Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C67698EF3F711EFB7086753762E951A.roa
File: 8C67698EF3F711EFB7086753762E951A.roa (raw, json)
Hash identifier: 84Ximfcr/mKLOeIYNOLvdOaYDDSgITk5FcjfZDKVag0=
Subject key identifier: 5B:DB:1A:6F:3A:46:D2:82:22:2C:4B:46:24:E1:3E:56:A5:30:75:7B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0160C7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C67698EF3F711EFB7086753762E951A.roa
Signing time: Wed 26 Feb 2025 04:10:01 +0000
ROA not before: Wed 26 Feb 2025 04:09:57 +0000
ROA not after: Thu 19 Feb 2026 04:09:57 +0000
asID: 984
IP address blocks: 154.203.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 12 Apr 2025 00:06:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90311 (0x160c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 04:09:57 2025 GMT
Not After : Feb 19 04:09:57 2026 GMT
Subject: CN=67be9419-8631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:43:2f:04:33:09:8e:68:63:be:fd:1d:36:0c:
58:3b:50:17:d6:63:b9:5a:d7:43:08:00:4a:3c:4f:
9a:fa:67:ee:eb:4c:7e:50:85:de:ce:f1:a9:99:09:
52:71:bc:40:86:7d:96:d5:87:32:ef:64:1c:6f:9f:
23:ca:ca:c4:de:d8:b0:c3:ec:57:f1:c5:fa:a4:52:
1e:83:b4:6f:c0:7c:92:cb:e2:68:cc:6f:ff:f1:3a:
c8:a1:7a:2f:19:47:7f:77:7e:93:aa:0e:a8:93:fc:
9f:80:f2:f5:dc:07:00:ca:fc:e5:c2:7f:80:6a:07:
e7:25:71:01:f9:d4:88:ce:bd:33:77:3f:06:ab:a6:
1c:f8:23:02:30:2a:42:a1:bc:1d:e7:28:70:35:88:
1e:13:06:62:c0:49:67:e9:4b:70:61:00:93:83:59:
4d:94:a9:5a:d3:a2:91:96:49:0f:9a:2f:9f:e5:dc:
d9:f4:27:0f:ea:08:48:e5:69:d2:e4:c4:22:bd:18:
8b:ed:bd:b7:4d:4d:7f:02:43:da:57:0e:10:3a:e5:
18:ee:6c:76:ef:8d:2d:38:97:ed:a3:ae:bf:e5:a7:
09:a1:93:5c:82:8c:fe:15:56:77:f0:05:3e:7e:cf:
53:66:d8:e9:6b:d8:c2:c4:7e:0a:47:d0:82:d1:2a:
79:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DB:1A:6F:3A:46:D2:82:22:2C:4B:46:24:E1:3E:56:A5:30:75:7B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/8C67698EF3F711EFB7086753762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.123.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:8d:b2:66:85:88:6e:d7:83:51:9b:fa:84:49:41:d2:02:ec:
c9:33:90:4a:64:09:0d:7b:70:f4:26:02:90:97:2c:62:4e:08:
89:ea:05:49:e6:34:cf:a9:06:12:de:e0:0e:bc:89:c8:01:1a:
af:a3:6b:68:0b:2c:e6:6c:ae:05:72:d8:a3:a4:c2:1d:68:c3:
52:e6:aa:ea:6d:f5:dc:8e:77:f0:8b:2c:de:fa:6c:e2:aa:b8:
63:45:72:31:c5:3a:70:d9:16:c2:69:68:3d:00:a4:af:31:fb:
c0:7e:77:06:b3:b9:a9:56:84:0e:18:93:98:90:a5:7d:db:57:
f8:46:75:cb:3a:fb:db:28:b3:7f:11:e9:b6:c7:61:33:a1:d3:
97:d4:ca:12:da:eb:1d:28:40:75:78:d0:e8:87:27:f0:a2:8a:
6a:e8:b8:b3:c3:f8:33:3f:b6:8a:6f:80:5b:e3:c7:67:89:dd:
93:8c:f5:4f:5a:7f:72:f1:05:3d:ce:7d:31:ea:ab:ea:a3:87:
9b:cd:5a:c7:a3:19:3c:f9:d8:80:4a:f5:88:23:90:b6:b0:97:
05:9c:2b:1a:d8:3a:e4:b9:88:92:e7:de:fb:5f:88:d6:7d:7b:
59:3a:40:15:83:06:bd:e0:38:09:c8:69:c5:f8:7d:36:26:95:
58:1b:c1:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWDHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDQwOTU3WhcNMjYwMjE5MDQwOTU3WjAYMRYw
FAYDVQQDEw02N2JlOTQxOS04NjMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAw0MvBDMJjmhjvv0dNgxYO1AX1mO5WtdDCABKPE+a+mfu60x+UIXezvGp
mQlScbxAhn2W1Ycy72Qcb58jysrE3tiww+xX8cX6pFIeg7RvwHySy+JozG//8TrI
oXovGUd/d36Tqg6ok/yfgPL13AcAyvzlwn+AagfnJXEB+dSIzr0zdz8Gq6Yc+CMC
MCpCobwd5yhwNYgeEwZiwEln6UtwYQCTg1lNlKla06KRlkkPmi+f5dzZ9CcP6ghI
5WnS5MQivRiL7b23TU1/AkPaVw4QOuUY7mx2740tOJfto66/5acJoZNcgoz+FVZ3
8AU+fs9TZtjpa9jCxH4KR9CC0Sp5WwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFvb
Gm86RtKCIixLRiThPlalMHV7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC84QzY3Njk4RUYzRjcxMUVGQjcwODY3NTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmst7MA0GCSqGSIb3DQEB
CwUAA4IBAQA/jbJmhYhu14NRm/qESUHSAuzJM5BKZAkNe3D0JgKQlyxiTgiJ6gVJ
5jTPqQYS3uAOvInIARqvo2toCyzmbK4FctijpMIdaMNS5qrqbfXcjnfwiyze+mzi
qrhjRXIxxTpw2RbCaWg9AKSvMfvAfncGs7mpVoQOGJOYkKV921f4RnXLOvvbKLN/
Eem2x2EzodOX1MoS2usdKEB1eNDohyfwoopq6Lizw/gzP7aKb4Bb48dnid2TjPVP
Wn9y8QU9zn0x6qvqo4ebzVrHoxk8+diASvWII5C2sJcFnCsa2DrkuYiS5977X4jW
fXtZOkAVgwa94DgJyGnF+H02JpVYG8GA
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:37:38 2025 by rpki-client