Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BCC8D648CE4611EFB48F8A5C762E951A.roa
File: BCC8D648CE4611EFB48F8A5C762E951A.roa (raw, json)
Hash identifier: IRUZa4x4r2Gy4W9qGgYEmdBDiH5eBg5ETHuvSebIM1A=
Subject key identifier: 65:8A:67:52:83:5A:CF:C7:BA:75:CA:A7:CD:D9:4B:9B:3A:EA:4B:3C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01029B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BCC8D648CE4611EFB48F8A5C762E951A.roa
Signing time: Thu 09 Jan 2025 05:01:08 +0000
ROA not before: Thu 09 Jan 2025 05:01:04 +0000
ROA not after: Fri 09 Jan 2026 05:01:04 +0000
asID: 17561
IP address blocks: 156.238.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66203 (0x1029b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 9 05:01:04 2025 GMT
Not After : Jan 9 05:01:04 2026 GMT
Subject: CN=677f5814-8bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0e:aa:8e:43:66:d7:ba:ff:9c:5d:1f:58:3c:
51:56:90:71:36:50:e2:b9:0a:e7:f4:91:b3:b4:ae:
f0:23:94:58:14:c5:88:97:98:d1:73:01:bd:97:d8:
0b:0d:75:96:8d:46:bb:08:6d:89:9a:00:46:98:91:
32:9c:74:92:59:16:97:57:13:03:ab:f6:c3:f5:e3:
01:6e:2f:47:07:88:5c:c9:6a:ab:f5:68:12:0d:87:
20:d4:7c:d4:7f:47:63:d8:09:fb:4a:f3:36:78:00:
2b:b8:06:ae:a2:f0:b2:32:5f:4e:bc:64:88:06:98:
8a:f6:7e:1a:a0:0c:a8:a8:fa:e8:84:9c:16:94:e3:
c4:f6:2c:b0:c8:8d:3c:92:44:70:d8:b0:83:8a:be:
3d:8f:8e:f9:fb:cd:84:a6:97:28:4b:64:22:a5:e3:
3a:a5:c2:79:a0:03:4e:3e:9e:c3:ac:f5:9b:98:29:
73:ec:ed:ba:c8:4b:75:ec:98:a4:0f:4b:d7:c9:04:
98:95:03:c0:74:52:3d:36:a1:7b:e4:f8:bc:f6:58:
44:f5:8a:9d:a6:22:4d:2d:1d:c8:4c:e3:b0:8a:1c:
8b:3c:63:9e:d6:2d:46:da:f6:67:40:8d:36:b2:f2:
82:e5:a8:57:c1:71:94:ac:48:43:d8:32:00:1b:e1:
4d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8A:67:52:83:5A:CF:C7:BA:75:CA:A7:CD:D9:4B:9B:3A:EA:4B:3C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BCC8D648CE4611EFB48F8A5C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.238.33.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d8:ca:5c:37:dc:5a:80:fa:87:7c:26:6a:e5:bc:b7:b2:33:
83:fc:da:30:55:7e:7f:0e:6d:06:8d:3c:0e:3c:51:c5:49:bd:
12:20:91:ee:9e:16:6c:9d:f2:08:50:0e:b2:e3:97:c2:88:49:
24:56:de:a4:0d:a3:ee:39:c2:ca:05:65:51:17:58:68:34:c6:
67:12:b4:3f:39:68:0b:2b:0e:d2:8c:ec:c2:05:54:56:9e:fb:
47:0c:0b:33:66:53:c4:da:b8:d4:42:eb:c2:75:6b:9e:51:22:
4f:0f:91:aa:f5:b0:93:24:7a:07:dd:51:30:d5:b5:7e:b4:6f:
7c:52:e6:9c:5e:1e:bc:48:5f:46:5b:94:0a:6e:73:62:47:09:
83:ef:71:20:09:7f:bb:40:b1:a8:ad:a4:f0:39:83:21:8f:13:
5e:7e:40:51:6f:83:e9:55:f2:e5:d1:cb:b8:cb:69:a7:5f:ae:
5a:c9:4f:3e:cb:28:60:ae:d6:df:ae:06:df:aa:fc:bb:c4:71:
06:72:92:5d:0e:51:6e:74:04:63:88:64:b8:d4:c6:85:54:45:
e2:e2:f6:db:d6:cd:d5:b4:cb:0c:6a:89:ea:02:9f:24:69:b9:
eb:ba:0c:aa:b9:71:a1:7c:aa:0f:29:92:0e:20:6e:99:84:72:
99:d5:d7:fb
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQKbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTA5MDUwMTA0WhcNMjYwMTA5MDUwMTA0WjAYMRYw
FAYDVQQDEw02NzdmNTgxNC04YmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEArQ6qjkNm17r/nF0fWDxRVpBxNlDiuQrn9JGztK7wI5RYFMWIl5jRcwG9
l9gLDXWWjUa7CG2JmgBGmJEynHSSWRaXVxMDq/bD9eMBbi9HB4hcyWqr9WgSDYcg
1HzUf0dj2An7SvM2eAAruAauovCyMl9OvGSIBpiK9n4aoAyoqProhJwWlOPE9iyw
yI08kkRw2LCDir49j475+82EppcoS2QipeM6pcJ5oANOPp7DrPWbmClz7O26yEt1
7JikD0vXyQSYlQPAdFI9NqF75Pi89lhE9YqdpiJNLR3ITOOwihyLPGOe1i1G2vZn
QI02svKC5ahXwXGUrEhD2DIAG+FNAwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGWK
Z1KDWs/HunXKp83ZS5s66ks8MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CQ0M4RDY0OENFNDYxMUVGQjQ4RjhBNUM3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnO4hMA0GCSqGSIb3DQEBCwUA
A4IBAQCE2MpcN9xagPqHfCZq5by3sjOD/NowVX5/Dm0GjTwOPFHFSb0SIJHunhZs
nfIIUA6y45fCiEkkVt6kDaPuOcLKBWVRF1hoNMZnErQ/OWgLKw7SjOzCBVRWnvtH
DAszZlPE2rjUQuvCdWueUSJPD5Gq9bCTJHoH3VEw1bV+tG98UuacXh68SF9GW5QK
bnNiRwmD73EgCX+7QLGoraTwOYMhjxNefkBRb4PpVfLl0cu4y2mnX65ayU8+yyhg
rtbfrgbfqvy7xHEGcpJdDlFudARjiGS41MaFVEXi4vbb1s3VtMsMaonqAp8kabnr
ugyquXGhfKoPKZIOIG6ZhHKZ1df7
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:46:45 2025 by rpki-client