Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65018BC8C62E11EFA7ADAF48762E951A.roa
File: 65018BC8C62E11EFA7ADAF48762E951A.roa (raw, json)
Hash identifier: 90o7VAgeMB+hewqqK5pQmDc6avOaTkrbzVx4x8oLZaM=
Subject key identifier: A5:05:AC:CC:EB:C9:DA:A0:F0:55:0A:2D:74:92:58:85:25:59:88:D2
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012FDC
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65018BC8C62E11EFA7ADAF48762E951A.roa
Signing time: Sun 29 Dec 2024 21:46:44 +0000
ROA not before: Sun 29 Dec 2024 21:46:40 +0000
ROA not after: Sun 12 Dec 2027 21:46:40 +0000
asID: 17561
IP address blocks: 154.217.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77788 (0x12fdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 21:46:40 2024 GMT
Not After : Dec 12 21:46:40 2027 GMT
Subject: CN=6771c344-ee11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:57:d5:bd:51:e0:26:5a:d3:82:58:cd:95:70:
1d:dd:b1:f5:98:f1:db:0f:2f:5c:4f:e2:ea:eb:c1:
b5:81:31:7b:66:9f:f0:b6:b1:cb:b7:b2:87:09:f4:
63:df:fa:b4:48:97:21:f1:8b:fa:75:77:c2:92:30:
16:49:a5:fa:dd:92:41:e6:80:28:d1:2f:95:53:4a:
f7:72:0f:66:17:73:ed:79:d6:a1:e6:9c:d1:0c:fc:
05:aa:e9:90:89:50:1c:b5:ca:d4:e7:e5:90:52:a7:
8d:f0:1d:3f:76:f2:a3:6e:3d:ff:35:38:4f:59:df:
13:a7:f9:8c:ae:61:f3:7b:89:dc:26:0d:ce:c6:1f:
ef:3c:4f:12:ce:38:b3:9f:61:68:95:5b:62:5f:44:
be:2e:a5:e7:d8:01:97:3a:4b:bb:17:99:89:65:c8:
01:bc:5f:25:e5:12:ed:f2:4b:fa:eb:04:a8:a0:8c:
d4:f9:d4:a0:fe:ac:d1:61:1a:c5:e5:cc:54:16:4a:
05:3b:4e:ee:72:4f:e4:11:5d:62:d0:fb:f2:ec:b0:
59:3f:a6:17:b2:b4:51:b2:61:a7:96:01:24:b9:86:
62:51:29:60:12:6e:ed:91:67:d5:62:3d:e3:18:24:
c4:df:80:d2:7c:99:99:65:2d:be:2f:01:32:cd:5a:
9f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:05:AC:CC:EB:C9:DA:A0:F0:55:0A:2D:74:92:58:85:25:59:88:D2
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/65018BC8C62E11EFA7ADAF48762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.209.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b6:af:e2:c6:35:21:72:cb:6d:b1:44:fc:97:47:20:05:61:
7b:2c:da:b9:ef:60:8b:b8:2a:41:7f:c0:e9:32:b6:c9:11:45:
d4:63:91:26:c1:d6:49:a7:8f:94:2b:3f:83:b6:fa:61:a9:88:
23:a8:3e:3a:0f:1f:ed:6b:0d:06:c2:87:44:dc:50:31:39:06:
d5:49:dd:06:05:5f:26:fb:c5:76:aa:ed:b6:83:6f:6d:66:33:
65:4c:37:2a:12:59:fc:20:e1:71:8b:2e:e9:bf:a3:8c:bf:ec:
98:ab:f4:b0:61:72:62:6b:66:ab:b8:79:c9:b7:2f:69:31:2d:
20:82:71:55:aa:c7:f6:3c:32:b8:06:b5:8f:65:a2:79:ae:0b:
b8:15:4e:42:ee:58:95:7f:48:b6:4d:99:7e:60:11:ca:1b:84:
40:fa:b3:e9:1d:6d:00:0e:18:a8:3b:41:9b:f6:68:0c:dc:07:
3d:38:38:be:90:6a:6e:53:85:7b:79:d5:c9:5f:13:e3:cc:b4:
a4:03:67:a4:29:af:21:8c:6a:55:bd:a6:de:d5:be:a2:ec:19:
81:f7:85:52:b1:f1:1c:23:c7:51:95:15:0e:4f:f5:8f:f4:49:
54:4c:84:d2:f6:45:0a:bc:e7:ec:ef:28:98:ce:46:f3:fd:01:
84:9c:f2:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS/cMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjE0NjQwWhcNMjcxMjEyMjE0NjQwWjAYMRYw
FAYDVQQDEw02NzcxYzM0NC1lZTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3FfVvVHgJlrTgljNlXAd3bH1mPHbDy9cT+Lq68G1gTF7Zp/wtrHLt7KH
CfRj3/q0SJch8Yv6dXfCkjAWSaX63ZJB5oAo0S+VU0r3cg9mF3Ptedah5pzRDPwF
qumQiVActcrU5+WQUqeN8B0/dvKjbj3/NThPWd8Tp/mMrmHze4ncJg3Oxh/vPE8S
zjizn2FolVtiX0S+LqXn2AGXOku7F5mJZcgBvF8l5RLt8kv66wSooIzU+dSg/qzR
YRrF5cxUFkoFO07uck/kEV1i0Pvy7LBZP6YXsrRRsmGnlgEkuYZiUSlgEm7tkWfV
Yj3jGCTE34DSfJmZZS2+LwEyzVqfvwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKUF
rMzrydqg8FUKLXSSWIUlWYjSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82NTAxOEJDOEM2MkUxMUVGQTdBREFGNDg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtnRMA0GCSqGSIb3DQEB
CwUAA4IBAQCDtq/ixjUhcsttsUT8l0cgBWF7LNq572CLuCpBf8DpMrbJEUXUY5Em
wdZJp4+UKz+DtvphqYgjqD46Dx/taw0GwodE3FAxOQbVSd0GBV8m+8V2qu22g29t
ZjNlTDcqEln8IOFxiy7pv6OMv+yYq/SwYXJia2aruHnJty9pMS0ggnFVqsf2PDK4
BrWPZaJ5rgu4FU5C7liVf0i2TZl+YBHKG4RA+rPpHW0ADhioO0Gb9mgM3Ac9ODi+
kGpuU4V7edXJXxPjzLSkA2ekKa8hjGpVvabe1b6i7BmB94VSsfEcI8dRlRUOT/WP
9ElUTITS9kUKvOfs7yiYzkbz/QGEnPKo
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:16:41 2025 by rpki-client