Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81FBE9ECC5FE11EF8A54EA9A762E951A.roa
File: 81FBE9ECC5FE11EF8A54EA9A762E951A.roa (raw, json)
Hash identifier: sOxRt9L4ycez778j+YmTIlETJmQ0E5yipeUfAColwZ8=
Subject key identifier: 29:5E:D1:B7:F5:44:27:45:DA:EC:5B:DF:5F:57:42:BA:05:72:C2:47
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012E48
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81FBE9ECC5FE11EF8A54EA9A762E951A.roa
Signing time: Sun 29 Dec 2024 16:03:56 +0000
ROA not before: Sun 29 Dec 2024 16:03:53 +0000
ROA not after: Sun 12 Dec 2027 16:03:53 +0000
asID: 17561
IP address blocks: 154.217.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77384 (0x12e48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 16:03:53 2024 GMT
Not After : Dec 12 16:03:53 2027 GMT
Subject: CN=677172ec-6a3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:01:7c:7a:95:9f:06:af:eb:f3:ea:81:86:c7:
fa:9d:07:e4:2a:91:0a:b3:3a:c3:a5:07:c4:db:f0:
7f:18:47:92:28:1b:88:13:4a:72:9e:b9:05:fc:ee:
5e:f8:8b:52:75:44:8e:2e:0c:cf:d1:7b:dc:09:32:
77:90:0e:7d:4b:b4:e0:76:03:4f:33:e9:c9:42:72:
ff:47:80:c4:c5:e8:f1:1d:a1:a4:aa:2a:16:55:88:
7a:88:7c:61:bb:cb:10:44:b2:7e:94:25:03:5e:85:
e3:43:c6:53:63:48:bd:2b:b9:ed:71:2a:e5:dd:b4:
0b:d0:1a:26:12:76:55:76:63:48:04:b0:f6:86:54:
b5:69:3b:68:28:9c:1b:62:bf:e6:a4:80:7b:cc:c8:
5d:36:78:88:4d:ae:d1:d5:f2:00:f0:e1:4d:30:22:
0d:14:09:f8:93:42:45:27:57:7b:6d:38:2d:13:e7:
c3:72:8e:3f:d7:b3:df:ec:07:99:17:b6:3b:b8:f5:
21:fa:63:2e:2a:25:d1:35:49:fd:71:da:e6:d1:ea:
b2:cf:ac:9a:c6:f3:d2:8b:3d:31:4f:95:cf:89:82:
5f:11:ca:51:ce:c8:6a:f8:15:aa:07:4a:4b:68:a5:
7f:9b:ec:ff:ac:d8:50:79:1a:11:99:ec:39:66:6c:
ab:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5E:D1:B7:F5:44:27:45:DA:EC:5B:DF:5F:57:42:BA:05:72:C2:47
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/81FBE9ECC5FE11EF8A54EA9A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.7.0/24
Signature Algorithm: sha256WithRSAEncryption
40:6a:53:52:fa:95:1a:d4:89:c1:9a:06:79:f1:5d:dc:4d:16:
86:bb:d5:0e:be:14:88:3a:6e:fc:41:15:83:9a:58:4e:be:88:
fd:87:c5:29:d7:ad:a0:89:1f:51:db:3e:ef:7e:d7:d0:e2:a8:
a1:ef:a9:00:cb:5e:47:b3:ea:a7:e2:71:70:6b:4f:64:9c:ce:
06:79:dd:73:c3:93:d2:95:64:c8:93:cd:ab:81:11:5a:ab:98:
ec:f3:f3:57:74:30:3c:1e:52:3c:ae:07:4e:c3:5a:e4:a2:8d:
3e:5e:20:97:3c:eb:70:a7:16:02:54:b2:5a:f8:08:6e:26:48:
b6:94:39:23:d7:7c:fe:f6:9b:bf:58:ba:e5:02:ac:75:2c:3a:
68:01:15:1a:06:a5:8b:e7:75:19:72:f3:dd:0b:27:6a:2e:94:
7f:95:21:84:a8:9f:af:46:40:29:90:1f:04:34:b5:11:6a:93:
04:2e:50:1d:0b:43:fb:25:bd:f5:f8:5a:8d:d2:d1:f2:cc:a0:
62:3f:30:39:21:40:ea:4f:ab:6e:90:fb:9a:d6:26:00:2c:3e:
85:35:50:d8:6c:6e:0b:98:76:7d:22:dc:d3:8c:ad:b0:ca:c6:
a8:d4:51:d7:ed:25:6f:8a:58:9a:df:e4:03:dd:e8:a1:b7:cb:
28:19:1c:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS5IMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTYwMzUzWhcNMjcxMjEyMTYwMzUzWjAYMRYw
FAYDVQQDEw02NzcxNzJlYy02YTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwgF8epWfBq/r8+qBhsf6nQfkKpEKszrDpQfE2/B/GEeSKBuIE0pynrkF
/O5e+ItSdUSOLgzP0XvcCTJ3kA59S7TgdgNPM+nJQnL/R4DExejxHaGkqioWVYh6
iHxhu8sQRLJ+lCUDXoXjQ8ZTY0i9K7ntcSrl3bQL0BomEnZVdmNIBLD2hlS1aTto
KJwbYr/mpIB7zMhdNniITa7R1fIA8OFNMCINFAn4k0JFJ1d7bTgtE+fDco4/17Pf
7AeZF7Y7uPUh+mMuKiXRNUn9cdrm0eqyz6yaxvPSiz0xT5XPiYJfEcpRzshq+BWq
B0pLaKV/m+z/rNhQeRoRmew5Zmyr6QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCle
0bf1RCdF2uxb319XQroFcsJHMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MUZCRTlFQ0M1RkUxMUVGOEE1NEVBOUE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtkHMA0GCSqGSIb3DQEB
CwUAA4IBAQBAalNS+pUa1InBmgZ58V3cTRaGu9UOvhSIOm78QRWDmlhOvoj9h8Up
162giR9R2z7vftfQ4qih76kAy15Hs+qn4nFwa09knM4Ged1zw5PSlWTIk82rgRFa
q5js8/NXdDA8HlI8rgdOw1rkoo0+XiCXPOtwpxYCVLJa+AhuJki2lDkj13z+9pu/
WLrlAqx1LDpoARUaBqWL53UZcvPdCydqLpR/lSGEqJ+vRkApkB8ENLURapMELlAd
C0P7Jb31+FqN0tHyzKBiPzA5IUDqT6tukPua1iYALD6FNVDYbG4LmHZ9ItzTjK2w
ysao1FHX7SVvilia3+QD3eiht8soGRzi
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:41 2025 by rpki-client