Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEDCC0CCDC311EFBFA9F38E762E951A.roa
File: 7AEDCC0CCDC311EFBFA9F38E762E951A.roa (raw, json)
Hash identifier: wfGY/BBO6NxfDQ3AB1ptqKLaLuESCxfDDHvDmOSu9DI=
Subject key identifier: 15:2A:EC:B2:58:40:8D:A5:86:67:87:03:57:CC:18:90:87:0A:EC:8A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013726
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEDCC0CCDC311EFBFA9F38E762E951A.roa
Signing time: Wed 08 Jan 2025 13:21:34 +0000
ROA not before: Wed 08 Jan 2025 13:21:30 +0000
ROA not after: Tue 16 Dec 2025 13:21:30 +0000
asID: 984
IP address blocks: 154.200.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79654 (0x13726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 13:21:30 2025 GMT
Not After : Dec 16 13:21:30 2025 GMT
Subject: CN=677e7bde-06fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:23:e0:f4:cb:fe:6a:13:7a:a4:57:8f:6f:cd:
70:5f:ea:7a:03:0b:84:12:05:8a:45:b7:ce:cd:ad:
bb:c7:21:8c:b5:ad:3b:fa:14:03:24:6b:23:4d:46:
73:e0:06:e3:72:c5:7a:c3:04:60:e9:0a:d2:b9:12:
7a:7e:a2:9d:ab:16:bb:d0:80:5d:39:45:c1:01:fe:
2a:36:27:ec:7c:1f:fd:f8:f5:76:92:d5:0f:6b:a7:
92:c8:fa:66:18:7a:7b:a8:20:fa:0e:4e:01:57:e6:
0a:67:4c:10:97:74:b5:20:ab:41:a6:3b:04:b8:f3:
3c:88:c8:46:4b:d9:96:16:ad:7b:42:14:bd:f0:a1:
74:39:31:09:d7:a1:8f:81:f9:92:a0:fa:ae:db:36:
a8:8b:36:f6:7d:27:0f:15:4d:d7:8b:68:48:b4:1b:
dd:90:ce:65:a9:05:fb:ec:5d:12:33:c2:ff:ca:e0:
8f:92:c8:ae:06:ed:ed:ce:4b:90:52:20:3f:1d:03:
2b:2d:a6:73:7b:11:af:f3:95:d3:6f:ab:c7:33:6d:
c5:7b:65:94:2a:f2:5c:13:08:bb:7e:37:57:ef:25:
fc:f1:a8:12:d9:8e:6a:e7:c8:92:1d:e3:2f:76:87:
e0:36:57:77:65:a1:e2:cf:6c:cd:d0:37:55:16:bb:
57:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2A:EC:B2:58:40:8D:A5:86:67:87:03:57:CC:18:90:87:0A:EC:8A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7AEDCC0CCDC311EFBFA9F38E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.242.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:42:32:00:9c:3e:b7:f1:5a:0d:c2:74:d8:d3:5c:5f:23:70:
f7:15:ed:75:e6:3f:4d:d3:14:1e:ef:6c:57:67:23:60:cb:00:
0e:30:fb:b9:5f:c4:71:4e:d9:73:65:47:04:ce:9a:52:31:95:
2b:df:c9:86:e3:10:4f:4e:ac:e6:4e:14:8b:ea:d2:83:b7:14:
15:33:d7:bc:9f:33:6d:23:b7:2d:c5:12:39:c2:d3:ca:96:75:
d9:1f:44:87:b0:55:ec:12:a3:de:b6:dd:22:74:d4:85:f7:b5:
58:61:82:ed:70:3a:95:85:58:71:ac:ab:bd:eb:e4:15:60:0b:
52:82:4c:02:35:8b:9f:53:6e:fe:ca:29:7c:d6:8e:72:cc:05:
ac:db:7e:d9:6b:89:98:4a:36:ce:44:64:e0:d1:46:1a:b8:ef:
af:0d:5f:39:ac:09:7c:47:bd:3d:66:b0:f7:25:92:7c:9d:a8:
63:8d:cc:fa:64:d2:b3:1d:ed:45:b5:f6:bc:5b:e7:ae:b1:0c:
19:6e:a3:8f:30:22:39:27:bc:a6:f9:4e:34:f9:ed:af:db:b6:
09:41:6d:31:80:af:12:a4:3b:41:8f:39:cd:e1:48:b1:90:04:
77:14:3a:ea:3e:c2:61:83:e5:5e:fd:90:dc:28:80:96:74:da:
45:90:17:b7
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATcmMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTMyMTMwWhcNMjUxMjE2MTMyMTMwWjAYMRYw
FAYDVQQDEw02NzdlN2JkZS0wNmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuyPg9Mv+ahN6pFePb81wX+p6AwuEEgWKRbfOza27xyGMta07+hQDJGsj
TUZz4AbjcsV6wwRg6QrSuRJ6fqKdqxa70IBdOUXBAf4qNifsfB/9+PV2ktUPa6eS
yPpmGHp7qCD6Dk4BV+YKZ0wQl3S1IKtBpjsEuPM8iMhGS9mWFq17QhS98KF0OTEJ
16GPgfmSoPqu2zaoizb2fScPFU3Xi2hItBvdkM5lqQX77F0SM8L/yuCPksiuBu3t
zkuQUiA/HQMrLaZzexGv85XTb6vHM23Fe2WUKvJcEwi7fjdX7yX88agS2Y5q58iS
HeMvdofgNld3ZaHiz2zN0DdVFrtXCwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFBUq
7LJYQI2lhmeHA1fMGJCHCuyKMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83QUVEQ0MwQ0NEQzMxMUVGQkZBOUYzOEU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjyMA0GCSqGSIb3DQEB
CwUAA4IBAQBdQjIAnD638VoNwnTY01xfI3D3Fe115j9N0xQe72xXZyNgywAOMPu5
X8RxTtlzZUcEzppSMZUr38mG4xBPTqzmThSL6tKDtxQVM9e8nzNtI7ctxRI5wtPK
lnXZH0SHsFXsEqPett0idNSF97VYYYLtcDqVhVhxrKu96+QVYAtSgkwCNYufU27+
yil81o5yzAWs237Za4mYSjbORGTg0UYauO+vDV85rAl8R709ZrD3JZJ8nahjjcz6
ZNKzHe1Ftfa8W+eusQwZbqOPMCI5J7ym+U40+e2v27YJQW0xgK8SpDtBjznN4Uix
kAR3FDrqPsJhg+Ve/ZDcKICWdNpFkBe3
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:34 2025 by rpki-client