Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B059969C273B11F0B91CAFF4DAE4EC9C.roa
File: B059969C273B11F0B91CAFF4DAE4EC9C.roa (raw, json)
Hash identifier: KSqMpOqEOAo9M5AAUkgyeNyEwdDwPmLAt/hM+2hqDY4=
Subject key identifier: 1F:D8:0A:2E:F9:70:DA:57:D9:0C:D6:63:6D:CA:71:67:74:7F:3B:54
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 015175
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B059969C273B11F0B91CAFF4DAE4EC9C.roa
Signing time: Fri 02 May 2025 09:56:17 +0000
ROA not before: Fri 02 May 2025 09:56:12 +0000
ROA not after: Fri 09 May 2025 09:56:12 +0000
asID: 200373
IP address blocks: 156.249.138.0/24 maxlen: 24
156.253.164.0/22 maxlen: 24
156.253.168.0/21 maxlen: 24
156.253.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 07 May 2025 00:26:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86389 (0x15175)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR, serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Validity
Not Before: May 2 09:56:12 2025 GMT
Not After : May 9 09:56:12 2025 GMT
Subject: CN=681496c1-af6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:01:ab:88:ac:78:c4:46:53:31:b4:a0:6e:
4c:6b:b4:87:3f:4b:63:cb:89:e7:44:ce:ec:14:28:
1f:4c:e0:ad:61:eb:eb:dc:45:ab:ff:25:d5:91:5f:
58:eb:34:7d:f5:d5:65:ff:9c:2f:81:c2:8e:d0:9d:
f9:9b:30:df:18:a5:53:31:d9:de:bb:37:eb:66:3e:
f5:b7:39:06:ec:ef:f6:20:06:f9:62:ea:fe:47:a4:
c7:5d:33:78:95:99:84:8f:cf:36:88:bf:9d:c7:4a:
2f:1a:52:7f:bf:15:4b:d5:15:08:6a:7b:95:a6:31:
7f:d7:17:c5:47:c4:e2:94:28:7a:40:25:b6:24:51:
76:5b:93:c4:c7:f3:b6:41:24:d6:b7:fb:6b:08:ac:
5e:41:66:cd:e4:bc:8c:aa:5c:88:a7:55:f9:99:60:
86:fb:79:e7:6a:8c:55:95:d4:50:37:41:28:ed:ae:
c3:79:50:2c:e1:b1:d4:31:74:52:a3:81:66:f3:db:
b3:da:b5:9b:6b:ab:4d:11:74:77:e7:25:f8:e1:a1:
a5:cd:de:21:b4:df:38:3e:a5:60:a2:26:92:f9:13:
08:0e:74:ab:09:6d:eb:2a:c2:15:90:d0:ed:0c:1f:
de:a6:8e:0d:db:ef:4e:a1:19:ad:5f:ec:10:0f:09:
ea:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D8:0A:2E:F9:70:DA:57:D9:0C:D6:63:6D:CA:71:67:74:7F:3B:54
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/B059969C273B11F0B91CAFF4DAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.249.138.0/24
156.253.164.0-156.253.179.255
Signature Algorithm: sha256WithRSAEncryption
a0:e2:97:9f:ec:7d:2e:5d:22:b8:87:6f:92:11:cc:29:c7:8f:
66:91:a5:07:31:1b:71:24:c4:35:47:a5:15:57:0a:08:f6:c9:
c0:19:9c:11:2f:1d:1a:75:05:de:cb:c8:03:e7:55:b6:41:5b:
35:77:84:23:5e:0a:02:36:02:8e:9a:8b:6e:4c:dc:b4:84:d6:
0c:f3:d1:8b:d1:bb:da:f5:25:18:de:a6:eb:ae:db:8b:5d:68:
46:7f:94:8e:86:b2:33:a7:23:45:d5:c4:6b:d8:8c:59:94:3f:
5e:c4:08:93:8f:6b:59:39:5b:16:6e:fe:a8:d5:fb:d4:3f:de:
3c:0d:8b:e6:d2:68:10:7b:3e:11:80:fb:0c:11:48:85:d8:a5:
0e:96:a8:85:b0:fe:07:77:cb:ee:22:4a:3c:d5:11:ca:9a:02:
d0:08:0f:15:cf:66:47:8a:79:33:78:8e:b6:a7:cf:59:71:0b:
76:0a:a2:87:96:a8:9d:ab:ea:49:14:3e:bc:6d:df:b3:07:5f:
6b:11:ab:b3:38:c1:d1:14:9a:0c:de:df:1a:3a:9a:33:0a:31:
6f:5a:07:bd:ef:ee:0e:df:0b:77:25:f8:6a:f5:64:93:be:d4:
1f:dc:98:66:95:30:99:b9:7b:93:8e:81:b8:7e:65:98:a4:98:
b8:cd:3e:99
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAVF1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwNTAyMDk1NjEyWhcNMjUwNTA5MDk1NjEyWjAYMRYw
FAYDVQQDEw02ODE0OTZjMS1hZjZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEApFQBq4iseMRGUzG0oG5Ma7SHP0tjy4nnRM7sFCgfTOCtYevr3EWr/yXV
kV9Y6zR99dVl/5wvgcKO0J35mzDfGKVTMdneuzfrZj71tzkG7O/2IAb5Yur+R6TH
XTN4lZmEj882iL+dx0ovGlJ/vxVL1RUIanuVpjF/1xfFR8TilCh6QCW2JFF2W5PE
x/O2QSTWt/trCKxeQWbN5LyMqlyIp1X5mWCG+3nnaoxVldRQN0Eo7a7DeVAs4bHU
MXRSo4Fm89uz2rWba6tNEXR35yX44aGlzd4htN84PqVgoiaS+RMIDnSrCW3rKsIV
kNDtDB/epo4N2+9OoRmtX+wQDwnqGwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFB/Y
Ci75cNpX2QzWY23KcWd0fztUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9CMDU5OTY5QzI3M0IxMUYwQjkxQ0FGRjREQUU0RUM5Qy5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAnPmKMAwDBAKc/aQDBAKc/bAw
DQYJKoZIhvcNAQELBQADggEBAKDil5/sfS5dIriHb5IRzCnHj2aRpQcxG3EkxDVH
pRVXCgj2ycAZnBEvHRp1Bd7LyAPnVbZBWzV3hCNeCgI2Ao6ai25M3LSE1gzz0YvR
u9r1JRjepuuu24tdaEZ/lI6GsjOnI0XVxGvYjFmUP17ECJOPa1k5WxZu/qjV+9Q/
3jwNi+bSaBB7PhGA+wwRSIXYpQ6WqIWw/gd3y+4iSjzVEcqaAtAIDxXPZkeKeTN4
jranz1lxC3YKooeWqJ2r6kkUPrxt37MHX2sRq7M4wdEUmgze3xo6mjMKMW9aB73v
7g7fC3cl+Gr1ZJO+1B/cmGaVMJm5e5OOgbh+ZZikmLjNPpk=
-----END CERTIFICATE-----
Generated at Mon May 5 09:10:57 2025 by rpki-client