Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF67B5B4F43611EFBDAA8B85762E951A.roa
File: DF67B5B4F43611EFBDAA8B85762E951A.roa (raw, json)
Hash identifier: SxS7g0YLn9qYBcvoDeaLoeZiNfrIBFZ2l6aOsEzZ34Q=
Subject key identifier: 43:E3:30:43:CB:7B:2C:95:83:A8:17:DA:C3:DD:95:3E:08:43:4F:A4
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 0131E6
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF67B5B4F43611EFBDAA8B85762E951A.roa
Signing time: Wed 26 Feb 2025 11:43:18 +0000
ROA not before: Wed 26 Feb 2025 11:43:15 +0000
ROA not after: Thu 19 Feb 2026 11:43:15 +0000
asID: 984
IP address blocks: 156.252.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78310 (0x131e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Feb 26 11:43:15 2025 GMT
Not After : Feb 19 11:43:15 2026 GMT
Subject: CN=67befe56-372d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:da:d6:e2:d3:63:61:b4:c0:f4:b2:12:d2:76:
bf:7e:6d:d3:73:8d:43:8e:1f:0f:c8:0c:48:ed:eb:
8f:1f:f4:1a:e0:d4:b9:b8:57:ae:2a:79:e5:a4:11:
41:47:74:dd:6a:f5:41:4a:c9:2f:dc:59:e4:02:f3:
8f:8c:7d:44:eb:25:da:b5:72:19:e7:5e:20:b8:96:
c6:c3:30:6e:59:6f:e8:7c:d7:32:d7:54:fd:e4:f3:
fb:33:99:f2:44:7f:29:1a:c1:66:54:c4:1a:d5:b1:
d0:93:a6:8d:9c:91:13:dc:b0:3d:2c:c9:03:18:38:
93:c4:41:3b:44:1c:6e:0f:20:f4:2b:f7:22:f7:a9:
1d:e8:18:99:1b:bd:ad:ff:d0:d2:c9:1e:6c:32:10:
33:b3:d7:58:cf:a2:f8:51:94:28:49:70:4d:70:fd:
75:1c:6c:fe:77:82:97:c2:82:40:d8:57:68:f6:04:
26:8d:87:6b:f4:7b:6e:37:7d:07:66:59:c5:e3:12:
2e:22:98:72:9e:93:94:45:a5:75:17:64:9d:d8:d3:
0e:8b:9e:78:e4:c4:34:fc:77:fe:29:f6:ba:0e:ad:
fa:9d:96:7c:20:d2:99:8f:63:d2:66:a1:56:fe:90:
22:87:f2:79:ca:9f:57:f2:89:82:ae:0b:1f:7b:40:
4a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E3:30:43:CB:7B:2C:95:83:A8:17:DA:C3:DD:95:3E:08:43:4F:A4
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DF67B5B4F43611EFBDAA8B85762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.252.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:21:ab:ed:7a:8e:25:25:c0:64:47:7d:eb:40:d7:1d:db:a7:
b3:ed:57:43:95:fb:93:7e:12:04:1c:fa:7d:bc:81:55:35:ce:
f9:0e:ac:d9:40:2d:7c:f4:c5:59:0b:bc:7c:2c:ba:4e:9e:93:
81:9f:66:78:10:79:40:7a:56:14:07:bd:7a:87:26:68:e2:9f:
c0:06:f3:d4:14:c1:aa:88:49:0f:ce:5c:c6:4f:d5:92:8b:ef:
16:0e:47:7c:bb:37:0d:83:d9:2c:35:71:4a:33:a6:30:b3:a6:
4b:df:f0:18:d3:4a:41:69:3d:a5:13:41:03:c5:02:67:65:ef:
a1:d4:f0:cc:2f:65:10:a9:d6:92:00:1d:ec:8c:96:fe:71:b4:
3c:98:70:8e:98:7b:d9:cb:e9:0b:34:7e:4f:e4:6d:cd:a5:4d:
f3:3b:3f:df:f0:3b:41:5b:71:9d:9d:43:9c:5d:e3:5e:c1:81:
ee:a9:90:60:b0:24:a6:88:5d:7a:c1:1a:44:eb:11:ad:6d:e1:
98:fa:4c:64:0f:87:52:f3:26:a3:b0:13:7c:32:93:ef:a6:69:
68:bb:23:32:e4:27:29:72:c7:33:68:21:d8:7a:df:06:19:3e:
6c:de:58:31:46:92:ee:d2:b9:89:91:df:4a:11:14:bc:05:18:
00:82:3a:3e
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDATHmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMjI2MTE0MzE1WhcNMjYwMjE5MTE0MzE1WjAYMRYw
FAYDVQQDEw02N2JlZmU1Ni0zNzJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt9rW4tNjYbTA9LIS0na/fm3Tc41Djh8PyAxI7euPH/Qa4NS5uFeuKnnl
pBFBR3TdavVBSskv3FnkAvOPjH1E6yXatXIZ514guJbGwzBuWW/ofNcy11T95PP7
M5nyRH8pGsFmVMQa1bHQk6aNnJET3LA9LMkDGDiTxEE7RBxuDyD0K/ci96kd6BiZ
G72t/9DSyR5sMhAzs9dYz6L4UZQoSXBNcP11HGz+d4KXwoJA2Fdo9gQmjYdr9Htu
N30HZlnF4xIuIphynpOURaV1F2Sd2NMOi5545MQ0/Hf+Kfa6Dq36nZZ8INKZj2PS
ZqFW/pAih/J5yp9X8omCrgsfe0BKDwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFEPj
MEPLeyyVg6gX2sPdlT4IQ0+kMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ERjY3QjVCNEY0MzYxMUVGQkRBQThCODU3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnPx4MA0GCSqGSIb3DQEBCwUA
A4IBAQArIavteo4lJcBkR33rQNcd26ez7VdDlfuTfhIEHPp9vIFVNc75DqzZQC18
9MVZC7x8LLpOnpOBn2Z4EHlAelYUB716hyZo4p/ABvPUFMGqiEkPzlzGT9WSi+8W
Dkd8uzcNg9ksNXFKM6Yws6ZL3/AY00pBaT2lE0EDxQJnZe+h1PDML2UQqdaSAB3s
jJb+cbQ8mHCOmHvZy+kLNH5P5G3NpU3zOz/f8DtBW3GdnUOcXeNewYHuqZBgsCSm
iF16wRpE6xGtbeGY+kxkD4dS8yajsBN8MpPvpmlouyMy5CcpcsczaCHYet8GGT5s
3lgxRpLu0rmJkd9KERS8BRgAgjo+
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:12:00 2025 by rpki-client