Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1496A3CAAB3611EF8F9A2BAF762E951A.roa
File: 1496A3CAAB3611EF8F9A2BAF762E951A.roa (raw, json)
Hash identifier: Va+VYASqImJmQJ+neZBm+M5W+99iT4ji9Ew4NC536fg=
Subject key identifier: A7:99:F1:D5:E6:B3:C5:7E:DA:7A:DA:BB:E0:1A:65:8B:8A:49:83:FB
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011360
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1496A3CAAB3611EF8F9A2BAF762E951A.roa
Signing time: Mon 25 Nov 2024 14:03:43 +0000
ROA not before: Mon 25 Nov 2024 14:03:40 +0000
ROA not after: Wed 07 Jan 2026 14:03:40 +0000
asID: 139057
IP address blocks: 154.85.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:05:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70496 (0x11360)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Nov 25 14:03:40 2024 GMT
Not After : Jan 7 14:03:40 2026 GMT
Subject: CN=674483bf-f91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:cb:0f:b1:bd:f4:ae:e0:5e:90:50:ff:69:
da:d6:f8:5f:da:7e:73:32:08:36:26:5c:f0:8c:c4:
c9:3c:ec:89:e2:da:ad:14:27:53:ba:00:a7:91:0c:
10:f8:cf:76:79:6a:b8:dd:4a:46:7c:32:2c:c1:e4:
28:14:d0:d7:22:01:bf:80:43:e5:03:be:41:28:14:
8b:de:46:17:a5:44:12:91:67:58:ec:d3:fe:1d:ef:
0e:bc:92:94:dc:6a:d6:7d:a6:6e:af:64:b5:e2:ab:
fa:d3:7b:e7:96:c0:a3:dd:0f:aa:e2:d9:70:8e:43:
53:2d:04:9f:80:99:bf:a9:16:85:f2:9f:02:fc:97:
f9:77:aa:32:b4:dd:c6:8b:09:d9:16:a8:87:63:42:
bb:85:64:d5:9b:ef:45:25:8c:87:6b:3e:42:04:fb:
a5:0c:5f:02:94:87:15:aa:d2:18:5b:65:1c:01:fe:
d5:90:fb:60:b3:98:31:28:44:ce:d7:a1:4f:eb:0f:
88:4b:6f:64:0a:17:73:76:12:fd:04:92:ac:05:6e:
aa:db:64:bc:e1:a3:99:88:a3:67:61:cc:26:22:0a:
53:76:77:1e:a7:cb:34:f6:a6:cc:a4:3e:5c:41:c3:
72:ae:f9:fc:f9:06:de:46:6d:b1:92:87:fc:92:37:
c9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:99:F1:D5:E6:B3:C5:7E:DA:7A:DA:BB:E0:1A:65:8B:8A:49:83:FB
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1496A3CAAB3611EF8F9A2BAF762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.85.83.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:e0:8f:b2:c2:1c:d2:26:3a:17:fd:93:89:a2:82:66:ec:00:
a8:60:48:9d:24:1b:39:ad:79:2e:1c:d4:a0:74:2d:73:f5:e7:
2f:f2:0c:e9:c7:5c:73:1b:c8:87:9c:5c:23:35:d5:3c:96:52:
99:6f:51:d6:89:62:ab:8e:e3:65:74:11:60:45:be:ab:db:62:
8a:da:7c:2c:b4:c4:f7:48:92:ed:8a:7c:36:17:d7:e5:b3:de:
d9:76:1a:b7:95:aa:8e:b6:11:0b:36:0e:af:a0:99:99:80:73:
88:2b:8c:f6:e0:20:5d:b5:ca:bb:5e:17:1a:b2:12:06:64:eb:
32:c3:5a:74:71:22:20:f4:24:b9:22:fc:dd:a2:26:83:b3:55:
96:ec:10:47:b0:a0:42:f9:00:23:e5:4d:cd:53:2c:86:b1:4d:
10:41:a4:5b:f0:b3:dc:64:ad:05:ec:2c:26:2f:ad:8f:ef:8e:
3b:08:43:51:7b:8b:5e:e9:82:53:e5:1d:81:cb:76:1b:fd:25:
3c:d8:21:fe:be:57:94:e6:42:b4:b8:8c:5d:ea:d8:f9:87:51:
d4:32:6c:e5:18:a5:41:2c:05:28:4c:7f:56:5d:cf:8b:fd:24:
f7:bc:fb:5b:91:88:74:25:64:43:07:b1:81:8a:4c:70:70:95:
e5:03:ce:a9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDARNgMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMTI1MTQwMzQwWhcNMjYwMTA3MTQwMzQwWjAYMRYw
FAYDVQQDEw02NzQ0ODNiZi1mOTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuuTLD7G99K7gXpBQ/2na1vhf2n5zMgg2JlzwjMTJPOyJ4tqtFCdTugCn
kQwQ+M92eWq43UpGfDIsweQoFNDXIgG/gEPlA75BKBSL3kYXpUQSkWdY7NP+He8O
vJKU3GrWfaZur2S14qv603vnlsCj3Q+q4tlwjkNTLQSfgJm/qRaF8p8C/Jf5d6oy
tN3GiwnZFqiHY0K7hWTVm+9FJYyHaz5CBPulDF8ClIcVqtIYW2UcAf7VkPtgs5gx
KETO16FP6w+IS29kChdzdhL9BJKsBW6q22S84aOZiKNnYcwmIgpTdncep8s09qbM
pD5cQcNyrvn8+QbeRm2xkof8kjfJlQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKeZ
8dXms8V+2nrau+AaZYuKSYP7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xNDk2QTNDQUFCMzYxMUVGOEY5QTJCQUY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlVTMA0GCSqGSIb3DQEB
CwUAA4IBAQCy4I+ywhzSJjoX/ZOJooJm7ACoYEidJBs5rXkuHNSgdC1z9ecv8gzp
x1xzG8iHnFwjNdU8llKZb1HWiWKrjuNldBFgRb6r22KK2nwstMT3SJLtinw2F9fl
s97Zdhq3laqOthELNg6voJmZgHOIK4z24CBdtcq7XhcashIGZOsyw1p0cSIg9CS5
IvzdoiaDs1WW7BBHsKBC+QAj5U3NUyyGsU0QQaRb8LPcZK0F7CwmL62P7447CENR
e4te6YJT5R2By3Yb/SU82CH+vleU5kK0uIxd6tj5h1HUMmzlGKVBLAUoTH9WXc+L
/ST3vPtbkYh0JWRDB7GBikxwcJXlA86p
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:00:22 2025 by rpki-client