Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E29B19ECDEE11EF8A975E9D762E951A.roa
File: 7E29B19ECDEE11EF8A975E9D762E951A.roa (raw, json)
Hash identifier: 5Dzli+kDGClv5LUGVjrcxmZU2+MSbpY2+an5uLJ7Zb0=
Subject key identifier: 51:05:65:FB:4C:6F:F3:98:29:F1:C2:DE:70:18:42:08:F1:47:6C:9E
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013823
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E29B19ECDEE11EF8A975E9D762E951A.roa
Signing time: Wed 08 Jan 2025 18:29:27 +0000
ROA not before: Wed 08 Jan 2025 18:29:24 +0000
ROA not after: Sat 03 Jan 2026 18:29:24 +0000
asID: 984
IP address blocks: 154.91.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79907 (0x13823)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 18:29:24 2025 GMT
Not After : Jan 3 18:29:24 2026 GMT
Subject: CN=677ec407-017b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:70:56:5e:7e:5a:be:b0:52:5b:b8:4b:78:53:
95:89:26:2f:bc:6a:e0:c5:c1:ed:7c:21:8c:52:ea:
89:fc:57:fd:b6:04:57:0b:c2:65:f3:86:76:70:72:
18:a0:5a:ea:19:6b:2e:19:cf:98:ae:1a:b5:4f:e6:
ae:b8:3b:84:29:0e:d2:b3:07:1e:78:f8:46:db:20:
5e:2b:73:65:22:53:5f:ba:50:f3:aa:ac:59:16:22:
37:2e:7e:b8:8b:08:85:ee:3d:2b:0f:a0:8d:a9:46:
a6:fb:f2:88:ef:f5:a3:ed:81:54:37:9d:93:8b:91:
5a:0f:fc:49:17:41:1b:7f:ce:7b:90:cd:bd:58:fc:
8a:f2:65:3d:8e:23:4a:31:9e:9c:63:86:de:3c:87:
0d:9c:1f:4b:58:27:89:e1:4c:55:09:50:5a:03:a3:
f5:36:27:20:d9:8f:64:9e:ae:ff:ea:17:89:5b:8e:
a8:d5:c0:d2:68:b4:72:fc:63:df:1a:17:aa:82:02:
b6:0a:a0:b2:e9:ab:3e:cd:e5:84:8a:5c:56:51:35:
c4:0e:38:eb:73:79:ba:7c:18:f8:e0:9b:58:8c:2a:
a3:33:63:bb:2f:53:0c:b0:94:d3:ac:ee:be:39:38:
7d:73:02:85:c6:5e:ca:f7:eb:6a:5e:ad:0a:0b:dd:
f3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:05:65:FB:4C:6F:F3:98:29:F1:C2:DE:70:18:42:08:F1:47:6C:9E
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/7E29B19ECDEE11EF8A975E9D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.91.140.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:b1:9e:b3:20:c9:44:13:f9:18:2f:92:69:f8:72:ec:92:ed:
75:d7:03:48:2c:40:1f:0b:b1:d3:8e:cb:8d:23:b2:6e:94:65:
bf:a5:b0:94:07:cc:aa:cd:d6:2a:91:b0:e4:2e:fd:da:ff:7b:
54:0f:a0:81:c0:1c:ca:25:68:0f:08:19:04:9f:40:c5:b8:12:
37:95:57:18:c7:cf:47:cf:5f:c7:fe:02:67:31:46:35:c4:3c:
df:61:44:f4:f0:de:17:07:5a:5b:b6:45:1f:d0:5b:8f:43:87:
a6:84:c4:cf:75:df:e3:0d:13:16:e6:49:ab:5b:ef:cc:3e:36:
cd:f7:24:1b:0e:a1:6e:43:fa:ca:3a:d0:b5:21:08:4a:31:5d:
54:46:a2:5f:b5:c3:cd:ec:54:5c:74:e5:46:b9:28:91:bf:c9:
f4:5b:bc:fd:01:02:30:38:3d:e6:50:00:b3:0c:25:e5:58:55:
56:a5:5e:59:3d:7a:b4:ae:fd:e4:54:7c:0e:00:6e:d0:83:4d:
a5:85:9b:ae:0b:96:19:13:ea:91:a5:f0:87:8e:e8:60:64:66:
2c:23:eb:ff:5a:6b:d3:39:ba:e2:53:9e:28:39:d2:ef:0f:fd:
dc:2f:b6:3d:63:85:e6:98:e5:33:0e:f8:be:0a:c9:62:02:71:
a8:62:58:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATgjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTgyOTI0WhcNMjYwMTAzMTgyOTI0WjAYMRYw
FAYDVQQDEw02NzdlYzQwNy0wMTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy3BWXn5avrBSW7hLeFOViSYvvGrgxcHtfCGMUuqJ/Ff9tgRXC8Jl84Z2
cHIYoFrqGWsuGc+Yrhq1T+auuDuEKQ7SswceePhG2yBeK3NlIlNfulDzqqxZFiI3
Ln64iwiF7j0rD6CNqUam+/KI7/Wj7YFUN52Ti5FaD/xJF0Ebf857kM29WPyK8mU9
jiNKMZ6cY4bePIcNnB9LWCeJ4UxVCVBaA6P1Nicg2Y9knq7/6heJW46o1cDSaLRy
/GPfGheqggK2CqCy6as+zeWEilxWUTXEDjjrc3m6fBj44JtYjCqjM2O7L1MMsJTT
rO6+OTh9cwKFxl7K9+tqXq0KC93zTwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFEF
ZftMb/OYKfHC3nAYQgjxR2yeMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC83RTI5QjE5RUNERUUxMUVGOEE5NzVFOUQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmluMMA0GCSqGSIb3DQEB
CwUAA4IBAQDQsZ6zIMlEE/kYL5Jp+HLsku111wNILEAfC7HTjsuNI7JulGW/pbCU
B8yqzdYqkbDkLv3a/3tUD6CBwBzKJWgPCBkEn0DFuBI3lVcYx89Hz1/H/gJnMUY1
xDzfYUT08N4XB1pbtkUf0FuPQ4emhMTPdd/jDRMW5kmrW+/MPjbN9yQbDqFuQ/rK
OtC1IQhKMV1URqJftcPN7FRcdOVGuSiRv8n0W7z9AQIwOD3mUACzDCXlWFVWpV5Z
PXq0rv3kVHwOAG7Qg02lhZuuC5YZE+qRpfCHjuhgZGYsI+v/WmvTObriU54oOdLv
D/3cL7Y9Y4XmmOUzDvi+CsliAnGoYlhB
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:26:20 2025 by rpki-client