Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBCD384CF4B011EF8A718157762E951A.roa
File: CBCD384CF4B011EF8A718157762E951A.roa (raw, json)
Hash identifier: 9M6LCyV/gkWFx8c3e9hsHJhqoGOOZayDVL/VsMTAfq0=
Subject key identifier: 56:31:4C:7D:30:08:FC:46:27:CB:F8:7E:86:42:1E:36:D3:1C:0B:31
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0138AE
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBCD384CF4B011EF8A718157762E951A.roa
Signing time: Thu 27 Feb 2025 02:16:04 +0000
ROA not before: Thu 27 Feb 2025 02:16:00 +0000
ROA not after: Thu 19 Feb 2026 02:16:00 +0000
asID: 984
IP address blocks: 156.236.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80046 (0x138ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 27 02:16:00 2025 GMT
Not After : Feb 19 02:16:00 2026 GMT
Subject: CN=67bfcae4-7dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:44:54:60:c7:13:b7:06:1e:6b:ac:c9:2b:ac:
c5:6c:07:51:95:0e:74:6d:25:76:47:f0:13:66:e5:
fb:2a:ec:56:3d:50:65:bd:79:5e:81:44:33:a0:98:
73:54:ad:5d:98:a0:3b:c3:12:e6:85:0a:98:49:d1:
ce:79:21:c6:6a:a3:50:65:53:d9:65:0a:75:ff:5b:
14:a9:c9:dd:6f:fa:2f:69:d2:66:fd:46:ff:84:45:
09:ba:90:f9:1d:b9:7b:d0:aa:24:87:24:d6:f1:de:
2e:f7:73:95:8b:8d:ac:85:eb:2e:76:11:ce:d1:a0:
c5:32:3f:bb:55:6f:b2:de:ec:2d:b0:29:d2:9f:07:
11:b3:c5:ce:60:38:65:d1:3a:0b:de:78:26:b3:81:
cb:47:2f:7f:9e:ef:34:9e:14:cf:12:ae:04:2d:9c:
24:38:84:63:35:7c:9d:df:d5:ac:c1:2e:ba:f4:21:
2c:aa:30:c1:33:ed:d3:3b:bc:83:fa:7d:8f:9e:d3:
17:ba:57:93:cc:84:39:f2:db:2c:f7:e2:e6:5c:fe:
8b:a5:4d:3f:fb:b5:fd:7d:1a:eb:57:b7:7a:ec:40:
98:fb:27:ad:0a:84:24:fd:9a:12:46:06:c2:b0:81:
1a:6b:5b:96:9b:e8:d1:a0:82:4b:f3:66:b5:c2:e0:
34:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:31:4C:7D:30:08:FC:46:27:CB:F8:7E:86:42:1E:36:D3:1C:0B:31
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CBCD384CF4B011EF8A718157762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.236.19.0/24
Signature Algorithm: sha256WithRSAEncryption
af:3b:83:0e:60:04:59:dd:95:6b:d2:f2:3a:29:0b:6e:53:65:
f8:5e:16:22:3f:a3:66:87:ce:fc:db:4a:71:5d:ed:10:29:0a:
2f:3a:cf:df:07:d9:44:45:79:54:ee:b2:2e:b6:c8:f0:12:58:
3c:d3:57:04:72:8e:bd:3b:4d:68:a6:a6:09:de:58:16:2f:c9:
75:39:50:e6:7a:a6:5f:64:da:71:1a:4a:cd:df:b9:c4:48:f6:
ab:e6:c0:5a:5f:b9:d3:3e:58:5d:a5:a6:34:e9:95:49:f1:40:
5a:0f:ee:04:ee:4f:07:be:a1:7c:03:89:9c:f9:21:9b:5d:96:
a8:c4:a9:86:6f:c1:89:a9:6f:4c:30:43:66:54:0b:1a:b9:36:
85:fe:72:3e:cb:ba:d2:2d:10:2f:29:64:16:4d:3e:f4:80:89:
4e:3b:39:bb:7d:ba:9b:5a:5c:ba:32:8c:d4:42:f5:42:c4:c6:
4b:de:2e:2a:70:5b:d4:53:d4:7c:66:02:61:85:02:32:af:80:
32:48:1e:be:b9:fc:b2:77:c9:9b:06:a1:26:9b:71:10:53:83:
8f:0e:6a:0e:bf:c4:97:53:7e:55:3d:06:2d:3c:38:e8:77:01:
99:95:67:45:41:30:41:db:5b:90:6e:ee:a9:09:8f:93:ed:9f:
18:ed:9d:9d
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATiuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI3MDIxNjAwWhcNMjYwMjE5MDIxNjAwWjAYMRYw
FAYDVQQDEw02N2JmY2FlNC03ZGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3URUYMcTtwYea6zJK6zFbAdRlQ50bSV2R/ATZuX7KuxWPVBlvXlegUQz
oJhzVK1dmKA7wxLmhQqYSdHOeSHGaqNQZVPZZQp1/1sUqcndb/ovadJm/Ub/hEUJ
upD5Hbl70KokhyTW8d4u93OVi42shesudhHO0aDFMj+7VW+y3uwtsCnSnwcRs8XO
YDhl0ToL3ngms4HLRy9/nu80nhTPEq4ELZwkOIRjNXyd39WswS669CEsqjDBM+3T
O7yD+n2PntMXuleTzIQ58tss9+LmXP6LpU0/+7X9fRrrV7d67ECY+yetCoQk/ZoS
RgbCsIEaa1uWm+jRoIJL82a1wuA03wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFFYx
TH0wCPxGJ8v4foZCHjbTHAsxMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQkNEMzg0Q0Y0QjAxMUVGOEE3MTgxNTc3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOwTMA0GCSqGSIb3DQEBCwUA
A4IBAQCvO4MOYARZ3ZVr0vI6KQtuU2X4XhYiP6Nmh87820pxXe0QKQovOs/fB9lE
RXlU7rIutsjwElg801cEco69O01opqYJ3lgWL8l1OVDmeqZfZNpxGkrN37nESPar
5sBaX7nTPlhdpaY06ZVJ8UBaD+4E7k8HvqF8A4mc+SGbXZaoxKmGb8GJqW9MMENm
VAsauTaF/nI+y7rSLRAvKWQWTT70gIlOOzm7fbqbWly6MozUQvVCxMZL3i4qcFvU
U9R8ZgJhhQIyr4AySB6+ufyyd8mbBqEmm3EQU4OPDmoOv8SXU35VPQYtPDjodwGZ
lWdFQTBB21uQbu6pCY+T7Z8Y7Z2d
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:27:27 2025 by rpki-client