Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF11F26AD58C11EFB8C68C52762E951A.roa
File: CF11F26AD58C11EFB8C68C52762E951A.roa (raw, json)
Hash identifier: VQHuzVqnXHzG39GHnAarQjHY02bubFr93IFuwdRZoeU=
Subject key identifier: 45:86:DA:6F:98:1A:5D:6E:D0:69:13:17:BC:F2:46:77:62:8A:DA:99
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010B9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF11F26AD58C11EFB8C68C52762E951A.roa
Signing time: Sat 18 Jan 2025 11:10:22 +0000
ROA not before: Sat 18 Jan 2025 11:10:18 +0000
ROA not after: Thu 22 Jan 2026 11:10:18 +0000
asID: 63199
IP address blocks: 156.240.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68509 (0x10b9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 18 11:10:18 2025 GMT
Not After : Jan 22 11:10:18 2026 GMT
Subject: CN=678b8c1e-301f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7c:db:ee:81:4e:77:e2:5d:50:58:de:70:0d:
d3:2a:a1:38:f6:d4:be:d6:a2:cb:37:84:47:bd:e8:
04:32:d6:b9:11:0e:79:19:d2:8f:56:54:20:d2:73:
df:ca:c1:c8:76:66:2a:4a:ab:5a:f6:f1:f5:74:ee:
31:1d:c5:fe:3a:31:7b:bb:ec:77:6d:a6:a1:82:2d:
fc:11:29:ed:39:df:b7:63:8e:6b:b7:f1:e8:7f:6b:
aa:b9:42:a2:b8:e3:44:b3:56:f1:48:b0:62:03:ed:
40:32:8d:fc:f9:e4:24:87:99:0d:e4:c3:aa:63:0a:
6f:98:e5:e7:63:0d:c6:a8:a2:76:61:b7:5a:75:96:
62:2e:e1:2a:64:64:48:f9:7f:0a:2d:8a:b0:0d:06:
d1:75:67:6f:6a:85:3f:06:85:b8:27:c2:ac:6d:77:
67:a9:d2:ad:10:2c:fc:2d:16:e9:e3:37:1e:df:11:
53:73:34:73:a2:2f:18:38:92:8f:03:fd:2b:a2:ca:
49:43:6e:51:ff:2a:8a:d4:a5:ac:47:fa:62:79:69:
f5:49:9f:97:59:98:ec:22:f7:67:60:05:c9:7a:63:
a5:1d:28:4d:e4:4a:52:4f:9c:46:33:da:ec:38:6a:
f6:d2:ad:18:3b:1c:27:0d:5a:c2:33:09:92:4c:6b:
ce:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:86:DA:6F:98:1A:5D:6E:D0:69:13:17:BC:F2:46:77:62:8A:DA:99
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CF11F26AD58C11EFB8C68C52762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.240.56.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:72:8a:88:22:ec:cf:19:e8:5f:62:90:6f:86:96:d3:f4:d0:
13:66:9c:ac:25:d4:7c:e1:9b:84:11:a3:e4:0b:5d:c0:21:63:
1f:15:fb:33:a7:5f:0f:87:07:ed:2d:2e:f0:89:ae:c7:4d:13:
0c:60:34:49:f9:0f:33:62:d8:05:c2:95:d2:b7:d2:ed:12:0d:
73:80:a6:b3:47:5d:b0:41:dc:96:83:61:f2:12:a7:3d:d0:60:
59:46:c1:f9:d0:f3:b0:c1:73:b3:ad:94:88:4d:d4:bf:c0:88:
9e:cb:b2:75:37:c6:01:4e:70:94:8c:35:ed:0b:d4:98:98:9d:
6d:79:81:14:24:fa:85:5b:82:7f:ea:76:7a:85:96:54:4a:fa:
f9:66:0a:a3:02:67:12:c9:da:df:fa:62:ab:33:30:38:6b:2b:
09:4b:3e:38:6c:e5:35:a4:09:c8:c5:43:96:1e:7f:e9:e3:f8:
ff:12:d6:26:bb:bd:d2:52:bc:f0:38:89:48:8a:bf:4e:f5:9a:
a3:ba:9e:a2:7c:c3:ba:e7:e8:aa:77:27:ed:6b:36:38:6f:c0:
66:81:18:a4:4d:18:45:3a:90:bb:b9:24:dc:4f:f7:31:aa:c9:
b9:f5:72:99:4b:dc:b8:f8:61:81:04:4c:8e:80:e2:5d:78:a7:
64:a1:1a:ce
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQudMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTE4MTExMDE4WhcNMjYwMTIyMTExMDE4WjAYMRYw
FAYDVQQDEw02NzhiOGMxZS0zMDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt3zb7oFOd+JdUFjecA3TKqE49tS+1qLLN4RHvegEMta5EQ55GdKPVlQg
0nPfysHIdmYqSqta9vH1dO4xHcX+OjF7u+x3baahgi38ESntOd+3Y45rt/Hof2uq
uUKiuONEs1bxSLBiA+1AMo38+eQkh5kN5MOqYwpvmOXnYw3GqKJ2YbdadZZiLuEq
ZGRI+X8KLYqwDQbRdWdvaoU/BoW4J8KsbXdnqdKtECz8LRbp4zce3xFTczRzoi8Y
OJKPA/0rospJQ25R/yqK1KWsR/pieWn1SZ+XWZjsIvdnYAXJemOlHShN5EpST5xG
M9rsOGr20q0YOxwnDVrCMwmSTGvOXQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEWG
2m+YGl1u0GkTF7zyRndiitqZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DRjExRjI2QUQ1OEMxMUVGQjhDNjhDNTI3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnPA4MA0GCSqGSIb3DQEBCwUA
A4IBAQC6coqIIuzPGehfYpBvhpbT9NATZpysJdR84ZuEEaPkC13AIWMfFfszp18P
hwftLS7wia7HTRMMYDRJ+Q8zYtgFwpXSt9LtEg1zgKazR12wQdyWg2HyEqc90GBZ
RsH50POwwXOzrZSITdS/wIiey7J1N8YBTnCUjDXtC9SYmJ1teYEUJPqFW4J/6nZ6
hZZUSvr5ZgqjAmcSydrf+mKrMzA4aysJSz44bOU1pAnIxUOWHn/p4/j/EtYmu73S
UrzwOIlIir9O9Zqjup6ifMO65+iqdyftazY4b8BmgRikTRhFOpC7uSTcT/cxqsm5
9XKZS9y4+GGBBEyOgOJdeKdkoRrO
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:36 2025 by rpki-client