3a:69:c7:
26:88:85:41:a2:e9:fb:85:d2:34:d3:04:e6:0c:1f:
b9:48:70:ac:cf:4f:a0:ec:4a:c9:b7:bf:e4:3e:1f:
2c:8d:31:6f:e3:e6:77:95:ff:89:9c:d7:fc:b3:66:
42:cb:3f:84:90:86:24:53:15:f1:04:75:2e:ac:6f:
9e:f1:0b:82:57:5c:8a:61:b3:4c:6b:dd:a2:f3:cd:
ab:bb:64:11:d3:a2:45:99:05:78:c6:03:24:01:18:
57:67:3a:c7:9b:57:88:aa:86:46:97:b4:de:3c:a4:
c3:fd:c1:a6:9a:bf:aa:0d:e6:15:2a:d5:04:cf:cf:
09:18:b7:45:8d:9a:39:1a:53:7a:41:ff:65:da:fe:
fa:05:40:24:73:a4:de:90:1a:be:67:f3:02:8e:d8:
36:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A4:00:B5:59:97:DF:3B:1A:5A:6C:0F:47:1F:61:9F:E7:7E:50:A2
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BC5A008AF5E011EF9B3F0281762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.244.26.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a5:8a:e3:0a:cd:4a:90:61:29:4f:ab:7a:54:d5:a8:f4:db:
f9:6a:1d:23:62:77:18:af:75:c1:5e:0d:16:a9:8c:40:d7:c0:
92:d7:93:74:5f:7a:b2:e5:a9:c9:18:13:af:4f:47:52:c9:84:
1a:95:dc:bf:18:fc:29:d3:b6:63:6b:35:32:2e:b4:c5:72:04:
1b:5c:1a:6f:d8:f4:5f:7a:3c:69:35:e9:a8:a3:2b:e4:b8:b2:
e1:5f:8a:0e:32:20:f4:d1:37:09:ab:d5:cc:cc:f5:4a:28:83:
80:e9:64:f7:3c:f8:50:ad:a9:f2:76:7a:1e:27:c3:81:ff:0d:
db:c8:34:9f:c3:21:b6:bb:17:0d:f8:e8:53:6d:f6:c8:a9:05:
3e:f7:f3:4a:84:6f:70:b3:5c:57:2f:69:59:62:db:53:01:f7:
dd:0a:03:65:0b:3a:18:ef:b8:db:81:7d:47:97:c0:25:87:87:
90:a6:e1:8e:9b:bb:36:96:57:b1:03:ae:28:05:d8:35:35:dc:
7a:82:df:5a:1f:1f:c9:40:e6:bb:23:21:b2:33:00:fa:a2:f0:
99:58:34:d8:25:e5:07:7a:3d:b5:d7:75:5d:c3:c1:14:e4:15:
76:a8:cc:dc:4d:34:b5:2a:33:b9:ad:58:1c:26:d4:94:f1:e4:
0d:bd:11:c6
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAT5TMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI4MTQzMTQxWhcNMjUwNDEzMTQzMTQxWjAYMRYw
FAYDVQQDEw02N2MxYzhkMS0zZTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4rGyvOtNjJlMhxX5eeZ2FffWlehv7Ddu509COeG+SZ4Q2TpK8uJLAnLg
Nk5T7J5KdehLAx4ivg8cxjbvIX4zqhKKQEFH0N9xW4XqRdKSUemrc9vBqqJjaIW3
JRcKrMHwRhuEB4s6accmiIVBoun7hdI00wTmDB+5SHCsz0+g7ErJt7/kPh8sjTFv
4+Z3lf+JnNf8s2ZCyz+EkIYkUxXxBHUurG+e8QuCV1yKYbNMa92i882ru2QR06JF
mQV4xgMkARhXZzrHm1eIqoZGl7TePKTD/cGmmr+qDeYVKtUEz88JGLdFjZo5GlN6
Qf9l2v76BUAkc6TekBq+Z/MCjtg2GwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOCk
ALVZl987GlpsD0cfYZ/nflCiMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQzVBMDA4QUY1RTAxMUVGOUIzRjAyODE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPQaMA0GCSqGSIb3DQEBCwUA
A4IBAQCipYrjCs1KkGEpT6t6VNWo9Nv5ah0jYncYr3XBXg0WqYxA18CS15N0X3qy
5anJGBOvT0dSyYQaldy/GPwp07ZjazUyLrTFcgQbXBpv2PRfejxpNemooyvkuLLh
X4oOMiD00TcJq9XMzPVKKIOA6WT3PPhQranydnoeJ8OB/w3byDSfwyG2uxcN+OhT
bfbIqQU+9/NKhG9ws1xXL2lZYttTAffdCgNlCzoY77jbgX1Hl8Alh4eQpuGOm7s2
llexA64oBdg1Ndx6gt9aHx/JQOa7IyGyMwD6ovCZWDTYJeUHej2113Vdw8EU5BV2
qMzcTTS1KjO5rVgcJtSU8eQNvRHG
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:43 2025 by rpki-client