Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD9DCD0E03E211F0A9555266762E951A.roa
File: BD9DCD0E03E211F0A9555266762E951A.roa (raw, json)
Hash identifier: ncMwOVfU5mEzYsM2C0vkC2qB/n9bLlY/m+AHG4vEkgs=
Subject key identifier: 59:F6:F4:24:FD:C8:5B:3A:5C:A4:4F:1C:52:A4:82:F2:34:9F:40:D9
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 01469D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD9DCD0E03E211F0A9555266762E951A.roa
Signing time: Tue 18 Mar 2025 10:21:23 +0000
ROA not before: Tue 18 Mar 2025 10:21:19 +0000
ROA not after: Tue 24 Jun 2025 10:21:19 +0000
asID: 16437
IP address blocks: 156.236.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83613 (0x1469d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Mar 18 10:21:19 2025 GMT
Not After : Jun 24 10:21:19 2025 GMT
Subject: CN=67d94923-ed38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:99:5c:bb:c7:32:dd:bd:c2:c7:f2:6e:3a:f8:
d5:de:07:7d:e6:16:c8:24:0c:24:24:03:e1:da:bc:
5c:94:ca:86:10:7a:7b:fc:6c:3a:43:0e:67:a9:0b:
8d:61:8d:59:5d:d8:44:46:f4:f4:88:55:24:54:e2:
3d:fb:2e:eb:a1:43:5d:7c:80:e9:9a:7f:48:6e:55:
02:80:89:48:ea:50:f5:23:a2:c8:2b:87:86:8a:fc:
62:fd:ac:bd:eb:f3:6f:43:a2:f5:d5:85:d8:86:aa:
56:e8:96:3c:98:c6:fa:b0:d4:9e:36:31:d0:2f:c5:
1e:c4:fd:1e:1f:a1:76:bb:d0:fa:79:af:27:60:61:
b6:70:6e:d3:b6:22:f0:ec:18:00:68:5c:d7:89:a3:
99:e2:68:72:7d:36:1a:b1:b8:e5:6e:c4:8a:04:e9:
e1:b8:9c:cb:81:54:53:df:b7:a1:84:ed:5b:73:f1:
51:9b:66:13:ff:73:a2:df:6d:8e:5c:d6:8c:74:8f:
17:f1:3f:fe:71:92:61:b4:79:28:be:80:7d:68:f2:
67:9f:4b:59:59:bf:83:ef:90:a1:3b:92:27:d7:5f:
80:cf:f7:bd:c6:14:b6:3b:16:9f:48:7b:83:b7:52:
b9:a3:b1:57:7c:bd:5c:6d:24:f4:c0:95:ec:07:27:
1f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F6:F4:24:FD:C8:5B:3A:5C:A4:4F:1C:52:A4:82:F2:34:9F:40:D9
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BD9DCD0E03E211F0A9555266762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.80.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:a8:35:b6:e0:ef:3e:99:36:5f:56:5c:ff:47:6c:b4:5f:da:
23:fa:65:84:ab:74:07:e8:ce:b8:e0:09:21:75:c4:e3:1d:d1:
58:58:ba:a2:f8:df:c2:e1:cf:aa:48:5f:bf:4a:f5:20:f9:df:
d6:c3:99:18:17:cb:03:89:d1:94:99:f8:fc:d4:c0:52:63:2b:
09:81:3d:7c:50:0d:30:6c:4f:cb:a3:ea:6a:98:99:6a:e6:21:
51:b3:c1:ba:8a:06:4a:42:5e:50:35:21:6b:0d:ac:31:14:69:
ae:f0:5a:14:2d:32:f2:33:fe:cc:b8:11:0a:76:38:da:a9:61:
2e:56:f6:da:8a:23:d5:67:10:17:f8:a7:56:ab:c0:73:5c:c6:
57:b4:7a:da:99:00:48:0e:6a:2c:3e:90:20:b2:33:dd:e4:82:
e9:44:7f:b7:cd:91:90:37:f9:0f:88:ca:49:91:55:db:43:04:
81:2c:82:c9:ba:93:c3:8f:a3:53:fd:55:9b:bf:f4:d1:14:7c:
1c:f9:9e:cb:e9:4d:92:63:0a:f3:57:32:ef:1f:71:2b:04:25:
27:e4:34:2b:6f:c9:ff:ec:f5:94:dd:83:1a:1d:b9:96:fd:a0:
37:38:1d:44:c7:f6:cf:db:f1:f9:41:f6:39:b6:54:e8:48:73:
67:be:c0:92
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAUadMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMzE4MTAyMTE5WhcNMjUwNjI0MTAyMTE5WjAYMRYw
FAYDVQQDEw02N2Q5NDkyMy1lZDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsplcu8cy3b3Cx/JuOvjV3gd95hbIJAwkJAPh2rxclMqGEHp7/Gw6Qw5n
qQuNYY1ZXdhERvT0iFUkVOI9+y7roUNdfIDpmn9IblUCgIlI6lD1I6LIK4eGivxi
/ay96/NvQ6L11YXYhqpW6JY8mMb6sNSeNjHQL8UexP0eH6F2u9D6ea8nYGG2cG7T
tiLw7BgAaFzXiaOZ4mhyfTYasbjlbsSKBOnhuJzLgVRT37ehhO1bc/FRm2YT/3Oi
322OXNaMdI8X8T/+cZJhtHkovoB9aPJnn0tZWb+D75ChO5In11+Az/e9xhS2Oxaf
SHuDt1K5o7FXfL1cbST0wJXsBycfkwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFn2
9CT9yFs6XKRPHFKkgvI0n0DZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRDlEQ0QwRTAzRTIxMUYwQTk1NTUyNjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOxQMA0GCSqGSIb3DQEBCwUA
A4IBAQAvqDW24O8+mTZfVlz/R2y0X9oj+mWEq3QH6M644AkhdcTjHdFYWLqi+N/C
4c+qSF+/SvUg+d/Ww5kYF8sDidGUmfj81MBSYysJgT18UA0wbE/Lo+pqmJlq5iFR
s8G6igZKQl5QNSFrDawxFGmu8FoULTLyM/7MuBEKdjjaqWEuVvbaiiPVZxAX+KdW
q8BzXMZXtHramQBIDmosPpAgsjPd5ILpRH+3zZGQN/kPiMpJkVXbQwSBLILJupPD
j6NT/VWbv/TRFHwc+Z7L6U2SYwrzVzLvH3ErBCUn5DQrb8n/7PWU3YMaHbmW/aA3
OB1Ex/bP2/H5QfY5tlToSHNnvsCS
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:31:35 2025 by rpki-client