Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1ACFE1720CC311F081B94DBE762E951A.roa
File: 1ACFE1720CC311F081B94DBE762E951A.roa (raw, json)
Hash identifier: pedx8fLiuygImcTxo3dm3czyHPuTnUU0ma7PSmjdpLg=
Subject key identifier: 52:57:79:2D:48:01:0E:2F:F0:2C:68:13:32:7A:07:F7:6C:A8:94:24
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0176CC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1ACFE1720CC311F081B94DBE762E951A.roa
Signing time: Sat 29 Mar 2025 17:27:36 +0000
ROA not before: Sat 29 Mar 2025 17:27:32 +0000
ROA not after: Mon 05 May 2025 17:27:32 +0000
asID: 54600
IP address blocks: 154.202.144.0/20 maxlen: 24
154.202.192.0/19 maxlen: 24
154.202.224.0/20 maxlen: 24
154.202.240.0/20 maxlen: 24
154.207.208.0/21 maxlen: 24
154.219.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95948 (0x176cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 29 17:27:32 2025 GMT
Not After : May 5 17:27:32 2025 GMT
Subject: CN=67e82d88-cce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:09:71:55:ab:cd:69:12:ab:0e:1f:9e:d7:bd:
03:df:f2:b4:b9:cc:a1:d9:11:7c:e7:8e:03:6c:5f:
62:ef:c9:de:7e:03:3b:9c:8a:cf:55:c7:60:35:be:
c8:a1:20:7c:9a:05:1a:34:56:0f:16:91:27:0a:a5:
b1:31:d6:3c:e8:91:39:5b:23:20:40:d3:5d:36:30:
87:a1:1c:12:20:d1:f7:88:67:34:ee:bb:95:70:a6:
71:4a:ab:fa:5f:5f:ce:72:24:85:11:48:37:3f:0e:
d7:12:28:0b:54:c9:b1:9a:13:dd:f0:db:0d:54:72:
6e:f7:b9:af:ca:c0:64:a0:e1:e7:91:35:1d:e9:75:
10:dd:ea:24:77:3c:5b:9d:d0:f2:a4:50:45:b7:fd:
6b:cd:13:7a:d5:d2:ab:9f:27:ae:8b:48:67:70:98:
48:84:ca:f1:42:15:dc:fe:af:f1:dc:3a:bb:7b:b7:
61:90:8a:86:52:5d:c3:30:39:fd:33:9a:d5:3e:ae:
bb:46:48:3c:b7:d0:5a:e9:74:49:42:7f:b5:36:bf:
7b:b5:ad:fb:97:1d:bd:f3:13:e7:ea:9c:de:90:a0:
3d:80:ef:7e:aa:96:e7:55:43:83:f2:b3:dc:eb:2a:
36:86:3a:15:54:0b:0a:3f:d0:f7:fc:84:dd:3c:fd:
78:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:57:79:2D:48:01:0E:2F:F0:2C:68:13:32:7A:07:F7:6C:A8:94:24
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1ACFE1720CC311F081B94DBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.144.0/20
154.202.192.0/18
154.207.208.0/21
154.219.32.0/19
Signature Algorithm: sha256WithRSAEncryption
7e:45:7a:dc:0e:c2:28:91:63:04:10:55:b8:55:f8:07:d2:a4:
be:2d:0f:3b:21:72:76:0b:15:ca:5d:8b:30:a2:d7:7d:b5:fb:
7f:8f:2b:62:15:a8:52:1f:f5:77:6b:14:c7:9a:ae:2f:51:c8:
65:f3:b3:45:41:3e:db:7f:a8:d6:ab:6e:cc:dd:b6:16:a9:04:
cc:31:e4:a5:35:f4:59:ab:dc:67:83:a8:45:3f:3c:f5:24:c4:
61:3f:1f:5a:a4:12:3b:5f:b0:75:62:69:ca:9f:5f:ab:f3:f8:
9e:03:48:6a:6c:e8:fd:f9:a9:0b:ca:64:b1:b5:3b:b5:e1:cc:
12:fc:e7:e8:0d:ea:9e:03:b2:03:99:ac:08:29:7e:5a:d6:c9:
a5:4e:f1:51:73:98:d7:cb:8e:1d:d3:cf:5f:bf:bb:e9:c1:3e:
7c:ae:65:53:13:56:5c:3a:61:be:85:25:1c:71:50:5c:27:4a:
ee:d2:d2:49:a7:d4:7c:5c:53:d8:86:15:9b:b0:04:7f:57:bb:
b5:e1:be:28:7f:97:83:c6:e6:61:de:de:55:c8:c2:c9:93:69:
aa:26:16:87:9e:ed:65:3f:a0:25:55:b3:7f:bf:fe:0b:44:e0:
d8:62:11:c7:d2:0e:81:b3:5b:fe:51:b2:e6:f8:1b:a9:41:b3:
c9:27:11:f7
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAXbMMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI5MTcyNzMyWhcNMjUwNTA1MTcyNzMyWjAYMRYw
FAYDVQQDEw02N2U4MmQ4OC1jY2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAtwlxVavNaRKrDh+e170D3/K0ucyh2RF8544DbF9i78nefgM7nIrPVcdg
Nb7IoSB8mgUaNFYPFpEnCqWxMdY86JE5WyMgQNNdNjCHoRwSINH3iGc07ruVcKZx
Sqv6X1/OciSFEUg3Pw7XEigLVMmxmhPd8NsNVHJu97mvysBkoOHnkTUd6XUQ3eok
dzxbndDypFBFt/1rzRN61dKrnyeui0hncJhIhMrxQhXc/q/x3Dq7e7dhkIqGUl3D
MDn9M5rVPq67Rkg8t9Ba6XRJQn+1Nr97ta37lx298xPn6pzekKA9gO9+qpbnVUOD
8rPc6yo2hjoVVAsKP9D3/ITdPP14EwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFFJX
eS1IAQ4v8CxoEzJ6B/dsqJQkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQUNGRTE3MjBDQzMxMUYwODFCOTREQkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEmsqQAwQGmsrAAwQDms/Q
AwQFmtsgMA0GCSqGSIb3DQEBCwUAA4IBAQB+RXrcDsIokWMEEFW4VfgH0qS+LQ87
IXJ2CxXKXYswotd9tft/jytiFahSH/V3axTHmq4vUchl87NFQT7bf6jWq27M3bYW
qQTMMeSlNfRZq9xng6hFPzz1JMRhPx9apBI7X7B1YmnKn1+r8/ieA0hqbOj9+akL
ymSxtTu14cwS/OfoDeqeA7IDmawIKX5a1smlTvFRc5jXy44d089fv7vpwT58rmVT
E1ZcOmG+hSUccVBcJ0ru0tJJp9R8XFPYhhWbsAR/V7u14b4of5eDxuZh3t5VyMLJ
k2mqJhaHnu1lP6AlVbN/v/4LRODYYhHH0g6Bs1v+UbLm+BupQbPJJxH3
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:46 2025 by rpki-client