Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74987938C90E11EF837E8197762E951A.roa
File: 74987938C90E11EF837E8197762E951A.roa (raw, json)
Hash identifier: uQq/LTnc+9DLmKAjaSxqu/TGFN0BJWrxC7/Om00tb0A=
Subject key identifier: 36:A7:3E:13:03:83:08:CB:66:45:8D:C8:ED:14:34:15:E5:AC:A4:8D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013293
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74987938C90E11EF837E8197762E951A.roa
Signing time: Thu 02 Jan 2025 13:35:39 +0000
ROA not before: Thu 02 Jan 2025 13:35:36 +0000
ROA not after: Mon 13 Dec 2027 13:35:36 +0000
asID: 17561
IP address blocks: 154.221.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78483 (0x13293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 2 13:35:36 2025 GMT
Not After : Dec 13 13:35:36 2027 GMT
Subject: CN=6776962b-8cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:9e:c4:49:2d:2c:e1:a4:78:21:b4:9a:62:
21:51:e6:1d:63:73:e5:90:df:d8:2b:f0:5a:a4:e2:
e5:d2:99:3d:a6:89:19:7e:cf:56:8c:68:eb:74:96:
c6:51:30:06:4d:cd:e1:95:10:07:d0:c3:53:29:69:
49:97:3c:80:df:a6:df:1f:11:05:50:3e:97:03:97:
44:7a:b4:0f:c1:7e:b0:7b:6c:23:d3:67:b5:21:31:
7e:3c:31:7a:53:cf:d3:62:12:7f:1a:94:79:e9:f7:
91:e8:c0:87:13:f6:79:02:4a:92:30:12:2f:af:a8:
7b:8f:b3:71:f4:02:3a:21:41:0d:9e:da:a8:fc:e8:
24:ae:2e:95:14:47:29:6b:81:13:0a:73:68:b1:ad:
66:f6:5f:d6:34:86:54:0a:a4:30:7a:cf:80:00:40:
30:c5:78:e5:3f:84:ac:e4:10:0d:71:24:67:c7:14:
cd:d4:5a:1f:ba:25:fa:ba:24:9d:51:1f:d5:e0:da:
4a:56:60:7a:51:a3:93:b0:7e:fc:8f:90:0f:cb:f1:
06:35:01:06:7c:f0:e4:ce:a8:54:9d:f9:db:ae:5a:
65:12:2e:b1:3a:87:5e:d6:c4:20:84:77:b2:15:f9:
73:c7:e8:b4:03:04:d5:be:0a:bb:25:f9:ac:28:e4:
2e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A7:3E:13:03:83:08:CB:66:45:8D:C8:ED:14:34:15:E5:AC:A4:8D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/74987938C90E11EF837E8197762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.221.214.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:fd:1b:f8:51:b4:3c:21:1f:ba:8e:79:58:40:f3:10:00:01:
e2:15:bc:4d:60:85:90:c2:13:d2:c5:08:fa:41:dd:34:99:fd:
18:34:17:ee:8c:03:32:6d:2a:1d:4b:30:f3:9d:5e:74:1d:a0:
98:a4:f2:ae:f7:a2:86:3c:16:66:02:45:b1:16:5c:fb:8d:7c:
e3:59:c8:8e:fd:87:c9:f1:73:60:2d:74:4b:84:de:40:ab:d7:
37:46:7e:51:d4:a4:15:85:76:25:e2:06:37:19:66:79:d6:4a:
d4:17:cf:e5:df:c7:90:0e:ba:51:8f:f1:62:01:c8:62:e5:47:
d0:a7:31:7c:31:8d:90:08:c1:13:6f:86:4b:ca:a1:05:69:43:
b5:a2:ad:5d:d6:62:9b:c4:f4:9c:5e:91:9d:37:7a:22:58:f1:
ef:32:40:35:2f:16:2b:d2:58:5c:d0:ea:a0:c8:4f:dc:6c:7a:
9f:25:30:63:b7:da:6e:db:c4:f0:f3:75:72:a9:d1:f9:24:fd:
a7:20:ba:cc:18:d2:4b:40:0c:95:a7:65:9a:0f:4d:76:7d:a8:
18:33:00:d3:84:40:2d:d7:3d:7d:9f:83:cc:a9:02:1b:a2:aa:
c3:9e:41:eb:a7:8b:a6:9a:57:20:7e:61:3e:22:2d:c0:94:f5:
a3:ec:66:7b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATKTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMTMzNTM2WhcNMjcxMjEzMTMzNTM2WjAYMRYw
FAYDVQQDEw02Nzc2OTYyYi04Y2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwQOexEktLOGkeCG0mmIhUeYdY3PlkN/YK/BapOLl0pk9pokZfs9WjGjr
dJbGUTAGTc3hlRAH0MNTKWlJlzyA36bfHxEFUD6XA5dEerQPwX6we2wj02e1ITF+
PDF6U8/TYhJ/GpR56feR6MCHE/Z5AkqSMBIvr6h7j7Nx9AI6IUENntqo/Ogkri6V
FEcpa4ETCnNosa1m9l/WNIZUCqQwes+AAEAwxXjlP4Ss5BANcSRnxxTN1FofuiX6
uiSdUR/V4NpKVmB6UaOTsH78j5APy/EGNQEGfPDkzqhUnfnbrlplEi6xOode1sQg
hHeyFflzx+i0AwTVvgq7JfmsKOQueQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDan
PhMDgwjLZkWNyO0UNBXlrKSNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NDk4NzkzOEM5MEUxMUVGODM3RTgxOTc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt3WMA0GCSqGSIb3DQEB
CwUAA4IBAQBf/Rv4UbQ8IR+6jnlYQPMQAAHiFbxNYIWQwhPSxQj6Qd00mf0YNBfu
jAMybSodSzDznV50HaCYpPKu96KGPBZmAkWxFlz7jXzjWciO/YfJ8XNgLXRLhN5A
q9c3Rn5R1KQVhXYl4gY3GWZ51krUF8/l38eQDrpRj/FiAchi5UfQpzF8MY2QCMET
b4ZLyqEFaUO1oq1d1mKbxPScXpGdN3oiWPHvMkA1LxYr0lhc0OqgyE/cbHqfJTBj
t9pu28Tw83VyqdH5JP2nILrMGNJLQAyVp2WaD012fagYMwDThEAt1z19n4PMqQIb
oqrDnkHrp4ummlcgfmE+Ii3AlPWj7GZ7
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:40 2025 by rpki-client