Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39DD0F98C26F11EFA7CBDC8A762E951A.roa
File: 39DD0F98C26F11EFA7CBDC8A762E951A.roa (raw, json)
Hash identifier: 4qC4jorMiaMUGY/wWMCTddJNDYLukzEo/aUagD58HiY=
Subject key identifier: 36:8A:8E:DB:AE:81:61:30:33:A2:FD:2D:2A:67:37:09:55:DA:FA:AC
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012450
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39DD0F98C26F11EFA7CBDC8A762E951A.roa
Signing time: Wed 25 Dec 2024 03:20:44 +0000
ROA not before: Wed 25 Dec 2024 03:20:41 +0000
ROA not after: Wed 10 Dec 2025 03:20:41 +0000
asID: 984
IP address blocks: 154.211.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74832 (0x12450)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 03:20:41 2024 GMT
Not After : Dec 10 03:20:41 2025 GMT
Subject: CN=676b7a0c-46e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:60:21:b9:ce:97:d0:7a:8c:a2:d6:27:f5:
1f:fe:5a:31:0c:9a:1c:e3:1e:e9:c2:05:8a:08:0c:
76:8e:ef:d2:7e:2a:64:df:b5:0f:34:40:2b:fb:64:
47:ad:52:dc:f1:bf:d4:1f:71:a0:c0:ef:a7:54:f9:
68:2e:0e:16:a4:fb:e6:2f:3f:fb:b5:fc:ef:26:b3:
ba:d0:b5:99:9e:47:2e:91:3c:c5:00:a2:f8:e0:9a:
c0:60:be:9c:a1:95:ad:80:53:89:8a:1e:41:0b:eb:
c1:9c:49:d6:62:6d:df:5e:08:23:51:f7:fc:fd:8e:
4a:c9:14:4a:43:ca:39:c2:09:0a:b6:4d:5a:ac:29:
02:cb:5d:ec:0b:d6:f6:2c:03:51:dd:7d:d4:f3:e5:
83:93:49:71:1c:6a:82:7f:d9:67:02:ff:4d:54:19:
c4:96:b3:df:79:ff:c2:57:93:f0:c1:0f:9a:08:37:
12:dc:c5:1e:1e:bc:a6:43:13:dc:f6:35:24:6f:5c:
45:13:9f:a6:2f:79:a3:f5:f7:6a:52:05:65:99:e3:
49:49:bc:8b:59:6d:6e:79:63:95:e8:4c:e4:ae:7c:
a4:f4:34:3c:b7:f2:ad:8e:d2:1a:18:8c:e1:13:60:
da:14:d7:db:73:41:39:2d:e8:96:08:8a:7d:34:34:
8f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:8A:8E:DB:AE:81:61:30:33:A2:FD:2D:2A:67:37:09:55:DA:FA:AC
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/39DD0F98C26F11EFA7CBDC8A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.183.0/24
Signature Algorithm: sha256WithRSAEncryption
53:5c:f3:1d:13:3c:d5:fa:e8:a7:53:c8:93:a9:01:07:5b:c8:
84:d2:93:bd:73:e5:f3:31:54:da:57:37:23:10:ff:35:95:d5:
81:a5:7f:9a:a0:6b:c0:fd:79:ac:40:0e:8d:1c:54:35:af:c7:
d0:92:01:a0:de:96:00:df:47:a8:b4:a4:a1:6c:cd:e1:8f:de:
87:4c:ab:12:b5:73:2d:94:e8:cb:7b:e2:f8:91:b2:47:bc:03:
25:4a:ed:7e:bb:db:0f:96:03:02:47:88:ae:6d:c9:f3:ec:82:
99:46:ca:59:67:2c:73:f3:cb:40:65:09:83:ac:46:58:85:44:
6b:7e:b1:ca:87:7f:2b:64:18:db:50:f9:f3:02:bf:20:79:0a:
a1:ad:74:4d:e7:67:2c:1a:8e:d1:bf:f8:e1:04:ff:0e:f4:67:
d0:43:77:87:47:05:ca:d2:15:e9:a1:ee:0d:3f:af:a2:6c:52:
4e:31:66:71:38:49:80:fb:47:62:da:13:0c:fd:f2:52:39:2a:
b8:a7:1e:2b:7a:fc:98:75:18:df:0d:a1:e0:88:6a:bd:36:8c:
10:c4:61:4b:13:92:b5:fe:84:91:3a:74:6c:e7:d0:1a:6b:59:
59:02:ca:28:74:5e:4b:ac:0b:da:1b:1f:05:99:51:c1:50:a1:
ad:65:db:6a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASRQMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDMyMDQxWhcNMjUxMjEwMDMyMDQxWjAYMRYw
FAYDVQQDEw02NzZiN2EwYy00NmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuoJgIbnOl9B6jKLWJ/Uf/loxDJoc4x7pwgWKCAx2ju/Sfipk37UPNEAr
+2RHrVLc8b/UH3GgwO+nVPloLg4WpPvmLz/7tfzvJrO60LWZnkcukTzFAKL44JrA
YL6coZWtgFOJih5BC+vBnEnWYm3fXggjUff8/Y5KyRRKQ8o5wgkKtk1arCkCy13s
C9b2LANR3X3U8+WDk0lxHGqCf9lnAv9NVBnElrPfef/CV5PwwQ+aCDcS3MUeHrym
QxPc9jUkb1xFE5+mL3mj9fdqUgVlmeNJSbyLWW1ueWOV6Ezkrnyk9DQ8t/KtjtIa
GIzhE2DaFNfbc0E5LeiWCIp9NDSPrQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDaK
jtuugWEwM6L9LSpnNwlV2vqsMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOUREMEY5OEMyNkYxMUVGQTdDQkRDOEE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtO3MA0GCSqGSIb3DQEB
CwUAA4IBAQBTXPMdEzzV+uinU8iTqQEHW8iE0pO9c+XzMVTaVzcjEP81ldWBpX+a
oGvA/XmsQA6NHFQ1r8fQkgGg3pYA30eotKShbM3hj96HTKsStXMtlOjLe+L4kbJH
vAMlSu1+u9sPlgMCR4iubcnz7IKZRspZZyxz88tAZQmDrEZYhURrfrHKh38rZBjb
UPnzAr8geQqhrXRN52csGo7Rv/jhBP8O9GfQQ3eHRwXK0hXpoe4NP6+ibFJOMWZx
OEmA+0di2hMM/fJSOSq4px4revyYdRjfDaHgiGq9NowQxGFLE5K1/oSROnRs59Aa
a1lZAsoodF5LrAvaGx8FmVHBUKGtZdtq
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:53:54 2025 by rpki-client