Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF0BFA70C95011EFAD36F0B8762E951A.roa
File: BF0BFA70C95011EFAD36F0B8762E951A.roa (raw, json)
Hash identifier: ma/8S+FvqOzruck4t94a3Fyj/6Xa9CPEzh98RyQnrIo=
Subject key identifier: 42:81:59:92:54:E9:00:67:86:9C:C1:73:0C:93:A8:A9:CF:80:77:3D
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: F3C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF0BFA70C95011EFAD36F0B8762E951A.roa
Signing time: Thu 02 Jan 2025 21:30:11 +0000
ROA not before: Thu 02 Jan 2025 21:30:07 +0000
ROA not after: Mon 13 Dec 2027 21:30:07 +0000
asID: 17561
IP address blocks: 156.225.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62404 (0xf3c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 2 21:30:07 2025 GMT
Not After : Dec 13 21:30:07 2027 GMT
Subject: CN=67770563-4909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fa:07:1b:02:d7:2b:d2:ba:f6:21:e2:b0:70:
72:ca:58:4c:dd:cd:56:b5:41:4d:79:b9:bf:85:18:
99:d0:44:c9:54:c5:68:70:c7:ef:54:d4:ce:67:5d:
3c:da:c9:87:09:cf:93:c7:3f:a8:22:f3:5f:a5:b1:
8d:94:8d:e2:23:c1:ec:5f:7c:e4:29:75:75:02:f0:
61:95:ed:39:15:ca:9d:1a:f1:81:11:df:6c:19:1e:
1b:88:75:83:46:a4:56:f4:76:bd:fa:2b:69:e2:2e:
57:0f:89:7c:28:37:d5:19:29:41:be:64:6b:6a:96:
a1:6e:d0:b6:23:b8:7e:90:b8:a5:d1:40:8b:1e:92:
c8:ac:f3:e7:a5:c6:24:27:93:e7:1f:fe:10:96:2d:
fc:2e:8b:20:84:f4:96:80:90:4b:f3:3a:4a:d6:f3:
d8:a2:f2:18:c0:44:e0:5f:b6:87:2e:be:d1:a5:25:
01:b1:fd:d2:34:ca:40:a3:9a:15:41:19:80:35:3d:
1f:42:cf:08:aa:bb:3c:3b:22:dd:db:1f:44:64:a0:
df:eb:81:92:1b:90:c2:30:6e:2e:18:1d:a7:00:14:
93:60:52:56:f9:4a:43:5b:d4:a8:58:86:03:fc:95:
04:c0:c7:a0:43:78:14:b0:44:45:9b:9e:8b:0e:3a:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:81:59:92:54:E9:00:67:86:9C:C1:73:0C:93:A8:A9:CF:80:77:3D
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/BF0BFA70C95011EFAD36F0B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.225.185.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:c3:2f:3f:d8:3f:14:42:9f:a3:84:77:7c:5a:a5:99:e1:0c:
1e:4f:58:9b:9e:cb:07:06:24:e3:1b:80:1e:19:e7:4f:cd:0a:
d9:4a:99:5f:9b:bc:65:1b:1f:a2:10:32:c3:6f:83:d8:e3:06:
7a:24:04:ab:ab:13:29:d4:05:34:4d:1f:17:18:87:4b:03:5f:
b8:83:99:2f:e7:65:38:38:47:85:39:c0:ce:16:63:3e:80:69:
f9:fb:ae:b2:51:26:47:95:9e:1c:bc:cd:81:f7:b7:31:4f:3c:
d5:61:2d:de:bd:e6:d2:73:38:23:6a:73:9f:d2:36:dd:35:5c:
e1:57:11:28:48:c9:55:6e:47:1c:b4:82:51:da:a3:53:5f:1f:
a8:3b:70:d0:1f:72:c2:82:59:32:39:ea:35:4d:3e:34:57:1d:
30:0b:48:bd:1a:c4:c3:05:b0:ae:00:bb:65:a9:c2:b4:57:b2:
d1:b2:3e:34:d7:30:98:d5:7a:53:a0:1d:97:bd:c2:3f:6e:e4:
45:f3:ca:bc:d0:87:40:9c:b5:9c:d1:61:31:1e:cb:8c:63:04:
b1:11:b0:a0:fa:2a:d5:ba:88:3f:73:09:d0:08:82:ef:34:21:
fe:e1:63:48:d6:b4:51:47:2b:0b:e5:4f:b0:30:5c:25:3c:70:
53:e3:d3:bc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAPPEMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTAyMjEzMDA3WhcNMjcxMjEzMjEzMDA3WjAYMRYw
FAYDVQQDEw02Nzc3MDU2My00OTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvPoHGwLXK9K69iHisHByylhM3c1WtUFNebm/hRiZ0ETJVMVocMfvVNTO
Z1082smHCc+Txz+oIvNfpbGNlI3iI8HsX3zkKXV1AvBhle05FcqdGvGBEd9sGR4b
iHWDRqRW9Ha9+itp4i5XD4l8KDfVGSlBvmRrapahbtC2I7h+kLil0UCLHpLIrPPn
pcYkJ5PnH/4Qli38LosghPSWgJBL8zpK1vPYovIYwETgX7aHLr7RpSUBsf3SNMpA
o5oVQRmANT0fQs8Iqrs8OyLd2x9EZKDf64GSG5DCMG4uGB2nABSTYFJW+UpDW9So
WIYD/JUEwMegQ3gUsERFm56LDjosrQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEKB
WZJU6QBnhpzBcwyTqKnPgHc9MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CRjBCRkE3MEM5NTAxMUVGQUQzNkYwQjg3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOG5MA0GCSqGSIb3DQEBCwUA
A4IBAQCgwy8/2D8UQp+jhHd8WqWZ4QweT1ibnssHBiTjG4AeGedPzQrZSplfm7xl
Gx+iEDLDb4PY4wZ6JASrqxMp1AU0TR8XGIdLA1+4g5kv52U4OEeFOcDOFmM+gGn5
+66yUSZHlZ4cvM2B97cxTzzVYS3evebSczgjanOf0jbdNVzhVxEoSMlVbkcctIJR
2qNTXx+oO3DQH3LCglkyOeo1TT40Vx0wC0i9GsTDBbCuALtlqcK0V7LRsj401zCY
1XpToB2XvcI/buRF88q80IdAnLWc0WExHsuMYwSxEbCg+irVuog/cwnQCILvNCH+
4WNI1rRRRysL5U+wMFwlPHBT49O8
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:56:14 2025 by rpki-client