Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/736E18BAC51C11EF8B195185762E951A.roa
File: 736E18BAC51C11EF8B195185762E951A.roa (raw, json)
Hash identifier: rTKx+nlw8E7E//jK7vlYVt7ygqtaDCUWpYYPLK8D0Xs=
Subject key identifier: D1:12:4F:5D:F8:AC:6B:C9:35:D6:A4:43:78:5D:E3:50:7E:66:38:9F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012B2D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/736E18BAC51C11EF8B195185762E951A.roa
Signing time: Sat 28 Dec 2024 13:05:46 +0000
ROA not before: Sat 28 Dec 2024 13:05:42 +0000
ROA not after: Sun 12 Dec 2027 13:05:42 +0000
asID: 17561
IP address blocks: 154.203.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76589 (0x12b2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 13:05:42 2024 GMT
Not After : Dec 12 13:05:42 2027 GMT
Subject: CN=676ff7aa-b819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c6:47:c6:1b:25:5b:08:16:21:68:98:94:4f:
03:fc:db:b1:fc:ca:ec:7a:26:c9:0d:67:71:16:44:
a8:b2:da:24:75:f9:70:fe:15:ae:94:c6:d4:aa:7d:
b8:53:5e:b3:67:b1:eb:b6:be:94:a8:eb:58:ec:a6:
43:5b:3f:d6:f2:6c:ab:35:07:66:29:72:84:80:e3:
ad:6e:b7:22:8a:0f:c8:e5:e7:01:05:36:5d:70:c9:
6d:1c:01:c7:1f:c5:2c:19:e7:b8:7d:08:b3:c4:76:
44:7c:e3:d8:b9:01:46:63:58:bc:21:bf:17:a7:51:
8a:e3:2a:9d:a3:39:f0:3c:d4:c6:c0:6e:66:a9:8b:
5f:4c:8d:8a:84:6f:c4:b5:6c:fa:f2:22:c8:95:7d:
8f:38:98:89:b1:e6:1c:f1:0b:ad:17:c9:61:6b:29:
2d:80:b6:b3:90:48:19:f2:85:5b:b3:d2:9b:f3:b6:
1a:6b:bd:b2:3c:0d:c9:90:e5:66:30:41:38:83:f7:
fb:e4:39:1c:32:73:1b:18:16:70:01:0e:26:b4:e3:
ca:b2:32:14:c1:a2:a2:74:a2:b9:d1:c3:46:05:16:
00:db:c9:4a:01:17:86:e1:14:b3:42:91:79:e5:ae:
52:6c:4c:d3:de:db:00:2f:6a:f4:1f:0c:8f:a3:a7:
15:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:12:4F:5D:F8:AC:6B:C9:35:D6:A4:43:78:5D:E3:50:7E:66:38:9F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/736E18BAC51C11EF8B195185762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.34.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b6:18:78:62:9b:b1:ca:b8:df:7e:41:de:30:4d:a0:fd:88:
55:f5:21:5b:dc:00:49:d1:2d:a3:31:ca:3a:e3:b4:da:41:62:
59:13:ab:65:a7:ac:bf:79:02:6e:23:a0:5d:b1:c4:8b:1a:eb:
ea:22:e3:94:c7:e1:c7:e8:37:bf:93:8b:14:74:00:1c:f5:05:
65:bd:1a:1e:f3:fd:c3:52:89:46:5e:c4:8c:d4:42:1e:3f:72:
68:6e:18:0f:cc:2d:16:26:56:1a:05:f3:b7:40:4e:05:aa:4d:
3d:aa:ef:75:45:38:2b:f1:3b:3f:a3:bd:d9:1f:05:0f:a0:e0:
27:74:5e:3b:1e:ae:03:01:c4:4a:f1:ac:a0:bd:96:c3:61:bf:
e1:6b:fe:27:1d:90:3d:2c:0b:e3:a6:c4:b3:ac:0f:52:9e:ce:
c9:07:c7:b3:50:9d:1d:5b:3a:4c:ba:7c:54:b3:a4:3c:4c:24:
a1:08:f9:0a:73:a8:42:59:ee:33:83:2f:56:f8:96:48:f1:50:
dd:a6:42:bd:09:b6:29:c4:4b:c4:8a:ad:b6:45:0b:c7:64:92:
f1:71:6d:f2:fc:a0:ff:62:b7:a9:b0:bb:ef:0a:a1:a2:bf:cc:
a6:45:82:6f:cf:48:ab:df:a3:de:4d:be:57:54:30:dd:37:b0:
f4:44:5e:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASstMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTMwNTQyWhcNMjcxMjEyMTMwNTQyWjAYMRYw
FAYDVQQDEw02NzZmZjdhYS1iODE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5MZHxhslWwgWIWiYlE8D/Nux/MrseibJDWdxFkSostokdflw/hWulMbU
qn24U16zZ7Hrtr6UqOtY7KZDWz/W8myrNQdmKXKEgOOtbrciig/I5ecBBTZdcMlt
HAHHH8UsGee4fQizxHZEfOPYuQFGY1i8Ib8Xp1GK4yqdoznwPNTGwG5mqYtfTI2K
hG/EtWz68iLIlX2POJiJseYc8QutF8lhayktgLazkEgZ8oVbs9Kb87Yaa72yPA3J
kOVmMEE4g/f75DkcMnMbGBZwAQ4mtOPKsjIUwaKidKK50cNGBRYA28lKAReG4RSz
QpF55a5SbEzT3tsAL2r0HwyPo6cVHwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFNES
T134rGvJNdakQ3hd41B+ZjifMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83MzZFMThCQUM1MUMxMUVGOEIxOTUxODU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmssiMA0GCSqGSIb3DQEB
CwUAA4IBAQA7thh4YpuxyrjffkHeME2g/YhV9SFb3ABJ0S2jMco647TaQWJZE6tl
p6y/eQJuI6BdscSLGuvqIuOUx+HH6De/k4sUdAAc9QVlvRoe8/3DUolGXsSM1EIe
P3JobhgPzC0WJlYaBfO3QE4Fqk09qu91RTgr8Ts/o73ZHwUPoOAndF47Hq4DAcRK
8aygvZbDYb/ha/4nHZA9LAvjpsSzrA9Sns7JB8ezUJ0dWzpMunxUs6Q8TCShCPkK
c6hCWe4zgy9W+JZI8VDdpkK9CbYpxEvEiq22RQvHZJLxcW3y/KD/YrepsLvvCqGi
v8ymRYJvz0ir36PeTb5XVDDdN7D0RF7S
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:32 2025 by rpki-client