Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4EC83F04C27411EFAB4922AA762E951A.roa
File: 4EC83F04C27411EFAB4922AA762E951A.roa (raw, json)
Hash identifier: akoeZdnyMh6Jq1NmgmGOFQFWYo4dNcvBmPmrMDNCN/g=
Subject key identifier: 9A:91:12:25:DC:1C:CA:72:2C:B7:93:B3:C9:3F:88:22:81:72:32:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012488
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4EC83F04C27411EFAB4922AA762E951A.roa
Signing time: Wed 25 Dec 2024 03:57:06 +0000
ROA not before: Wed 25 Dec 2024 03:57:03 +0000
ROA not after: Wed 10 Dec 2025 03:57:03 +0000
asID: 984
IP address blocks: 154.211.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 12:38:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74888 (0x12488)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 03:57:03 2024 GMT
Not After : Dec 10 03:57:03 2025 GMT
Subject: CN=676b8292-f075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b3:74:45:56:ef:25:fe:cf:b4:85:50:4d:81:
cb:56:51:c7:bc:e6:a7:05:a2:f0:fc:93:3a:5c:72:
25:a0:07:82:f7:ec:79:12:07:76:7b:14:84:4f:89:
77:ce:17:a6:4e:04:55:cc:45:7c:bf:77:c0:06:74:
a6:92:8c:78:0e:70:a0:3a:17:90:85:e1:b6:29:b3:
9c:bf:32:23:b1:49:ff:07:d2:d0:c2:7d:92:2d:90:
fc:14:b7:59:8a:7d:46:7f:ef:e5:9f:77:c5:cf:84:
60:df:ea:bc:b6:36:5a:ed:57:f5:49:eb:49:c1:b5:
11:b9:3d:f5:b8:de:3b:61:09:86:74:27:50:58:71:
84:65:2d:24:fb:bd:40:39:3c:81:b1:09:a0:49:70:
38:4b:20:36:83:2b:2d:26:db:3c:73:9f:20:29:68:
4c:54:4f:f3:fd:14:3b:78:ea:c7:35:d9:04:8f:d9:
f2:61:b8:78:8f:bf:16:64:f7:34:e6:19:e6:c4:00:
49:bd:43:09:76:3a:5b:59:4f:94:b9:cf:ca:f1:f2:
5a:3b:9b:d0:9a:4c:af:ee:1e:72:8e:a5:01:23:93:
fa:8e:07:66:13:e9:26:4b:96:4e:6b:d7:9e:90:5f:
d6:03:e8:f8:d6:e7:a1:c7:41:3e:12:23:09:57:67:
66:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:91:12:25:DC:1C:CA:72:2C:B7:93:B3:C9:3F:88:22:81:72:32:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/4EC83F04C27411EFAB4922AA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.225.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:c8:cb:dd:e0:f2:8d:78:f3:69:6e:8a:3a:2b:7b:65:bc:6e:
dd:1e:24:47:8d:dd:0d:0c:e0:07:a6:8a:53:65:63:c7:1b:0b:
34:db:27:32:53:02:2c:d5:50:b5:69:62:4c:12:48:2e:ed:ac:
1a:6c:de:05:ec:86:a3:88:3b:0f:75:79:90:f4:0f:7c:80:ea:
fc:c3:f1:7d:b0:7e:69:f4:e3:75:14:99:ed:34:05:6a:cf:e7:
d9:3f:c0:48:d7:33:26:d7:4d:b5:58:a6:f3:91:cc:1e:1e:f5:
92:2d:26:3d:2d:8e:33:8f:df:80:75:81:ac:aa:0f:73:ca:75:
01:dc:82:f2:ab:79:5c:b6:1a:4f:34:ba:f3:fd:b6:70:bf:22:
3c:5a:65:9f:05:6a:7e:56:ae:99:c4:25:4b:63:f7:27:4a:89:
68:05:85:66:f5:e3:fc:fd:9c:9f:44:60:88:5e:e9:40:fa:25:
40:7a:86:72:34:39:34:49:ba:d2:49:03:ef:de:cc:9a:a2:7a:
96:95:b3:63:d3:9c:db:b1:40:eb:7b:49:3f:ba:a5:09:00:ff:
3f:fb:72:5d:72:7a:5c:f1:0a:78:25:37:bc:6c:ab:3f:2b:e4:
ba:fa:cd:78:91:da:73:58:5e:d3:74:ea:08:49:56:a4:e7:3a:
ec:f6:54:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASSIMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDM1NzAzWhcNMjUxMjEwMDM1NzAzWjAYMRYw
FAYDVQQDEw02NzZiODI5Mi1mMDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuLN0RVbvJf7PtIVQTYHLVlHHvOanBaLw/JM6XHIloAeC9+x5Egd2exSE
T4l3zhemTgRVzEV8v3fABnSmkox4DnCgOheQheG2KbOcvzIjsUn/B9LQwn2SLZD8
FLdZin1Gf+/ln3fFz4Rg3+q8tjZa7Vf1SetJwbURuT31uN47YQmGdCdQWHGEZS0k
+71AOTyBsQmgSXA4SyA2gystJts8c58gKWhMVE/z/RQ7eOrHNdkEj9nyYbh4j78W
ZPc05hnmxABJvUMJdjpbWU+Uuc/K8fJaO5vQmkyv7h5yjqUBI5P6jgdmE+kmS5ZO
a9eekF/WA+j41uehx0E+EiMJV2dmqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJqR
EiXcHMpyLLeTs8k/iCKBcjKtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC80RUM4M0YwNEMyNzQxMUVGQUI0OTIyQUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtPhMA0GCSqGSIb3DQEB
CwUAA4IBAQBfyMvd4PKNePNpboo6K3tlvG7dHiRHjd0NDOAHpopTZWPHGws02ycy
UwIs1VC1aWJMEkgu7awabN4F7IajiDsPdXmQ9A98gOr8w/F9sH5p9ON1FJntNAVq
z+fZP8BI1zMm1021WKbzkcweHvWSLSY9LY4zj9+AdYGsqg9zynUB3ILyq3lcthpP
NLrz/bZwvyI8WmWfBWp+Vq6ZxCVLY/cnSoloBYVm9eP8/ZyfRGCIXulA+iVAeoZy
NDk0SbrSSQPv3syaonqWlbNj05zbsUDre0k/uqUJAP8/+3Jdcnpc8Qp4JTe8bKs/
K+S6+s14kdpzWF7TdOoISVak5zrs9lQG
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:08 2025 by rpki-client