Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F9FD1A4C51E11EF89123A8E762E951A.roa
File: 1F9FD1A4C51E11EF89123A8E762E951A.roa (raw, json)
Hash identifier: NpZy3pWqhg4BTdEBNXbabgZWsiKbIhbBpuJTsXliZRk=
Subject key identifier: 4C:9D:76:E4:01:3B:37:02:6F:30:25:18:15:84:ED:F7:40:76:1D:B9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012B3D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F9FD1A4C51E11EF89123A8E762E951A.roa
Signing time: Sat 28 Dec 2024 13:17:44 +0000
ROA not before: Sat 28 Dec 2024 13:17:40 +0000
ROA not after: Sun 12 Dec 2027 13:17:40 +0000
asID: 17561
IP address blocks: 154.203.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76605 (0x12b3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 13:17:40 2024 GMT
Not After : Dec 12 13:17:40 2027 GMT
Subject: CN=676ffa78-ff34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:db:bf:c9:1a:ea:46:27:9a:b5:d8:55:15:33:
ee:c8:9d:01:cb:17:1a:f5:b6:cb:21:92:51:0f:f4:
cc:9f:cb:7f:27:58:59:a6:44:f4:0f:ca:b9:34:49:
bc:fc:5d:3a:cb:74:1e:12:d0:6b:e1:c5:6f:fb:1f:
f8:42:63:0f:09:3b:73:1b:4d:3a:31:bd:6e:d9:11:
3c:94:f5:5b:28:e2:93:35:09:54:69:a8:18:af:fa:
79:bf:76:d4:93:df:d8:a0:8a:1c:fc:33:2c:d1:40:
49:df:45:56:0f:75:13:09:5a:e8:9f:f9:77:4e:76:
c2:e4:9b:ac:bb:2c:88:0c:ac:a8:82:f3:59:45:91:
92:72:cd:ab:6d:b3:43:ce:8f:45:05:9b:59:f4:96:
8b:07:3b:81:85:06:1c:5c:26:1f:ee:68:7b:e8:dc:
a8:dd:62:e4:c1:13:ec:92:af:8d:1b:40:e2:2f:79:
4e:fd:10:59:98:f6:dc:24:64:2f:53:cb:df:4e:7f:
22:70:e4:0f:c8:3d:eb:0a:87:c1:85:d1:f9:44:8d:
e5:65:e9:c6:4c:1d:e2:03:8c:7d:c5:9e:97:19:35:
d1:57:f6:ce:0a:21:86:04:db:48:1c:af:cd:22:bb:
80:3d:11:b4:c7:d4:cc:a5:5a:19:68:b2:67:6c:98:
2a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9D:76:E4:01:3B:37:02:6F:30:25:18:15:84:ED:F7:40:76:1D:B9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1F9FD1A4C51E11EF89123A8E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.42.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:cc:3a:64:90:e1:95:45:8a:da:e1:e2:31:f1:be:33:3e:fe:
e8:6a:0f:71:6b:e7:d4:54:f5:d8:12:54:ec:2c:be:3a:9c:e2:
2d:48:75:8c:d5:99:4d:ee:9c:44:20:a1:0c:4e:3d:66:6e:53:
85:55:30:94:a2:90:a2:99:c1:a1:11:d6:bb:13:fc:5d:94:72:
31:cd:7c:f4:43:da:35:5f:b2:40:7c:48:80:7a:05:32:ae:b4:
90:3b:4b:27:50:8b:b7:c3:38:3a:d2:ae:5f:60:85:ce:e4:3f:
34:d6:ff:86:5c:f2:a5:e6:bd:b6:ca:bb:2a:9b:bb:95:81:ea:
7e:bf:16:9d:ac:7f:2a:a5:c7:f7:39:21:fa:cf:96:fc:2e:c3:
c3:07:c9:56:bb:13:32:3c:d1:70:48:54:65:a4:ba:7c:5a:02:
96:50:1c:24:2e:58:9a:fd:53:90:12:86:61:00:6f:db:0b:b1:
1f:13:4a:73:e8:8e:ef:88:9a:d4:0e:a9:c2:98:81:ef:7f:4c:
03:97:e4:c0:c1:37:5d:3e:07:15:ea:e3:80:8b:36:56:e0:7a:
42:e2:4a:b6:16:ac:67:a0:5d:ca:9c:16:16:46:64:2a:19:a4:
ef:48:ed:3d:97:71:84:31:80:cf:56:a4:db:74:cb:c5:db:9f:
1d:c9:a7:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASs9MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTMxNzQwWhcNMjcxMjEyMTMxNzQwWjAYMRYw
FAYDVQQDEw02NzZmZmE3OC1mZjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzdu/yRrqRieatdhVFTPuyJ0Byxca9bbLIZJRD/TMn8t/J1hZpkT0D8q5
NEm8/F06y3QeEtBr4cVv+x/4QmMPCTtzG006Mb1u2RE8lPVbKOKTNQlUaagYr/p5
v3bUk9/YoIoc/DMs0UBJ30VWD3UTCVron/l3TnbC5JusuyyIDKyogvNZRZGScs2r
bbNDzo9FBZtZ9JaLBzuBhQYcXCYf7mh76Nyo3WLkwRPskq+NG0DiL3lO/RBZmPbc
JGQvU8vfTn8icOQPyD3rCofBhdH5RI3lZenGTB3iA4x9xZ6XGTXRV/bOCiGGBNtI
HK/NIruAPRG0x9TMpVoZaLJnbJgqEQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEyd
duQBOzcCbzAlGBWE7fdAdh25MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xRjlGRDFBNEM1MUUxMUVGODkxMjNBOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssqMA0GCSqGSIb3DQEB
CwUAA4IBAQBezDpkkOGVRYra4eIx8b4zPv7oag9xa+fUVPXYElTsLL46nOItSHWM
1ZlN7pxEIKEMTj1mblOFVTCUopCimcGhEda7E/xdlHIxzXz0Q9o1X7JAfEiAegUy
rrSQO0snUIu3wzg60q5fYIXO5D801v+GXPKl5r22yrsqm7uVgep+vxadrH8qpcf3
OSH6z5b8LsPDB8lWuxMyPNFwSFRlpLp8WgKWUBwkLlia/VOQEoZhAG/bC7EfE0pz
6I7viJrUDqnCmIHvf0wDl+TAwTddPgcV6uOAizZW4HpC4kq2FqxnoF3KnBYWRmQq
GaTvSO09l3GEMYDPVqTbdMvF258dyaeH
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:52 2025 by rpki-client