Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D41DF0CFB2911EFBA06D05D762E951A.roa
File: 0D41DF0CFB2911EFBA06D05D762E951A.roa (raw, json)
Hash identifier: EGR/UbR8ZRH/mOdoIWTE4C7Qm670ek6J3J7cliIZXZQ=
Subject key identifier: 57:B7:FC:C4:73:5E:CA:47:55:04:04:AF:6A:2F:BB:47:44:B5:86:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0172BA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D41DF0CFB2911EFBA06D05D762E951A.roa
Signing time: Fri 07 Mar 2025 07:52:01 +0000
ROA not before: Fri 07 Mar 2025 07:51:57 +0000
ROA not after: Mon 14 Apr 2025 07:51:57 +0000
asID: 20473
IP address blocks: 154.197.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94906 (0x172ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 7 07:51:57 2025 GMT
Not After : Apr 14 07:51:57 2025 GMT
Subject: CN=67caa5a1-1e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:69:8e:93:d7:23:56:d2:22:21:01:03:27:4a:
cd:e5:0b:49:c5:08:dc:c1:3d:bb:c8:38:89:2b:62:
cf:fe:c7:9f:d5:c1:03:f0:b3:61:37:f1:63:dd:b4:
6a:02:d3:a0:e0:a3:3d:ec:98:64:22:25:41:af:19:
31:c6:02:d1:d4:bc:37:e8:68:56:cb:ed:05:c4:11:
88:35:59:a2:88:e3:d5:d3:f3:e7:84:c4:98:df:97:
e2:86:87:c0:32:10:2a:ed:2b:c8:c5:b0:8a:87:c2:
e9:95:0c:c0:08:39:89:ad:42:dd:36:6c:d9:71:44:
90:40:88:17:2b:8a:1c:7a:22:8f:d8:f5:e5:b7:df:
b6:39:ac:57:94:25:2a:72:70:22:b6:72:16:f2:92:
39:7a:70:a5:c4:54:56:21:e3:96:81:14:dd:4d:53:
dd:2c:43:e6:3a:5f:4c:2d:8e:58:2e:2e:16:2c:19:
44:65:c9:ba:eb:7d:40:db:3b:fd:db:2e:48:e0:89:
72:c2:2d:f0:bc:78:28:c4:00:34:8c:de:2d:90:0e:
e9:73:41:62:25:00:9a:d9:df:11:87:c5:d0:3e:0a:
29:c7:3c:ef:ec:5c:7c:6c:72:ca:70:cd:d0:37:7d:
fc:67:c8:7c:55:ef:b3:2a:8f:52:d3:9f:2a:fa:10:
b7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B7:FC:C4:73:5E:CA:47:55:04:04:AF:6A:2F:BB:47:44:B5:86:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D41DF0CFB2911EFBA06D05D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.197.32.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:7b:2d:2f:2a:c3:c7:a5:ab:8c:4d:bc:03:bc:2c:49:7b:d9:
42:8e:78:89:1b:7d:a6:c3:b3:de:1e:e4:6a:93:6a:fb:6a:37:
78:32:2f:60:36:2e:ed:93:79:ce:7a:81:58:5e:de:0f:ff:6c:
36:4f:e7:7c:25:52:9d:b5:5c:53:4b:a1:62:d3:81:34:c0:47:
dd:36:71:93:7e:3a:b4:73:dc:73:1f:a5:4e:ae:27:66:fa:34:
93:91:62:93:32:8b:9f:08:dd:56:e5:8e:a0:b4:f8:65:07:7e:
4c:10:92:87:77:5f:50:2c:a5:8a:40:01:ec:b8:5b:98:ed:30:
0d:3b:75:ef:d4:ee:97:11:52:38:fb:50:88:25:1c:a2:d3:48:
b4:6d:47:62:5b:79:a0:f1:a2:03:e4:8c:20:73:1b:13:2a:86:
f7:d4:0d:d5:19:6f:58:ea:80:e2:96:74:7a:bc:42:1c:66:c8:
04:9e:cd:7e:78:77:d8:5d:0c:ee:f7:44:a5:fd:7f:67:33:67:
63:dd:cd:38:5c:6c:5f:15:c8:52:3f:ff:49:d5:19:d5:df:0c:
eb:b2:fe:39:1b:09:d8:3d:af:99:9b:60:43:9d:2e:61:1c:ad:
dc:07:4f:22:94:5b:b2:68:65:4d:b2:15:98:84:cd:d8:de:a6:
20:14:cf:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXK6MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzA3MDc1MTU3WhcNMjUwNDE0MDc1MTU3WjAYMRYw
FAYDVQQDEw02N2NhYTVhMS0xZTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAo2mOk9cjVtIiIQEDJ0rN5QtJxQjcwT27yDiJK2LP/sef1cED8LNhN/Fj
3bRqAtOg4KM97JhkIiVBrxkxxgLR1Lw36GhWy+0FxBGINVmiiOPV0/PnhMSY35fi
hofAMhAq7SvIxbCKh8LplQzACDmJrULdNmzZcUSQQIgXK4oceiKP2PXlt9+2OaxX
lCUqcnAitnIW8pI5enClxFRWIeOWgRTdTVPdLEPmOl9MLY5YLi4WLBlEZcm6631A
2zv92y5I4Ilywi3wvHgoxAA0jN4tkA7pc0FiJQCa2d8Rh8XQPgopxzzv7Fx8bHLK
cM3QN338Z8h8Ve+zKo9S058q+hC3QQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFe3
/MRzXspHVQQEr2ovu0dEtYa/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDQxREYwQ0ZCMjkxMUVGQkEwNkQwNUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsUgMA0GCSqGSIb3DQEB
CwUAA4IBAQCpey0vKsPHpauMTbwDvCxJe9lCjniJG32mw7PeHuRqk2r7ajd4Mi9g
Ni7tk3nOeoFYXt4P/2w2T+d8JVKdtVxTS6Fi04E0wEfdNnGTfjq0c9xzH6VOridm
+jSTkWKTMoufCN1W5Y6gtPhlB35MEJKHd19QLKWKQAHsuFuY7TANO3Xv1O6XEVI4
+1CIJRyi00i0bUdiW3mg8aID5IwgcxsTKob31A3VGW9Y6oDilnR6vEIcZsgEns1+
eHfYXQzu90Sl/X9nM2dj3c04XGxfFchSP/9J1RnV3wzrsv45GwnYPa+Zm2BDnS5h
HK3cB08ilFuyaGVNshWYhM3Y3qYgFM90
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:43:13 2025 by rpki-client