Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/051F9D0AF47B11EF9886AE60762E951A.roa
File: 051F9D0AF47B11EF9886AE60762E951A.roa (raw, json)
Hash identifier: mzYpGBEdJUUzJL2gQoZyWjsgCOJUxy4y5+wJoeWw5Zc=
Subject key identifier: A4:2B:E9:FF:09:86:95:74:0A:C7:D9:9A:04:3B:60:48:F3:4E:1F:DE
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0165C9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/051F9D0AF47B11EF9886AE60762E951A.roa
Signing time: Wed 26 Feb 2025 19:51:08 +0000
ROA not before: Wed 26 Feb 2025 19:50:58 +0000
ROA not after: Sat 19 Feb 2028 19:50:58 +0000
asID: 17561
IP address blocks: 154.94.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91593 (0x165c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 19:50:58 2025 GMT
Not After : Feb 19 19:50:58 2028 GMT
Subject: CN=67bf70ab-0e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:94:ff:c5:c3:c8:79:40:72:98:2f:37:8b:bd:
ab:b5:80:90:37:23:f9:18:d7:3b:e6:04:f7:8d:de:
15:80:5b:7c:f7:a9:c5:ae:b5:b7:48:a6:b0:90:fe:
34:49:3b:fb:e9:f4:df:5f:c5:aa:59:13:df:d6:98:
29:96:03:59:d2:3c:96:d8:57:b6:3b:80:83:1a:4b:
43:ea:5d:9b:e4:68:38:94:b5:5e:7b:b5:d3:02:71:
0e:b5:cc:50:33:51:0e:d9:72:6d:6b:1d:9b:b9:4d:
5e:b3:12:5a:d5:a5:76:10:73:73:5f:20:82:9d:dd:
78:14:ca:ae:60:07:36:4a:4c:7b:1e:e7:df:08:11:
ca:15:bc:7f:63:19:f7:a1:e6:51:52:59:3d:9a:54:
14:d2:64:1b:d8:45:69:11:f3:19:01:5b:ba:32:c6:
76:9f:e4:01:2a:39:32:82:a2:54:22:c4:5f:56:07:
cd:57:69:8f:0f:4e:f4:1d:a0:45:78:13:a7:7d:4e:
2e:a1:b1:d8:78:93:74:c9:1a:91:0e:38:c8:17:a0:
04:d8:3f:41:af:29:3c:ee:95:f6:55:d0:ff:c5:5e:
95:c5:c4:01:f9:50:39:24:af:dc:79:b4:45:fc:d9:
28:99:3d:2e:81:8e:9c:ef:48:4c:f5:9a:30:a5:47:
f0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:2B:E9:FF:09:86:95:74:0A:C7:D9:9A:04:3B:60:48:F3:4E:1F:DE
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/051F9D0AF47B11EF9886AE60762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.21.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1d:38:4f:fe:11:6c:e7:a6:e4:8a:c9:79:d4:bc:f7:d0:71:
e6:75:1f:ce:bf:1f:04:54:7a:2e:6f:97:ca:1a:44:5b:3d:0f:
83:b7:64:92:08:0e:1e:dd:7c:09:a6:92:1c:4b:9b:31:cf:4d:
1f:6c:f9:99:aa:f4:1f:7a:23:74:16:dc:34:d5:2e:a7:0f:d3:
07:ee:cb:24:25:5d:bd:a9:65:b1:14:88:31:f8:ab:ca:0b:24:
71:29:15:46:07:57:b9:e6:83:a8:84:b5:cc:9a:83:c5:9e:3d:
06:3e:73:90:0a:57:d3:35:1b:31:c8:2e:8d:31:35:93:7c:82:
1c:fb:b4:00:69:70:80:77:a8:3a:81:40:3c:60:c4:f5:f1:1f:
93:65:be:01:eb:1a:7f:ae:52:83:a8:b3:92:19:3e:96:2d:7d:
9e:f9:ed:8f:c0:7c:5d:5d:98:46:6d:63:04:db:eb:98:18:d6:
8b:72:1d:ee:a1:bd:be:2a:e2:4a:23:2e:b3:3d:d0:a2:1a:e2:
61:02:3f:8c:a6:92:5f:ea:1b:9c:63:5b:43:cf:d2:d9:13:8c:
59:9b:00:9f:a7:a7:b2:a6:a1:4c:c8:67:6e:63:8a:24:98:61:
4b:7e:23:53:35:7a:74:2e:73:3a:72:9d:3d:03:ab:cc:dc:4f:
30:70:7d:c5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWXJMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTk1MDU4WhcNMjgwMjE5MTk1MDU4WjAYMRYw
FAYDVQQDEw02N2JmNzBhYi0wZTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvJT/xcPIeUBymC83i72rtYCQNyP5GNc75gT3jd4VgFt896nFrrW3SKaw
kP40STv76fTfX8WqWRPf1pgplgNZ0jyW2Fe2O4CDGktD6l2b5Gg4lLVee7XTAnEO
tcxQM1EO2XJtax2buU1esxJa1aV2EHNzXyCCnd14FMquYAc2Skx7HuffCBHKFbx/
Yxn3oeZRUlk9mlQU0mQb2EVpEfMZAVu6MsZ2n+QBKjkygqJUIsRfVgfNV2mPD070
HaBFeBOnfU4uobHYeJN0yRqRDjjIF6AE2D9Bryk87pX2VdD/xV6VxcQB+VA5JK/c
ebRF/NkomT0ugY6c70hM9ZowpUfw3wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKQr
6f8JhpV0CsfZmgQ7YEjzTh/eMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wNTFGOUQwQUY0N0IxMUVGOTg4NkFFNjA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml4VMA0GCSqGSIb3DQEB
CwUAA4IBAQCEHThP/hFs56bkisl51Lz30HHmdR/Ovx8EVHoub5fKGkRbPQ+Dt2SS
CA4e3XwJppIcS5sxz00fbPmZqvQfeiN0Ftw01S6nD9MH7sskJV29qWWxFIgx+KvK
CyRxKRVGB1e55oOohLXMmoPFnj0GPnOQClfTNRsxyC6NMTWTfIIc+7QAaXCAd6g6
gUA8YMT18R+TZb4B6xp/rlKDqLOSGT6WLX2e+e2PwHxdXZhGbWME2+uYGNaLch3u
ob2+KuJKIy6zPdCiGuJhAj+MppJf6hucY1tDz9LZE4xZmwCfp6eypqFMyGduY4ok
mGFLfiNTNXp0LnM6cp09A6vM3E8wcH3F
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:29 2025 by rpki-client