Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5116FE92C0C811EF8E0AAD6E762E951A.roa
File: 5116FE92C0C811EF8E0AAD6E762E951A.roa (raw, json)
Hash identifier: RsGZ+jjXpuR+AhRinOUP/5OxEcGnQdBq3cOFLlgP4AM=
Subject key identifier: CE:19:56:78:AE:65:C8:A4:F2:23:F0:2A:37:C6:D5:BC:9C:32:AE:C3
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 011DD4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5116FE92C0C811EF8E0AAD6E762E951A.roa
Signing time: Mon 23 Dec 2024 00:53:26 +0000
ROA not before: Mon 23 Dec 2024 00:00:22 +0000
ROA not after: Wed 10 Dec 2025 00:00:22 +0000
asID: 984
IP address blocks: 154.82.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73172 (0x11dd4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 23 00:00:22 2024 GMT
Not After : Dec 10 00:00:22 2025 GMT
Subject: CN=6768b486-b1bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cd:45:24:aa:7f:a1:42:c2:3f:76:81:54:97:
69:5d:33:dc:0c:34:74:cf:51:03:6c:5f:d8:3a:2a:
84:bb:cf:bd:00:a1:1f:3a:33:c2:68:43:08:94:9a:
98:7b:d0:d5:25:10:d6:a6:73:67:08:82:aa:5b:63:
a9:34:d0:cf:a4:a8:0f:ee:7f:bf:f5:aa:e5:3b:b0:
c5:19:b5:d7:3b:9b:c9:b4:4c:97:56:5b:cc:11:1c:
c6:24:05:9e:62:7e:bd:25:2f:56:e7:8d:d3:ba:28:
07:18:d6:77:cd:0c:5c:6f:fa:b3:16:bd:95:ee:7c:
21:33:1b:dd:e8:21:e1:c9:48:87:67:b2:03:61:82:
fc:f7:bd:53:ba:c1:97:31:72:3d:f4:4c:53:8b:fd:
8b:c6:d0:16:3b:b4:21:00:30:05:d2:c8:a8:61:0a:
c5:5e:7d:0d:46:ae:42:c5:81:8a:ed:9b:98:8d:31:
aa:d4:d8:e5:88:a7:41:14:d0:16:d4:bc:93:85:4f:
93:be:69:6e:2e:89:85:fc:cd:3a:69:f8:33:fb:5a:
3f:aa:be:ea:48:b5:3f:ee:67:f4:a3:56:d6:8c:cc:
71:ca:d1:1f:8c:87:1b:c6:e7:53:fa:4b:88:1d:d4:
14:dc:2c:54:4c:26:0b:6a:0c:bc:68:6e:01:1b:71:
c5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:19:56:78:AE:65:C8:A4:F2:23:F0:2A:37:C6:D5:BC:9C:32:AE:C3
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5116FE92C0C811EF8E0AAD6E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.221.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:ca:30:99:ad:3b:a1:f5:f7:cf:b5:bc:1e:7a:a6:29:67:18:
e4:32:7e:3f:8e:05:81:6a:19:dd:f8:d5:62:25:c5:46:2d:0a:
6f:bc:1e:da:4a:e7:cc:c1:67:2c:24:d4:cc:3c:52:bc:a1:c1:
e7:4f:be:da:a8:ed:af:68:2f:75:97:b1:48:63:fb:9c:c0:6d:
34:df:04:64:65:d3:24:43:ea:b6:9d:d7:f1:d9:65:8c:57:c9:
80:da:e1:97:c5:62:1c:03:0c:0d:8a:0a:8c:be:70:d4:9c:c4:
af:4f:bd:b2:41:a5:46:02:2a:67:69:59:e1:2b:d2:fc:80:a6:
75:0c:b1:63:bb:90:90:0b:dc:51:bc:fa:e0:b9:1c:f2:4a:33:
39:c4:95:fd:ba:b3:2f:37:42:13:46:53:56:40:75:cd:71:52:
52:bc:4e:eb:51:fa:53:3f:d1:64:51:c1:aa:a4:ca:7a:dd:3e:
65:86:11:0b:ce:3e:6c:44:58:75:18:6c:d1:30:f9:79:cb:b6:
2f:a0:00:9b:1d:ff:5e:a5:2c:f6:8d:20:13:65:c5:c4:1a:d5:
6d:e2:73:d0:4d:08:f9:b8:77:35:7a:09:06:9e:42:d2:f2:56:
33:69:c7:b6:2d:6b:8d:3c:35:91:7f:4b:32:d6:c1:24:17:57:
a3:ba:7f:40
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAR3UMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjIzMDAwMDIyWhcNMjUxMjEwMDAwMDIyWjAYMRYw
FAYDVQQDEw02NzY4YjQ4Ni1iMWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAws1FJKp/oULCP3aBVJdpXTPcDDR0z1EDbF/YOiqEu8+9AKEfOjPCaEMI
lJqYe9DVJRDWpnNnCIKqW2OpNNDPpKgP7n+/9arlO7DFGbXXO5vJtEyXVlvMERzG
JAWeYn69JS9W543TuigHGNZ3zQxcb/qzFr2V7nwhMxvd6CHhyUiHZ7IDYYL8971T
usGXMXI99ExTi/2LxtAWO7QhADAF0sioYQrFXn0NRq5CxYGK7ZuYjTGq1NjliKdB
FNAW1LyThU+TvmluLomF/M06afgz+1o/qr7qSLU/7mf0o1bWjMxxytEfjIcbxudT
+kuIHdQU3CxUTCYLagy8aG4BG3HFwwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM4Z
VniuZcik8iPwKjfG1bycMq7DMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MTE2RkU5MkMwQzgxMUVGOEUwQUFENkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLdMA0GCSqGSIb3DQEB
CwUAA4IBAQC8yjCZrTuh9ffPtbweeqYpZxjkMn4/jgWBahnd+NViJcVGLQpvvB7a
SufMwWcsJNTMPFK8ocHnT77aqO2vaC91l7FIY/ucwG003wRkZdMkQ+q2ndfx2WWM
V8mA2uGXxWIcAwwNigqMvnDUnMSvT72yQaVGAipnaVnhK9L8gKZ1DLFju5CQC9xR
vPrguRzySjM5xJX9urMvN0ITRlNWQHXNcVJSvE7rUfpTP9FkUcGqpMp63T5lhhEL
zj5sRFh1GGzRMPl5y7YvoACbHf9epSz2jSATZcXEGtVt4nPQTQj5uHc1egkGnkLS
8lYzace2LWuNPDWRf0sy1sEkF1ejun9A
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:58:59 2025 by rpki-client