Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/832B9C3EC42A11EFA179718D762E951A.roa
File: 832B9C3EC42A11EFA179718D762E951A.roa (raw, json)
Hash identifier: zfbMCuZfvLPHBwMng+i+f1WItle10WAbMM8T1ghy3EY=
Subject key identifier: 4C:40:16:CD:97:F5:62:81:0E:90:5E:8C:F1:5A:2C:E6:FB:F6:98:89
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012A1B
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/832B9C3EC42A11EFA179718D762E951A.roa
Signing time: Fri 27 Dec 2024 08:13:54 +0000
ROA not before: Fri 27 Dec 2024 08:13:49 +0000
ROA not after: Sun 12 Dec 2027 08:13:49 +0000
asID: 17561
IP address blocks: 154.202.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76315 (0x12a1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 27 08:13:49 2024 GMT
Not After : Dec 12 08:13:49 2027 GMT
Subject: CN=676e61c2-99dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8d:da:e3:0b:de:d1:b8:8c:8e:cf:4e:19:4d:
c1:a7:73:80:8f:e7:9d:a1:3f:9f:73:fc:90:6f:ff:
65:d6:2d:13:14:00:ed:a0:e4:a5:9c:5a:27:5c:de:
84:68:4e:55:3e:c2:50:2f:b2:a7:30:2e:09:c1:b6:
f8:f2:bb:71:7a:07:56:b6:43:28:52:e1:9e:d2:58:
99:73:db:26:38:c5:6c:2d:a0:c7:6c:01:d5:c0:f3:
ec:ef:86:34:7b:f3:b4:8e:7d:46:f3:89:a7:96:a0:
d3:7a:ef:56:dd:32:9b:c2:47:dc:03:48:bf:81:c0:
3e:d8:4f:b5:ba:dd:94:fc:00:fd:a0:3b:88:e0:04:
a8:e4:e3:3c:9a:91:3e:3b:bd:16:d2:4f:ca:07:eb:
6b:d2:93:19:91:d2:28:8b:5b:3e:39:9a:ea:af:d3:
20:46:f0:1c:ae:2b:de:48:6e:37:ca:d0:86:b9:1b:
eb:2e:e1:7b:0d:c4:ab:cf:78:1d:d2:a6:4d:de:fd:
37:a2:a2:a3:ed:a6:87:d2:bf:bb:73:d9:32:4a:d1:
f6:a0:a3:8d:9c:d8:90:99:1a:ee:37:05:3e:9e:f2:
63:d9:48:18:ae:89:dc:9b:4c:f7:0c:03:6e:ff:40:
33:70:54:4a:51:fe:a9:6e:f1:1a:85:a7:b1:2c:a3:
7c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:40:16:CD:97:F5:62:81:0E:90:5E:8C:F1:5A:2C:E6:FB:F6:98:89
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/832B9C3EC42A11EFA179718D762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.202.117.0/24
Signature Algorithm: sha256WithRSAEncryption
92:c8:e2:64:1d:fd:8b:d4:1d:ea:0a:80:4e:cd:6e:b7:e0:d1:
7f:70:0d:b3:c8:87:ff:8d:80:98:e7:6a:9b:b3:ca:62:75:85:
89:ec:af:2e:87:6b:82:18:ab:25:bb:72:eb:fb:52:01:9e:a3:
22:d4:68:bf:16:7e:95:ac:a1:0c:3c:8a:05:39:2b:a6:ec:10:
09:1f:b9:a6:dd:42:62:b1:d7:4c:56:54:63:52:f4:04:83:4c:
4d:b6:4c:89:30:6a:b2:00:9d:a8:19:7f:95:7d:17:3e:66:8c:
1d:de:fb:2e:d0:4c:25:13:d2:11:4b:5d:8a:d4:6f:a0:f2:02:
91:7f:3e:0a:e2:e1:ee:18:66:8d:44:64:d2:08:53:84:c6:1d:
cd:56:24:35:48:b2:b8:b7:85:5e:e6:ce:ae:bb:58:27:7e:e8:
52:b1:60:88:fb:36:e3:9b:8c:cb:91:64:cc:60:44:0d:58:4a:
b2:a5:b8:5a:f0:36:fa:d9:b6:60:05:8a:06:a9:b9:ec:21:ca:
12:dd:60:d4:61:86:d5:9a:9c:bf:1d:b8:42:e5:4f:e3:15:9f:
9d:2c:cb:ee:7c:30:18:2e:4d:d2:7d:13:de:a8:0b:4c:13:4a:
55:84:d1:4f:1e:62:16:3f:7c:18:4a:71:24:f4:d8:10:41:2f:
08:0f:1c:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASobMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI3MDgxMzQ5WhcNMjcxMjEyMDgxMzQ5WjAYMRYw
FAYDVQQDEw02NzZlNjFjMi05OWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuo3a4wve0biMjs9OGU3Bp3OAj+edoT+fc/yQb/9l1i0TFADtoOSlnFon
XN6EaE5VPsJQL7KnMC4Jwbb48rtxegdWtkMoUuGe0liZc9smOMVsLaDHbAHVwPPs
74Y0e/O0jn1G84mnlqDTeu9W3TKbwkfcA0i/gcA+2E+1ut2U/AD9oDuI4ASo5OM8
mpE+O70W0k/KB+tr0pMZkdIoi1s+OZrqr9MgRvAcriveSG43ytCGuRvrLuF7DcSr
z3gd0qZN3v03oqKj7aaH0r+7c9kyStH2oKONnNiQmRruNwU+nvJj2UgYroncm0z3
DANu/0AzcFRKUf6pbvEahaexLKN8aQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFExA
Fs2X9WKBDpBejPFaLOb79piJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84MzJCOUMzRUM0MkExMUVGQTE3OTcxOEQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsp1MA0GCSqGSIb3DQEB
CwUAA4IBAQCSyOJkHf2L1B3qCoBOzW634NF/cA2zyIf/jYCY52qbs8pidYWJ7K8u
h2uCGKslu3Lr+1IBnqMi1Gi/Fn6VrKEMPIoFOSum7BAJH7mm3UJisddMVlRjUvQE
g0xNtkyJMGqyAJ2oGX+VfRc+Zowd3vsu0EwlE9IRS12K1G+g8gKRfz4K4uHuGGaN
RGTSCFOExh3NViQ1SLK4t4Ve5s6uu1gnfuhSsWCI+zbjm4zLkWTMYEQNWEqypbha
8Db62bZgBYoGqbnsIcoS3WDUYYbVmpy/HbhC5U/jFZ+dLMvufDAYLk3SfRPeqAtM
E0pVhNFPHmIWP3wYSnEk9NgQQS8IDxwA
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:50:12 2025 by rpki-client