Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59C7320CE60A11EFB7D15A4C762E951A.roa
File: 59C7320CE60A11EFB7D15A4C762E951A.roa (raw, json)
Hash identifier: dznIAoOSr1+Ubq1J9f0CaVdVl2jRSQIkk/5QKG3AXH4=
Subject key identifier: EF:C9:DE:94:F2:20:A8:7A:E9:32:32:8F:4D:70:EB:F4:2B:3C:E1:C2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01542C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59C7320CE60A11EFB7D15A4C762E951A.roa
Signing time: Sat 08 Feb 2025 10:49:20 +0000
ROA not before: Sat 08 Feb 2025 10:49:16 +0000
ROA not after: Tue 27 Jan 2026 10:49:16 +0000
asID: 138456
IP address blocks: 154.194.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87084 (0x1542c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 8 10:49:16 2025 GMT
Not After : Jan 27 10:49:16 2026 GMT
Subject: CN=67a736b0-bf05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:28:a9:7d:a6:18:e3:0c:e4:a6:5e:12:bd:71:
90:11:12:ac:48:48:76:0e:6b:8d:c7:ed:02:e6:85:
c9:8b:4f:26:e8:46:34:18:57:9c:f9:84:33:45:6e:
78:15:6e:99:cf:64:24:cb:0f:0b:af:85:5e:d6:5b:
36:cb:dd:eb:ff:b8:a1:64:cc:af:c3:eb:10:00:27:
ba:21:5f:ed:31:7a:89:2d:82:f8:51:7b:49:7e:3b:
66:33:30:67:8e:cb:1c:5a:d9:81:ab:32:ee:ab:7b:
6b:76:f3:1e:68:75:11:61:0b:90:f0:73:9e:8e:f0:
35:3b:38:91:d8:e7:43:ae:05:24:77:7f:69:86:6a:
ea:98:42:cf:0a:84:75:b5:ad:f9:7a:ff:49:b2:17:
27:cc:63:cf:24:b1:9e:01:94:8f:19:05:aa:cb:e6:
d4:1e:a5:ca:d5:e0:b1:0e:7a:da:90:38:cb:e8:d1:
7e:59:03:59:f0:41:48:d1:dd:98:44:64:95:a8:e6:
e0:14:80:ac:6b:5b:a3:52:59:55:09:f3:67:e0:f6:
60:0a:39:71:8a:02:69:a0:eb:70:f9:a6:81:2d:59:
54:a9:68:97:81:93:7b:97:f2:08:57:eb:3d:60:9e:
56:68:e0:83:b9:49:a4:f7:81:66:1c:d0:bd:a6:91:
60:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:C9:DE:94:F2:20:A8:7A:E9:32:32:8F:4D:70:EB:F4:2B:3C:E1:C2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59C7320CE60A11EFB7D15A4C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.194.42.0/24
Signature Algorithm: sha256WithRSAEncryption
94:e5:94:90:08:30:73:7c:ed:27:43:ff:b5:c1:ee:3d:f4:5f:
09:b4:c3:3d:54:15:f5:4e:84:53:81:3d:7e:a3:3d:b9:e7:8f:
51:67:b5:9b:7a:0c:b6:3e:11:d1:dd:c0:e9:b1:b1:ef:58:1f:
bb:67:91:d4:fc:95:b6:79:df:b5:34:76:24:ba:c6:3e:a3:d9:
2b:cf:c3:f8:7c:e3:46:c7:db:0a:c8:f2:c1:fc:8d:d3:a5:ca:
d4:37:f4:9e:ee:78:50:85:5b:96:b2:c2:0a:99:85:79:e5:3b:
65:ce:21:cd:75:23:6a:bf:19:ed:97:c9:33:c9:6c:95:c1:5a:
ec:af:30:e2:bc:f3:69:f3:da:a9:d0:fe:38:3f:c2:0b:30:be:
71:ac:98:0b:9c:9b:11:f1:c5:78:0c:b9:37:38:dd:ca:f8:cd:
c7:57:75:80:eb:5a:75:67:98:40:72:56:46:dd:1d:10:7e:6a:
64:2c:3f:85:30:a2:3a:75:fd:85:d4:73:eb:b3:3f:94:2a:1b:
46:a9:3a:1d:76:37:ee:f4:6f:12:5b:87:14:35:b3:06:75:77:
ca:50:24:15:b9:22:28:9f:8f:45:26:93:1d:b9:c5:0f:f6:92:
fd:37:46:30:c4:4e:b8:f0:24:38:ba:ea:e5:27:ee:00:00:af:
43:75:44:39
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAVQsMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjA4MTA0OTE2WhcNMjYwMTI3MTA0OTE2WjAYMRYw
FAYDVQQDEw02N2E3MzZiMC1iZjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzyipfaYY4wzkpl4SvXGQERKsSEh2DmuNx+0C5oXJi08m6EY0GFec+YQz
RW54FW6Zz2Qkyw8Lr4Ve1ls2y93r/7ihZMyvw+sQACe6IV/tMXqJLYL4UXtJfjtm
MzBnjsscWtmBqzLuq3trdvMeaHURYQuQ8HOejvA1OziR2OdDrgUkd39phmrqmELP
CoR1ta35ev9JshcnzGPPJLGeAZSPGQWqy+bUHqXK1eCxDnrakDjL6NF+WQNZ8EFI
0d2YRGSVqObgFICsa1ujUllVCfNn4PZgCjlxigJpoOtw+aaBLVlUqWiXgZN7l/II
V+s9YJ5WaOCDuUmk94FmHNC9ppFglwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFO/J
3pTyIKh66TIyj01w6/QrPOHCMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OUM3MzIwQ0U2MEExMUVGQjdEMTVBNEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsIqMA0GCSqGSIb3DQEB
CwUAA4IBAQCU5ZSQCDBzfO0nQ/+1we499F8JtMM9VBX1ToRTgT1+oz25549RZ7Wb
egy2PhHR3cDpsbHvWB+7Z5HU/JW2ed+1NHYkusY+o9krz8P4fONGx9sKyPLB/I3T
pcrUN/Se7nhQhVuWssIKmYV55TtlziHNdSNqvxntl8kzyWyVwVrsrzDivPNp89qp
0P44P8ILML5xrJgLnJsR8cV4DLk3ON3K+M3HV3WA61p1Z5hAclZG3R0QfmpkLD+F
MKI6df2F1HPrsz+UKhtGqToddjfu9G8SW4cUNbMGdXfKUCQVuSIon49FJpMducUP
9pL9N0YwxE648CQ4uurlJ+4AAK9DdUQ5
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:48:06 2025 by rpki-client