Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/770AAC2AC54611EFAF47828C762E951A.roa
File: 770AAC2AC54611EFAF47828C762E951A.roa (raw, json)
Hash identifier: 8buE1a5+27kqjFeZIVQMN3TiaNpP1fa/cXxXteJP9nE=
Subject key identifier: 6B:10:AB:62:0F:D1:E6:81:09:49:1C:FF:27:D2:81:80:26:6F:E7:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012CAF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/770AAC2AC54611EFAF47828C762E951A.roa
Signing time: Sat 28 Dec 2024 18:06:31 +0000
ROA not before: Sat 28 Dec 2024 18:06:27 +0000
ROA not after: Sun 12 Dec 2027 18:06:27 +0000
asID: 17561
IP address blocks: 154.208.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76975 (0x12caf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 18:06:27 2024 GMT
Not After : Dec 12 18:06:27 2027 GMT
Subject: CN=67703e27-412e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:a6:b3:14:c8:54:8c:ca:33:33:05:66:90:0a:
4e:a0:4a:34:ff:29:2a:11:19:32:62:c6:09:c4:14:
a8:51:64:37:ce:e3:03:11:49:78:5d:29:bf:3e:ce:
c7:ee:0d:ea:41:38:47:df:4e:62:dd:33:22:e2:29:
ac:40:f5:5a:32:18:f3:6e:a0:81:f6:a0:1b:c1:90:
ef:25:6e:85:b4:18:a6:6c:f5:cf:40:f2:43:03:eb:
8c:a7:f7:3d:59:c1:7e:05:7b:d7:d9:7f:5b:5a:df:
b5:68:f4:26:4a:c6:ae:c2:b6:3e:eb:1c:90:77:c5:
78:36:af:2a:c3:6c:db:a0:18:97:81:9b:16:9a:98:
9d:d4:08:8f:e1:fa:bc:2e:c9:64:d8:15:a6:96:85:
6b:b6:8c:bb:14:f2:16:66:31:ff:8f:35:de:80:d5:
b0:4c:26:64:4b:3d:23:ca:53:88:81:c4:19:20:c3:
24:54:4c:94:18:1b:a5:ea:c8:0c:80:82:1f:58:98:
4b:8d:61:03:4e:ac:ca:83:35:d3:79:05:d1:6a:8e:
5d:4e:a6:da:fd:fd:24:ab:15:e5:b4:2f:a0:ec:76:
b8:ef:57:cd:2a:4b:d0:d9:dc:fe:7e:d4:c7:c1:09:
27:1a:14:4b:27:c3:f6:a8:ef:0c:12:63:7a:64:ca:
b8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:10:AB:62:0F:D1:E6:81:09:49:1C:FF:27:D2:81:80:26:6F:E7:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/770AAC2AC54611EFAF47828C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.188.0/24
Signature Algorithm: sha256WithRSAEncryption
69:a1:79:71:1d:cc:d4:a3:c4:0b:2d:a2:82:49:38:5a:65:50:
08:07:a0:ff:d7:d0:ca:8e:e9:de:f0:e5:14:1d:2e:7d:a8:29:
d1:e0:81:76:f0:ee:81:7d:53:e6:9b:88:cd:a8:a8:c8:71:5b:
8e:13:84:48:ab:aa:40:78:8f:f1:3c:cd:33:f4:65:8f:b7:7c:
1a:ec:c4:76:6e:d6:0e:d1:15:4b:54:b1:a3:82:87:9e:f9:ef:
2e:4b:4a:1f:32:31:01:9a:34:cf:d4:94:21:75:2f:1b:4c:79:
3c:c7:76:23:b0:41:15:5f:28:5d:37:ce:d7:c5:ce:5d:9f:6d:
64:73:fa:90:bd:85:b2:f2:ce:76:8b:51:93:fd:18:53:e9:ae:
16:c9:c4:1d:b3:c3:95:c7:2e:73:40:c3:9e:ce:31:cc:c0:b6:
71:82:d0:52:c8:1c:45:b7:a6:e8:63:13:22:53:24:ca:31:66:
cc:c1:f1:73:80:2c:30:8b:00:78:30:d4:fb:1e:da:11:a5:89:
6d:3b:e9:4c:73:be:b8:8f:6b:9f:d1:6e:41:66:04:5f:ae:cf:
77:41:91:a7:c3:df:ee:60:6e:59:b9:15:6d:ee:36:94:57:10:
79:61:41:1d:3a:f3:01:db:be:fc:0a:9a:10:d3:90:dc:48:d7:
3b:e9:3e:91
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASyvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTgwNjI3WhcNMjcxMjEyMTgwNjI3WjAYMRYw
FAYDVQQDEw02NzcwM2UyNy00MTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3qazFMhUjMozMwVmkApOoEo0/ykqERkyYsYJxBSoUWQ3zuMDEUl4XSm/
Ps7H7g3qQThH305i3TMi4imsQPVaMhjzbqCB9qAbwZDvJW6FtBimbPXPQPJDA+uM
p/c9WcF+BXvX2X9bWt+1aPQmSsauwrY+6xyQd8V4Nq8qw2zboBiXgZsWmpid1AiP
4fq8Lslk2BWmloVrtoy7FPIWZjH/jzXegNWwTCZkSz0jylOIgcQZIMMkVEyUGBul
6sgMgIIfWJhLjWEDTqzKgzXTeQXRao5dTqba/f0kqxXltC+g7Ha471fNKkvQ2dz+
ftTHwQknGhRLJ8P2qO8MEmN6ZMq4pQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGsQ
q2IP0eaBCUkc/yfSgYAmb+eKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83NzBBQUMyQUM1NDYxMUVGQUY0NzgyOEM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtC8MA0GCSqGSIb3DQEB
CwUAA4IBAQBpoXlxHczUo8QLLaKCSThaZVAIB6D/19DKjune8OUUHS59qCnR4IF2
8O6BfVPmm4jNqKjIcVuOE4RIq6pAeI/xPM0z9GWPt3wa7MR2btYO0RVLVLGjgoee
+e8uS0ofMjEBmjTP1JQhdS8bTHk8x3YjsEEVXyhdN87Xxc5dn21kc/qQvYWy8s52
i1GT/RhT6a4WycQds8OVxy5zQMOezjHMwLZxgtBSyBxFt6boYxMiUyTKMWbMwfFz
gCwwiwB4MNT7HtoRpYltO+lMc764j2uf0W5BZgRfrs93QZGnw9/uYG5ZuRVt7jaU
VxB5YUEdOvMB2778CpoQ05DcSNc76T6R
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:11 2025 by rpki-client