Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/527DD0B0F43C11EFBE91CCAB762E951A.roa
File: 527DD0B0F43C11EFBE91CCAB762E951A.roa (raw, json)
Hash identifier: MZ4LQVV2vR/5Uc8J0YO9gLfjilgKX4geX4Lvzr6nPhI=
Subject key identifier: CE:30:53:64:85:CF:5A:66:0D:21:2A:E3:E6:D2:CA:E7:0D:F4:D5:AD
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016311
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/527DD0B0F43C11EFBE91CCAB762E951A.roa
Signing time: Wed 26 Feb 2025 12:22:19 +0000
ROA not before: Wed 26 Feb 2025 12:22:14 +0000
ROA not after: Thu 19 Feb 2026 12:22:14 +0000
asID: 984
IP address blocks: 154.208.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 09 Apr 2025 17:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90897 (0x16311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 12:22:14 2025 GMT
Not After : Feb 19 12:22:14 2026 GMT
Subject: CN=67bf077b-dcb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:4f:20:f7:d9:14:eb:03:5f:fa:d7:17:e7:
1d:b5:ba:11:c8:2a:16:6e:ee:91:48:ce:51:cf:6d:
9e:65:3c:c5:8f:01:19:43:12:10:5a:52:44:1e:07:
7d:f8:a6:ed:0d:9a:67:68:d7:57:ea:2f:6a:67:33:
44:d7:10:85:18:2b:f4:86:74:e5:55:e2:f2:35:73:
61:46:9f:7b:75:d8:e4:1b:78:b4:c3:75:80:f8:e7:
b9:8c:f5:f3:34:ae:cb:58:6b:90:f7:2d:f7:55:20:
b6:71:5e:03:94:06:2a:7b:70:b1:b8:b4:ef:11:84:
8b:d1:f6:5f:8d:7f:93:a1:40:45:18:8c:68:56:88:
fc:f8:51:2d:d9:64:55:f0:99:10:10:2e:8b:88:5a:
38:92:66:d1:48:7b:13:42:a1:e9:22:97:12:e0:95:
15:5a:bd:d4:f4:9e:62:b9:c9:c2:31:e4:aa:ef:aa:
9b:3e:fb:30:e6:2f:54:63:c9:a3:2c:8a:23:5f:79:
2d:29:3b:d8:ff:39:e5:8a:ca:9f:17:b9:5f:77:2f:
40:99:f2:21:b8:72:9f:20:09:3d:2f:07:0b:5c:ec:
c2:f0:ce:01:a0:d9:36:9e:aa:20:a0:bc:6c:15:05:
4c:f0:44:50:92:4c:eb:92:7b:28:23:87:e1:bc:7e:
29:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:30:53:64:85:CF:5A:66:0D:21:2A:E3:E6:D2:CA:E7:0D:F4:D5:AD
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/527DD0B0F43C11EFBE91CCAB762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.118.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:5e:93:03:74:13:07:a9:df:49:76:b6:03:62:35:eb:50:3f:
73:52:7a:e8:7b:64:ed:b0:8a:76:1d:36:66:e4:95:85:e7:24:
b0:af:44:0c:c2:3a:8d:13:61:67:be:f5:ef:f5:3e:aa:17:1c:
f6:48:61:4f:4f:32:b4:72:f0:d0:1b:af:73:58:77:2b:76:60:
0a:0a:72:62:b7:6b:6e:0e:8b:c9:63:d6:8b:30:72:24:ed:74:
21:10:54:70:a6:2d:7a:4d:c0:be:fa:08:3a:ca:1f:bf:8a:94:
89:fa:31:72:89:e6:a4:c0:1b:58:9d:5c:8c:64:0c:42:69:78:
f6:79:20:cd:01:bf:d2:76:cf:bb:cf:6c:cf:d9:bd:d8:bf:90:
41:18:86:d7:01:eb:9f:19:00:25:8b:bd:b4:ee:aa:4f:99:ad:
4a:ab:c6:a0:f5:c5:d7:69:3b:f8:74:7c:48:18:bb:6f:e2:d7:
6f:7c:a5:63:05:09:64:24:6e:1e:f9:f9:67:49:5f:f3:fd:f3:
cd:54:61:58:71:e6:74:dc:c7:4d:99:58:5a:73:41:e4:fd:ed:
1e:1b:45:df:69:d5:1c:57:66:dd:62:d2:95:77:e7:64:16:bb:
cb:ec:f4:e7:d4:c9:cf:5d:80:e1:9b:9f:95:d1:ef:32:79:a1:
4a:00:b3:70
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWMRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTIyMjE0WhcNMjYwMjE5MTIyMjE0WjAYMRYw
FAYDVQQDEw02N2JmMDc3Yi1kY2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsThPIPfZFOsDX/rXF+cdtboRyCoWbu6RSM5Rz22eZTzFjwEZQxIQWlJE
Hgd9+KbtDZpnaNdX6i9qZzNE1xCFGCv0hnTlVeLyNXNhRp97ddjkG3i0w3WA+Oe5
jPXzNK7LWGuQ9y33VSC2cV4DlAYqe3CxuLTvEYSL0fZfjX+ToUBFGIxoVoj8+FEt
2WRV8JkQEC6LiFo4kmbRSHsTQqHpIpcS4JUVWr3U9J5iucnCMeSq76qbPvsw5i9U
Y8mjLIojX3ktKTvY/znlisqfF7lfdy9AmfIhuHKfIAk9LwcLXOzC8M4BoNk2nqog
oLxsFQVM8ERQkkzrknsoI4fhvH4pQQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM4w
U2SFz1pmDSEq4+bSyucN9NWtMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81MjdERDBCMEY0M0MxMUVGQkU5MUNDQUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtB2MA0GCSqGSIb3DQEB
CwUAA4IBAQBaXpMDdBMHqd9JdrYDYjXrUD9zUnroe2TtsIp2HTZm5JWF5ySwr0QM
wjqNE2FnvvXv9T6qFxz2SGFPTzK0cvDQG69zWHcrdmAKCnJit2tuDovJY9aLMHIk
7XQhEFRwpi16TcC++gg6yh+/ipSJ+jFyieakwBtYnVyMZAxCaXj2eSDNAb/Sds+7
z2zP2b3Yv5BBGIbXAeufGQAli7207qpPma1Kq8ag9cXXaTv4dHxIGLtv4tdvfKVj
BQlkJG4e+flnSV/z/fPNVGFYceZ03MdNmVhac0Hk/e0eG0XfadUcV2bdYtKVd+dk
FrvL7PTn1MnPXYDhm5+V0e8yeaFKALNw
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:45:29 2025 by rpki-client