Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/131D0A28F42611EFA4D01690762E951A.roa
File: 131D0A28F42611EFA4D01690762E951A.roa (raw, json)
Hash identifier: KKp7nEHa+BGFW+UxINczE00wjGq1dSRMww1FxvpvjLo=
Subject key identifier: AF:8E:A6:3B:A5:0D:F7:CA:DD:D7:41:9C:ED:E9:93:67:BD:98:85:88
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0161F3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/131D0A28F42611EFA4D01690762E951A.roa
Signing time: Wed 26 Feb 2025 09:43:04 +0000
ROA not before: Wed 26 Feb 2025 09:43:00 +0000
ROA not after: Thu 19 Feb 2026 09:43:00 +0000
asID: 328608
IP address blocks: 154.200.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90611 (0x161f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 09:43:00 2025 GMT
Not After : Feb 19 09:43:00 2026 GMT
Subject: CN=67bee228-3655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:49:ff:48:6b:3f:dd:06:de:31:99:91:cf:56:
7f:3b:d6:f0:bc:ec:33:fe:84:50:b8:62:8e:7b:dd:
2a:35:9c:6c:55:c2:8b:2b:4e:01:a0:e5:ed:98:bc:
a8:5f:40:54:57:b7:f7:1a:fd:2b:c1:16:6a:ea:fa:
41:18:fc:95:fd:7d:95:52:d5:d9:24:54:77:74:1a:
77:d1:38:70:b3:84:f0:89:b0:6a:c3:e5:79:9a:0e:
5e:09:3d:ff:dc:2c:2a:c9:07:f4:bf:70:fe:c5:fd:
ff:83:ac:89:f5:e9:76:a2:d6:0b:34:d9:03:d1:81:
a5:e5:45:d1:2d:3d:fe:de:79:fa:58:cb:59:54:46:
82:5f:47:fa:5d:04:f7:e7:b9:f1:9b:e4:34:c4:9c:
9c:92:ed:55:0a:f6:3a:f6:cc:55:a6:99:78:e8:b7:
ae:35:4b:a4:3a:0a:28:6f:40:09:d6:92:3d:28:ed:
92:f1:00:ff:ef:06:4e:29:c6:8e:3e:d7:5e:f4:b6:
6c:f8:67:04:3e:cf:63:74:fb:2d:78:f6:e5:c0:30:
31:17:b7:24:61:4e:08:4f:e3:2a:4b:97:d0:0d:88:
b0:4c:83:83:60:19:51:8c:c4:2e:55:d9:ff:d7:a2:
e0:58:f3:b8:a1:b9:de:b6:42:8b:75:68:b0:35:ce:
1b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:8E:A6:3B:A5:0D:F7:CA:DD:D7:41:9C:ED:E9:93:67:BD:98:85:88
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/131D0A28F42611EFA4D01690762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.243.0/24
Signature Algorithm: sha256WithRSAEncryption
88:07:9a:c4:c0:49:9e:f9:b6:dd:33:0a:0a:00:38:7b:44:d1:
bf:37:d8:03:6e:f8:aa:17:98:4c:69:45:b8:5e:56:b9:b1:fc:
1d:46:1a:a5:0c:b2:b7:b5:0d:67:e0:4b:55:3c:29:80:2a:3c:
2f:24:15:e0:65:2b:7f:dc:af:d9:79:2b:6e:c5:44:b2:b2:95:
cb:a2:14:8e:51:f9:06:75:d3:50:8d:61:57:c5:39:c1:c6:63:
78:1f:75:bb:7e:67:4b:eb:ce:6e:eb:65:f9:19:66:b1:5b:24:
2c:bc:68:61:1d:56:e8:67:ee:56:d5:b8:24:e0:07:8f:5d:3c:
ea:d6:a2:23:9c:fa:a6:a0:80:c8:8e:37:26:29:71:fc:2d:0f:
12:e8:b1:c9:a6:4a:fe:3b:f1:12:05:ef:c8:96:11:82:38:8c:
73:fe:b2:36:34:4e:ce:9c:77:e0:1e:a8:54:34:38:be:3b:2f:
03:4d:98:ed:fb:64:c0:68:76:94:9f:58:1e:70:b5:2d:0b:e0:
4b:7a:b4:af:ce:6e:25:ee:41:a1:92:28:71:e4:6b:e9:9c:d4:
b2:cd:dd:fd:94:72:f5:33:6f:cf:87:c1:fc:5f:99:2e:33:fc:
9b:03:33:5c:b2:20:fa:27:aa:d3:b5:57:73:f4:90:ad:53:b2:
99:8d:c3:ba
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWHzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDk0MzAwWhcNMjYwMjE5MDk0MzAwWjAYMRYw
FAYDVQQDEw02N2JlZTIyOC0zNjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Un/SGs/3QbeMZmRz1Z/O9bwvOwz/oRQuGKOe90qNZxsVcKLK04BoOXt
mLyoX0BUV7f3Gv0rwRZq6vpBGPyV/X2VUtXZJFR3dBp30Thws4TwibBqw+V5mg5e
CT3/3CwqyQf0v3D+xf3/g6yJ9el2otYLNNkD0YGl5UXRLT3+3nn6WMtZVEaCX0f6
XQT357nxm+Q0xJycku1VCvY69sxVppl46LeuNUukOgoob0AJ1pI9KO2S8QD/7wZO
KcaOPtde9LZs+GcEPs9jdPstePblwDAxF7ckYU4IT+MqS5fQDYiwTIODYBlRjMQu
Vdn/16LgWPO4obnetkKLdWiwNc4blQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFK+O
pjulDffK3ddBnO3pk2e9mIWIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xMzFEMEEyOEY0MjYxMUVGQTREMDE2OTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjzMA0GCSqGSIb3DQEB
CwUAA4IBAQCIB5rEwEme+bbdMwoKADh7RNG/N9gDbviqF5hMaUW4Xla5sfwdRhql
DLK3tQ1n4EtVPCmAKjwvJBXgZSt/3K/ZeStuxUSyspXLohSOUfkGddNQjWFXxTnB
xmN4H3W7fmdL685u62X5GWaxWyQsvGhhHVboZ+5W1bgk4AePXTzq1qIjnPqmoIDI
jjcmKXH8LQ8S6LHJpkr+O/ESBe/IlhGCOIxz/rI2NE7OnHfgHqhUNDi+Oy8DTZjt
+2TAaHaUn1gecLUtC+BLerSvzm4l7kGhkihx5GvpnNSyzd39lHL1M2/Ph8H8X5ku
M/ybAzNcsiD6J6rTtVdz9JCtU7KZjcO6
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:40 2025 by rpki-client