Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CACA6EECDC511EF91776D9B762E951A.roa
File: 5CACA6EECDC511EF91776D9B762E951A.roa (raw, json)
Hash identifier: 4r232LW+jjrqu3DGXejRTpy7UQWdFfYlR9xH8QOSo+Q=
Subject key identifier: 38:7F:4C:F4:BB:7B:C3:08:8A:D3:65:74:52:22:68:BF:F1:32:A3:B0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013736
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CACA6EECDC511EF91776D9B762E951A.roa
Signing time: Wed 08 Jan 2025 13:35:02 +0000
ROA not before: Wed 08 Jan 2025 13:34:58 +0000
ROA not after: Tue 16 Dec 2025 13:34:58 +0000
asID: 984
IP address blocks: 154.200.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79670 (0x13736)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 13:34:58 2025 GMT
Not After : Dec 16 13:34:58 2025 GMT
Subject: CN=677e7f06-ec50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:38:f4:3a:cc:f1:84:31:d5:9a:87:53:b0:ac:
0d:85:e2:6d:46:35:fc:80:34:b8:2d:1a:d1:f4:99:
4d:31:39:2e:22:e3:69:eb:82:63:06:5e:43:f6:66:
ec:1f:74:c8:38:d9:49:4e:ed:db:0e:4b:b6:a3:48:
9c:b5:92:33:ba:e5:3e:f5:bb:1c:9c:a0:7c:b7:d3:
09:e3:3a:90:68:c9:03:35:eb:55:15:9d:70:d4:01:
fc:8b:7c:7a:6d:dd:cf:89:2a:69:e3:b2:b5:c4:34:
13:db:d2:35:8e:7c:cd:1e:b0:0e:09:52:71:57:4b:
c8:fd:17:2f:66:61:dd:92:49:b7:17:61:1a:77:bf:
af:91:f1:45:f3:c5:72:66:d5:a3:e4:01:43:34:fe:
9e:9f:88:d6:a6:be:3d:27:73:ad:88:54:80:e4:f1:
15:80:ac:bd:50:be:7c:11:e0:2a:9f:99:ef:b6:3e:
3b:de:dc:2f:5b:d2:8f:2d:7d:61:c9:a0:2b:1c:a8:
e0:76:87:de:02:f3:81:c7:0a:15:9b:a3:b2:90:84:
6e:4e:c5:f4:5a:7a:8b:04:47:a1:84:fa:9e:31:65:
fb:03:7b:2d:db:0a:a7:91:bb:ae:a2:a3:54:9a:7e:
b6:71:f7:cc:8d:f3:cc:74:47:6f:68:9b:46:85:14:
e6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7F:4C:F4:BB:7B:C3:08:8A:D3:65:74:52:22:68:BF:F1:32:A3:B0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/5CACA6EECDC511EF91776D9B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.253.0/24
Signature Algorithm: sha256WithRSAEncryption
30:64:d2:33:50:e4:64:51:d3:9b:f4:28:00:38:5f:e8:e9:c4:
9d:8b:cd:73:9d:27:09:af:e4:bc:9c:b6:49:ce:b4:b4:6c:3e:
5f:de:e4:e7:2d:d5:d3:11:4f:1e:2d:d3:e8:c1:96:01:6c:73:
00:5f:56:12:57:f4:c4:2b:7e:5b:23:9f:20:6a:1b:4d:82:ee:
ed:3e:25:db:6b:36:c1:10:22:cd:d0:bc:7c:e8:aa:d3:d5:c0:
05:31:71:5b:c3:03:bc:72:05:67:24:44:5e:a2:67:a5:14:6a:
46:bb:11:c7:ab:2c:38:df:a6:53:b0:54:c8:66:d8:f8:d2:eb:
cf:3e:7d:86:1b:10:04:df:dd:94:ec:af:d4:93:ae:29:53:f8:
3d:a1:1a:58:d2:30:3c:96:b0:15:24:03:bd:1a:f1:6d:49:82:
26:17:85:c8:43:08:fe:5d:ad:3f:97:ad:a7:f4:1f:ea:a7:f7:
7f:b8:60:95:50:64:35:cd:99:69:d5:9d:46:44:61:4d:b3:0e:
0e:8f:38:96:a8:81:80:de:9d:fa:24:9c:1e:c3:02:c4:c3:ca:
5a:6f:6a:26:d9:1f:0a:4a:01:34:33:90:fb:dc:2f:4e:18:c1:
55:a5:a1:fd:06:35:3d:87:ca:f2:a0:a5:38:b5:c5:b3:1c:63:
dd:93:e1:a6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATc2MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTMzNDU4WhcNMjUxMjE2MTMzNDU4WjAYMRYw
FAYDVQQDEw02NzdlN2YwNi1lYzUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1Tj0OszxhDHVmodTsKwNheJtRjX8gDS4LRrR9JlNMTkuIuNp64JjBl5D
9mbsH3TIONlJTu3bDku2o0ictZIzuuU+9bscnKB8t9MJ4zqQaMkDNetVFZ1w1AH8
i3x6bd3PiSpp47K1xDQT29I1jnzNHrAOCVJxV0vI/RcvZmHdkkm3F2Ead7+vkfFF
88VyZtWj5AFDNP6en4jWpr49J3OtiFSA5PEVgKy9UL58EeAqn5nvtj473twvW9KP
LX1hyaArHKjgdofeAvOBxwoVm6OykIRuTsX0WnqLBEehhPqeMWX7A3st2wqnkbuu
oqNUmn62cffMjfPMdEdvaJtGhRTmrwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDh/
TPS7e8MIitNldFIiaL/xMqOwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC81Q0FDQTZFRUNEQzUxMUVGOTE3NzZEOUI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsj9MA0GCSqGSIb3DQEB
CwUAA4IBAQAwZNIzUORkUdOb9CgAOF/o6cSdi81znScJr+S8nLZJzrS0bD5f3uTn
LdXTEU8eLdPowZYBbHMAX1YSV/TEK35bI58gahtNgu7tPiXbazbBECLN0Lx86KrT
1cAFMXFbwwO8cgVnJEReomelFGpGuxHHqyw436ZTsFTIZtj40uvPPn2GGxAE392U
7K/Uk64pU/g9oRpY0jA8lrAVJAO9GvFtSYImF4XIQwj+Xa0/l62n9B/qp/d/uGCV
UGQ1zZlp1Z1GRGFNsw4OjziWqIGA3p36JJwewwLEw8pab2om2R8KSgE0M5D73C9O
GMFVpaH9BjU9h8ryoKU4tcWzHGPdk+Gm
-----END CERTIFICATE-----
Generated at Thu Apr 10 12:05:38 2025 by rpki-client