Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DEEFC6EF45211EFA04D6247762E951A.roa
File: 6DEEFC6EF45211EFA04D6247762E951A.roa (raw, json)
Hash identifier: 1H3qeam38l/vab7QGCZlT4fiGu9/7qTumDv6NLzk3kc=
Subject key identifier: 1B:A8:6F:D5:8A:6C:78:C9:2F:4F:03:BA:7F:BB:5D:E4:EC:30:C8:70
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016497
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DEEFC6EF45211EFA04D6247762E951A.roa
Signing time: Wed 26 Feb 2025 15:00:34 +0000
ROA not before: Wed 26 Feb 2025 15:00:30 +0000
ROA not after: Sat 19 Feb 2028 15:00:30 +0000
asID: 17561
IP address blocks: 154.82.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91287 (0x16497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 15:00:30 2025 GMT
Not After : Feb 19 15:00:30 2028 GMT
Subject: CN=67bf2c92-7560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:36:eb:bb:69:d6:2f:af:6b:1a:45:e0:f4:
08:c7:9e:5e:7b:28:90:80:34:94:83:44:02:b6:a3:
55:b4:00:0b:46:3a:7a:a4:e7:6d:51:27:f6:69:e0:
25:40:d4:27:1e:81:c4:7b:8d:0a:06:fe:70:89:b8:
41:de:b6:34:5b:da:8b:44:a2:b7:4b:b5:5e:00:68:
6c:32:b7:8c:92:07:dc:be:63:26:85:a4:56:ce:d9:
68:03:6f:11:f9:98:73:00:6a:9c:fd:25:ac:82:d6:
88:5f:25:5a:ab:f2:16:05:e9:a1:58:a8:83:a2:07:
4a:e9:1d:f4:68:ee:bb:5a:92:fe:f5:cf:88:24:a5:
18:21:fa:c9:fd:f3:75:ff:83:e6:00:20:08:db:d2:
92:f3:dc:c3:07:83:5a:bd:c4:b5:c7:0b:fe:65:05:
13:1e:9c:59:4b:37:ea:7d:2b:0b:b1:e9:11:ee:87:
2d:58:de:d3:b4:c4:21:54:34:55:ee:d1:a8:f1:12:
91:b6:50:26:3e:d5:43:1c:40:2f:bb:94:bd:bc:6a:
9a:06:7a:6b:d7:48:fb:63:e4:82:78:84:52:df:ce:
90:f4:8a:75:c1:38:1c:06:b1:e8:c2:cc:f4:79:26:
e8:44:37:b1:7b:8e:c6:30:5d:ae:0a:6a:d5:5f:f4:
a2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:A8:6F:D5:8A:6C:78:C9:2F:4F:03:BA:7F:BB:5D:E4:EC:30:C8:70
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/6DEEFC6EF45211EFA04D6247762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:b1:8b:93:cf:f8:67:3f:d3:d7:9d:c1:8d:a5:7d:7f:23:34:
53:58:42:a1:8d:b1:40:38:ff:60:92:34:21:90:6f:5a:c2:e0:
42:57:f2:7f:d1:5b:38:02:04:01:60:d0:5a:b6:d5:24:50:cd:
f0:a0:ff:01:e3:88:89:ea:0e:10:62:bb:12:9c:27:bf:7c:61:
14:52:db:8a:cc:c5:69:e9:d3:ec:29:d6:41:04:50:fd:c0:8b:
fd:7a:89:21:e6:1e:01:9e:ec:6c:df:b7:84:df:61:3f:7e:57:
ae:a4:66:88:21:d8:1a:9e:6a:28:72:7a:2e:4b:db:f1:a1:b1:
e0:08:05:10:ae:ca:96:aa:21:cc:f9:72:7a:eb:20:ea:50:ab:
13:7f:3c:1c:77:4d:91:f8:31:85:f7:63:d1:26:83:5b:0e:55:
52:49:37:c8:a5:5f:5a:4b:39:30:79:3b:cf:fe:5a:88:75:c1:
76:09:93:73:c4:eb:97:0d:4c:2e:8c:b2:1a:1d:5f:41:20:fe:
3e:b2:cd:60:ea:50:76:9c:c8:89:b3:57:92:8c:4e:64:b3:82:
ff:38:eb:cf:f4:42:b3:6b:b2:15:c5:37:57:3f:12:c4:9f:3e:
a4:6f:62:82:c8:db:a9:ba:7b:d2:8b:b9:11:1a:44:d7:78:b7:
60:d2:a7:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWSXMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTUwMDMwWhcNMjgwMjE5MTUwMDMwWjAYMRYw
FAYDVQQDEw02N2JmMmM5Mi03NTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuXM267tp1i+vaxpF4PQIx55eeyiQgDSUg0QCtqNVtAALRjp6pOdtUSf2
aeAlQNQnHoHEe40KBv5wibhB3rY0W9qLRKK3S7VeAGhsMreMkgfcvmMmhaRWztlo
A28R+ZhzAGqc/SWsgtaIXyVaq/IWBemhWKiDogdK6R30aO67WpL+9c+IJKUYIfrJ
/fN1/4PmACAI29KS89zDB4NavcS1xwv+ZQUTHpxZSzfqfSsLsekR7octWN7TtMQh
VDRV7tGo8RKRtlAmPtVDHEAvu5S9vGqaBnpr10j7Y+SCeIRS386Q9Ip1wTgcBrHo
wsz0eSboRDexe47GMF2uCmrVX/SiLQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBuo
b9WKbHjJL08Dun+7XeTsMMhwMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82REVFRkM2RUY0NTIxMUVGQTA0RDYyNDc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLfMA0GCSqGSIb3DQEB
CwUAA4IBAQBfsYuTz/hnP9PXncGNpX1/IzRTWEKhjbFAOP9gkjQhkG9awuBCV/J/
0Vs4AgQBYNBattUkUM3woP8B44iJ6g4QYrsSnCe/fGEUUtuKzMVp6dPsKdZBBFD9
wIv9eokh5h4Bnuxs37eE32E/fleupGaIIdganmoocnouS9vxobHgCAUQrsqWqiHM
+XJ66yDqUKsTfzwcd02R+DGF92PRJoNbDlVSSTfIpV9aSzkweTvP/lqIdcF2CZNz
xOuXDUwujLIaHV9BIP4+ss1g6lB2nMiJs1eSjE5ks4L/OOvP9EKza7IVxTdXPxLE
nz6kb2KCyNupunvSi7kRGkTXeLdg0qdB
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:06:26 2025 by rpki-client