Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59CC48A0C1BB11EF8E028B81762E951A.roa
File: 59CC48A0C1BB11EF8E028B81762E951A.roa (raw, json)
Hash identifier: mDssUFKvWrOabXYCwboYwrW7u6UBuLHHrJA4dvGREa4=
Subject key identifier: 3B:D8:A0:A1:9D:86:7A:FE:20:7B:5D:2A:59:FD:FC:05:6F:7E:2D:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0121EF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59CC48A0C1BB11EF8E028B81762E951A.roa
Signing time: Tue 24 Dec 2024 05:53:08 +0000
ROA not before: Tue 24 Dec 2024 05:53:05 +0000
ROA not after: Wed 10 Dec 2025 05:53:05 +0000
asID: 984
IP address blocks: 154.193.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74223 (0x121ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 05:53:05 2024 GMT
Not After : Dec 10 05:53:05 2025 GMT
Subject: CN=676a4c44-d804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:46:ad:a6:8c:91:56:3d:21:95:3e:ab:b1:eb:
74:a0:06:56:d3:97:6f:00:f2:f5:f9:1b:84:fd:d8:
28:86:f9:30:4f:c9:a0:41:7c:fb:c5:e0:4e:56:35:
c2:b8:b3:d8:ef:1d:1a:96:e4:8b:95:f2:0c:8a:4d:
f8:5a:67:e5:62:8e:6d:dd:58:18:5a:d3:92:48:4d:
61:d3:bc:16:58:f9:0b:d3:5f:8f:5c:a0:2f:d5:32:
e9:b8:64:ed:b4:c3:1f:eb:96:d1:39:d8:e4:2a:e6:
69:fc:dd:09:80:cf:c4:4a:f1:ac:f8:af:42:a7:72:
61:66:2b:42:fb:e5:88:49:bb:92:14:81:85:db:43:
4c:80:ce:c9:13:32:c9:bf:65:ea:e4:83:6f:73:0c:
3b:cf:e9:9b:d3:3b:fe:55:02:ac:49:58:2b:23:c1:
6c:3f:e1:78:5c:c2:ba:32:9b:32:0b:ee:a5:2c:9f:
a4:09:61:d2:49:f7:be:bd:b2:e9:32:7e:38:bf:b8:
ff:41:f3:76:7e:25:3b:2e:ab:87:e4:03:ec:31:20:
fa:31:2b:57:5c:d3:b8:1f:c8:07:03:ec:fd:34:46:
7a:f3:23:ab:4c:15:3e:e3:da:db:29:28:f1:1b:a7:
d7:47:d8:5e:e8:97:ca:71:75:a4:d3:78:57:29:5d:
b6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D8:A0:A1:9D:86:7A:FE:20:7B:5D:2A:59:FD:FC:05:6F:7E:2D:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/59CC48A0C1BB11EF8E028B81762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.193.177.0/24
Signature Algorithm: sha256WithRSAEncryption
98:7e:07:fa:60:4a:9f:5b:6f:5f:3a:0f:56:ec:db:01:e2:55:
b5:42:d1:bf:57:1a:91:26:10:fd:d1:79:54:de:84:19:3f:bc:
0f:3e:42:39:28:7f:ce:22:2a:b7:30:86:4d:1b:0e:05:95:99:
da:85:ce:4d:2e:65:20:50:45:e3:70:0b:84:0b:1f:71:6d:5c:
d4:3b:90:d4:71:ca:e7:5d:3b:da:62:27:45:35:da:81:3d:4f:
c0:04:5c:dc:88:c8:d6:48:f1:5d:18:72:81:91:84:e7:38:e0:
be:8d:61:43:f2:ac:e9:da:c5:c0:af:c6:1a:b7:0c:48:b1:7a:
98:a6:0e:84:3a:25:65:42:5c:fd:03:4e:d9:62:4e:73:25:83:
02:58:21:80:c9:c0:b6:8f:16:72:3e:c0:98:a2:dd:01:76:aa:
b2:70:4a:bf:6d:40:26:19:ce:dd:a3:ef:48:27:3e:72:f5:e4:
e6:63:a9:d1:87:ce:25:07:cb:7a:b1:35:70:8f:62:cd:76:02:
ef:f1:bb:be:a9:97:e6:4f:05:07:de:55:6a:4b:64:d0:b4:fd:
d2:ac:c8:36:96:71:c3:f2:f6:ce:62:bf:5b:78:3c:84:1f:9d:
f1:c7:98:61:a8:65:f6:0d:41:fa:82:ce:b7:9b:9c:17:10:fa:
e9:6b:81:06
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASHvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDU1MzA1WhcNMjUxMjEwMDU1MzA1WjAYMRYw
FAYDVQQDEw02NzZhNGM0NC1kODA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3EatpoyRVj0hlT6rset0oAZW05dvAPL1+RuE/dgohvkwT8mgQXz7xeBO
VjXCuLPY7x0aluSLlfIMik34WmflYo5t3VgYWtOSSE1h07wWWPkL01+PXKAv1TLp
uGTttMMf65bROdjkKuZp/N0JgM/ESvGs+K9Cp3JhZitC++WISbuSFIGF20NMgM7J
EzLJv2Xq5INvcww7z+mb0zv+VQKsSVgrI8FsP+F4XMK6MpsyC+6lLJ+kCWHSSfe+
vbLpMn44v7j/QfN2fiU7LquH5APsMSD6MStXXNO4H8gHA+z9NEZ68yOrTBU+49rb
KSjxG6fXR9he6JfKcXWk03hXKV229wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDvY
oKGdhnr+IHtdKln9/AVvfi2/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81OUNDNDhBMEMxQkIxMUVGOEUwMjhCODE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsGxMA0GCSqGSIb3DQEB
CwUAA4IBAQCYfgf6YEqfW29fOg9W7NsB4lW1QtG/VxqRJhD90XlU3oQZP7wPPkI5
KH/OIiq3MIZNGw4FlZnahc5NLmUgUEXjcAuECx9xbVzUO5DUccrnXTvaYidFNdqB
PU/ABFzciMjWSPFdGHKBkYTnOOC+jWFD8qzp2sXAr8YatwxIsXqYpg6EOiVlQlz9
A07ZYk5zJYMCWCGAycC2jxZyPsCYot0BdqqycEq/bUAmGc7do+9IJz5y9eTmY6nR
h84lB8t6sTVwj2LNdgLv8bu+qZfmTwUH3lVqS2TQtP3SrMg2lnHD8vbOYr9beDyE
H53xx5hhqGX2DUH6gs63m5wXEPrpa4EG
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:00:09 2025 by rpki-client