Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A0657BAC62A11EFAED712AD762E951A.roa
File: 1A0657BAC62A11EFAED712AD762E951A.roa (raw, json)
Hash identifier: FP61eqND/brjkDwc8evJY5tFriuiJ3CHY4mFQUyQj8E=
Subject key identifier: 58:56:D8:AD:27:17:F8:27:83:77:76:B3:E2:6F:53:07:3B:2C:69:5D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FB8
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A0657BAC62A11EFAED712AD762E951A.roa
Signing time: Sun 29 Dec 2024 21:16:00 +0000
ROA not before: Sun 29 Dec 2024 21:15:56 +0000
ROA not after: Sun 12 Dec 2027 21:15:56 +0000
asID: 17561
IP address blocks: 154.217.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77752 (0x12fb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 21:15:56 2024 GMT
Not After : Dec 12 21:15:56 2027 GMT
Subject: CN=6771bc10-b98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fc:75:76:e1:61:5a:49:67:4c:c3:f0:4a:e7:
8b:3e:ff:81:02:36:72:8c:51:e0:03:39:b7:7f:48:
1d:41:03:a8:b5:d5:cc:33:2f:73:6c:54:ee:3c:b4:
88:c6:aa:c0:c9:8a:69:62:3e:45:28:42:6a:a8:48:
6e:0a:cd:30:fa:e5:6d:34:9b:b2:b3:83:3c:7c:af:
2b:91:40:8e:fa:a5:04:1f:e0:b0:00:e8:b0:dd:a9:
cf:f4:9a:32:fa:72:a2:77:ff:a1:52:37:59:af:58:
68:33:32:f8:13:6a:eb:e5:98:7b:6e:42:e7:f5:e7:
01:24:f8:e7:ce:98:01:cc:ff:3c:36:7e:f1:4b:62:
54:01:fe:aa:24:49:53:f9:14:0d:7e:38:1a:9b:de:
39:c9:41:b3:20:3b:26:89:fc:bf:9a:e5:28:7f:b4:
96:ed:3b:ba:c7:50:41:16:76:e3:e0:e2:e4:58:8f:
89:93:50:e0:d7:06:58:54:a0:1b:55:21:e9:1d:01:
17:1f:52:d9:aa:78:1b:f1:ef:c6:1d:bd:0c:a0:7f:
10:ca:7c:67:7e:69:96:0e:5a:42:22:51:54:fe:9f:
82:79:d5:c2:73:74:1c:9d:13:ea:59:81:bf:fe:8a:
3d:b0:51:11:41:ff:76:b5:1d:88:0f:11:79:4c:d1:
c3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:56:D8:AD:27:17:F8:27:83:77:76:B3:E2:6F:53:07:3B:2C:69:5D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1A0657BAC62A11EFAED712AD762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.191.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d0:49:99:f4:a6:74:1d:4c:1a:05:d1:00:60:e1:c2:4d:0e:
08:7f:4f:92:41:e0:2c:dc:ab:70:e2:43:86:23:e2:a1:fa:ee:
4b:1e:f9:b3:37:75:6a:ca:b9:a8:c8:ca:83:94:4f:70:59:5f:
22:5d:7c:f0:f4:ec:d5:46:d2:94:78:88:41:7f:88:6d:47:77:
62:60:89:ea:98:bf:6d:3e:1a:34:b1:79:33:8a:b3:43:e5:ba:
73:f1:18:1e:b3:3d:b0:a2:6d:f3:3e:eb:ee:17:b7:25:1a:21:
47:19:13:78:1a:5f:81:7b:b8:bc:a3:d5:77:dd:a3:0e:f9:0c:
bd:53:ef:a9:c6:5e:82:79:d2:f3:1f:c1:9b:39:cf:0a:83:78:
18:4d:ab:1e:16:da:f2:ba:31:43:30:59:8e:71:de:3e:06:c9:
03:82:c6:98:c0:e0:92:a5:65:29:99:c1:f9:19:45:a6:52:3b:
bd:d6:ed:1b:97:78:06:f1:31:e6:79:59:c0:29:62:0c:de:8d:
50:fd:80:78:5b:d3:e9:90:8c:ff:53:a9:bc:35:2b:de:5a:a2:
dd:de:03:5b:29:56:5c:7a:bc:5c:98:ad:2a:6c:35:01:1d:69:
be:fd:dc:99:3a:49:57:ce:54:f4:1b:38:f1:db:e4:1e:fc:c7:
c1:65:91:a4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS+4MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjExNTU2WhcNMjcxMjEyMjExNTU2WjAYMRYw
FAYDVQQDEw02NzcxYmMxMC1iOThiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy/x1duFhWklnTMPwSueLPv+BAjZyjFHgAzm3f0gdQQOotdXMMy9zbFTu
PLSIxqrAyYppYj5FKEJqqEhuCs0w+uVtNJuys4M8fK8rkUCO+qUEH+CwAOiw3anP
9Joy+nKid/+hUjdZr1hoMzL4E2rr5Zh7bkLn9ecBJPjnzpgBzP88Nn7xS2JUAf6q
JElT+RQNfjgam945yUGzIDsmify/muUof7SW7Tu6x1BBFnbj4OLkWI+Jk1Dg1wZY
VKAbVSHpHQEXH1LZqngb8e/GHb0MoH8QynxnfmmWDlpCIlFU/p+CedXCc3QcnRPq
WYG//oo9sFERQf92tR2IDxF5TNHDVwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFhW
2K0nF/gng3d2s+JvUwc7LGldMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQTA2NTdCQUM2MkExMUVGQUVENzEyQUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtm/MA0GCSqGSIb3DQEB
CwUAA4IBAQCK0EmZ9KZ0HUwaBdEAYOHCTQ4If0+SQeAs3Ktw4kOGI+Kh+u5LHvmz
N3VqyrmoyMqDlE9wWV8iXXzw9OzVRtKUeIhBf4htR3diYInqmL9tPho0sXkzirND
5bpz8Rgesz2wom3zPuvuF7clGiFHGRN4Gl+Be7i8o9V33aMO+Qy9U++pxl6CedLz
H8GbOc8Kg3gYTaseFtryujFDMFmOcd4+BskDgsaYwOCSpWUpmcH5GUWmUju91u0b
l3gG8THmeVnAKWIM3o1Q/YB4W9PpkIz/U6m8NSveWqLd3gNbKVZcerxcmK0qbDUB
HWm+/dyZOklXzlT0Gzjx2+Qe/MfBZZGk
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:49:38 2025 by rpki-client