Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C61779D6F44111EF94A8F350762E951A.roa
File: C61779D6F44111EF94A8F350762E951A.roa (raw, json)
Hash identifier: S6fv1Dz0T2MmSgAtTz1kNaut63uqHEINO9gtrJKIxGA=
Subject key identifier: 0B:E1:42:A5:31:30:5F:04:C9:77:AC:62:1A:EE:E6:02:09:1A:B1:11
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0132DB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C61779D6F44111EF94A8F350762E951A.roa
Signing time: Wed 26 Feb 2025 13:01:20 +0000
ROA not before: Wed 26 Feb 2025 13:01:17 +0000
ROA not after: Thu 19 Feb 2026 13:01:17 +0000
asID: 984
IP address blocks: 156.252.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78555 (0x132db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 13:01:17 2025 GMT
Not After : Feb 19 13:01:17 2026 GMT
Subject: CN=67bf10a0-9bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:2b:81:7d:31:aa:6e:8f:f6:7e:b0:08:48:07:
a5:57:63:2e:39:a7:87:0a:30:aa:21:7d:b6:de:ef:
de:7b:72:ee:cd:fd:e2:a4:08:ee:38:55:1f:25:ef:
19:66:03:f5:23:27:6b:a9:fe:2d:37:35:6c:9c:b6:
56:21:52:0a:75:19:f4:8d:e6:fe:c4:47:fd:fc:24:
bd:ea:3c:57:99:9a:ba:0a:b9:15:43:67:06:0f:f6:
17:17:5b:47:2e:92:11:12:b2:80:a9:e9:36:5e:54:
c0:dd:de:22:a0:cf:dc:ff:46:4e:a4:ad:be:e3:ef:
8c:3f:03:a9:bf:51:45:bc:36:e0:88:54:4e:a8:d2:
90:2a:b8:ec:a1:bb:36:71:8b:66:23:75:3a:e1:aa:
53:42:6a:85:cb:66:cf:55:10:c3:00:e0:8e:c0:ad:
60:dc:2d:26:0f:f1:18:76:be:a8:c7:1a:de:c5:43:
3e:07:b3:ea:07:41:8b:a0:94:5a:a1:b2:3b:50:e5:
d8:1b:5a:db:c4:90:5c:ee:5d:9d:76:4f:4f:f6:4d:
bb:3f:9c:48:3f:2c:b9:fe:21:8b:a4:cb:7d:ee:c2:
46:de:de:23:49:08:77:e1:db:ba:71:33:ee:6e:46:
e1:63:2d:f6:44:0c:d3:6b:65:e8:27:1a:a3:00:c0:
d0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E1:42:A5:31:30:5F:04:C9:77:AC:62:1A:EE:E6:02:09:1A:B1:11
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/C61779D6F44111EF94A8F350762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.156.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:88:42:49:26:ec:19:bd:ca:a9:c0:e0:23:f5:12:be:24:a5:
9b:c6:28:b8:c0:75:91:11:91:9c:f7:f6:1f:9c:f9:36:37:5f:
ac:6c:75:f6:f4:bc:56:ac:e5:4a:72:82:3d:ac:f6:cf:0a:60:
9b:22:e3:b3:43:3a:8e:d2:74:c2:2b:1f:b6:65:22:7c:41:75:
3e:2f:da:75:c3:ca:e0:f2:1d:a2:c6:7f:95:f7:14:3c:38:8e:
d6:19:b1:4b:9a:6b:8c:c7:37:0b:95:8e:37:7f:19:e3:18:6e:
0c:dd:38:47:ec:13:4b:22:30:5c:9c:ea:77:43:b8:44:8d:43:
c9:6f:b6:c9:b4:ba:63:0e:4d:56:78:a0:82:da:5b:06:2b:14:
6a:ed:0d:f2:18:8b:cc:9e:df:d7:42:95:f8:fb:40:79:41:44:
e2:bd:05:03:8d:99:ce:5a:04:91:3e:6f:e6:4f:4f:2d:92:43:
6b:9a:7e:c0:88:db:47:16:e8:aa:7e:0b:3d:0a:de:71:70:a7:
5b:70:05:2d:f9:f3:2b:d0:b2:c2:f1:05:43:1b:8a:17:0e:72:
41:87:1c:71:38:9d:91:b2:2b:7b:90:39:c1:7a:44:c7:ba:f8:
d9:2f:d9:54:b1:36:8a:ff:cb:f3:46:a1:c4:11:82:ff:b4:4a:
c3:4f:72:11
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATLbMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTMwMTE3WhcNMjYwMjE5MTMwMTE3WjAYMRYw
FAYDVQQDEw02N2JmMTBhMC05YmY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+iuBfTGqbo/2frAISAelV2MuOaeHCjCqIX223u/ee3Luzf3ipAjuOFUf
Je8ZZgP1Iydrqf4tNzVsnLZWIVIKdRn0jeb+xEf9/CS96jxXmZq6CrkVQ2cGD/YX
F1tHLpIRErKAqek2XlTA3d4ioM/c/0ZOpK2+4++MPwOpv1FFvDbgiFROqNKQKrjs
obs2cYtmI3U64apTQmqFy2bPVRDDAOCOwK1g3C0mD/EYdr6oxxrexUM+B7PqB0GL
oJRaobI7UOXYG1rbxJBc7l2ddk9P9k27P5xIPyy5/iGLpMt97sJG3t4jSQh34du6
cTPubkbhYy32RAzTa2XoJxqjAMDQYQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFAvh
QqUxMF8EyXesYhru5gIJGrERMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DNjE3NzlENkY0NDExMUVGOTRBOEYzNTA3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPycMA0GCSqGSIb3DQEBCwUA
A4IBAQCtiEJJJuwZvcqpwOAj9RK+JKWbxii4wHWREZGc9/YfnPk2N1+sbHX29LxW
rOVKcoI9rPbPCmCbIuOzQzqO0nTCKx+2ZSJ8QXU+L9p1w8rg8h2ixn+V9xQ8OI7W
GbFLmmuMxzcLlY43fxnjGG4M3ThH7BNLIjBcnOp3Q7hEjUPJb7bJtLpjDk1WeKCC
2lsGKxRq7Q3yGIvMnt/XQpX4+0B5QUTivQUDjZnOWgSRPm/mT08tkkNrmn7AiNtH
Fuiqfgs9Ct5xcKdbcAUt+fMr0LLC8QVDG4oXDnJBhxxxOJ2Rsit7kDnBekTHuvjZ
L9lUsTaK/8vzRqHEEYL/tErDT3IR
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:41 2025 by rpki-client