Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/919759B6096711F0A499FAAE762E951A.roa
File: 919759B6096711F0A499FAAE762E951A.roa (raw, json)
Hash identifier: Qo6VYlrprOkfnFS8fNU8mtoj3OP7C9e6TgOlZowIZN0=
Subject key identifier: BA:0F:57:30:F3:20:30:54:26:9C:CC:57:1B:85:AD:D3:C3:99:98:58
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017628
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/919759B6096711F0A499FAAE762E951A.roa
Signing time: Tue 25 Mar 2025 10:54:48 +0000
ROA not before: Tue 25 Mar 2025 10:54:44 +0000
ROA not after: Tue 03 Jun 2025 10:54:44 +0000
asID: 138915
IP address blocks: 154.94.66.0/23 maxlen: 24
154.94.86.0/24 maxlen: 24
154.94.87.0/24 maxlen: 24
154.94.116.0/24 maxlen: 24
154.94.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95784 (0x17628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Mar 25 10:54:44 2025 GMT
Not After : Jun 3 10:54:44 2025 GMT
Subject: CN=67e28b78-9d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d7:09:1d:1e:60:54:c3:1b:ff:5e:46:aa:7d:
b3:bc:85:dc:c4:b9:ff:99:b3:25:ba:22:ae:72:db:
a7:16:b7:f3:bd:ef:2a:ec:58:75:ca:c0:d3:e8:96:
cd:ee:3c:52:86:cd:ad:a5:2b:0d:a2:79:59:19:65:
7f:ae:5f:e5:7f:fc:da:85:ee:ce:2b:0d:27:27:67:
0a:25:6f:ba:65:05:63:15:5e:8b:31:89:ed:15:74:
6c:38:ef:d3:64:b8:f9:8d:f6:b6:4d:cb:5c:ed:2b:
73:64:ea:5b:a6:b4:b0:d9:5a:88:cd:18:46:f1:4e:
d7:4b:4b:13:f9:98:be:a0:63:fd:f4:f1:70:9a:99:
7a:ce:d3:60:9c:92:5f:bb:ff:0c:77:88:83:b1:0e:
61:ff:01:7c:7a:44:d2:17:69:b0:7b:69:22:5e:d7:
b9:1d:c1:d6:44:d0:f3:1a:5d:f3:7e:55:56:04:ed:
88:30:f0:25:95:e6:ed:9f:b5:4e:19:d2:cb:0d:40:
21:4e:fd:6b:fa:ed:a4:24:9f:98:86:ce:d0:91:4e:
be:1c:c3:dc:e2:17:0d:f0:8a:55:8b:98:06:c8:27:
99:e7:a2:11:d8:90:86:8c:5e:8d:34:16:f9:c4:ab:
7d:6f:52:a4:4b:d9:47:c9:29:7a:0f:11:cd:55:da:
9b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0F:57:30:F3:20:30:54:26:9C:CC:57:1B:85:AD:D3:C3:99:98:58
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/919759B6096711F0A499FAAE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.66.0/23
154.94.86.0/23
154.94.116.0/24
154.94.125.0/24
Signature Algorithm: sha256WithRSAEncryption
90:c6:86:20:bc:da:a2:0b:ec:b6:e9:1b:25:d2:fb:8b:92:91:
fa:be:14:a2:06:21:f4:96:26:96:89:9e:69:3f:d2:ea:15:5f:
8e:dc:0a:0e:fe:ee:02:49:94:2b:98:2e:29:fa:9b:6c:44:c5:
ba:ea:07:ca:da:0d:77:bc:f5:72:d5:5f:0e:be:c6:a5:9d:61:
0a:2a:9f:38:07:30:9e:5b:45:c2:d7:ee:ba:d3:c7:30:9e:c3:
b8:b7:eb:29:d0:32:87:6f:99:52:91:65:1e:27:cf:dd:25:b9:
8a:34:27:48:d2:6a:dc:7d:6d:05:b9:4d:e6:aa:27:e4:27:8b:
82:79:08:51:45:2e:eb:41:53:0b:9d:35:60:3c:25:25:a2:62:
bd:b5:7b:67:cf:99:23:d8:a3:f1:91:d4:f5:f2:37:fb:65:fd:
d8:e3:55:55:3b:34:2e:45:c2:c8:04:b9:28:92:e6:cb:d6:d3:
3e:00:a9:dc:19:94:f0:50:dc:e4:20:99:0a:b7:ad:3e:14:7d:
69:cc:fb:59:5c:8c:79:fc:f7:b8:8e:35:9a:86:ed:f6:a4:ec:
d9:79:d2:46:23:07:8d:18:62:1e:04:01:fa:c4:12:93:b0:78:
a7:18:df:bb:0f:89:5a:8b:e3:05:e6:21:f9:66:3e:fc:22:4b:
bc:06:0f:2b
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIDAXYoMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMzI1MTA1NDQ0WhcNMjUwNjAzMTA1NDQ0WjAYMRYw
FAYDVQQDEw02N2UyOGI3OC05ZDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAm9cJHR5gVMMb/15Gqn2zvIXcxLn/mbMluiKuctunFrfzve8q7Fh1ysDT
6JbN7jxShs2tpSsNonlZGWV/rl/lf/zahe7OKw0nJ2cKJW+6ZQVjFV6LMYntFXRs
OO/TZLj5jfa2Tctc7StzZOpbprSw2VqIzRhG8U7XS0sT+Zi+oGP99PFwmpl6ztNg
nJJfu/8Md4iDsQ5h/wF8ekTSF2mwe2kiXte5HcHWRNDzGl3zflVWBO2IMPAllebt
n7VOGdLLDUAhTv1r+u2kJJ+Yhs7QkU6+HMPc4hcN8IpVi5gGyCeZ56IR2JCGjF6N
NBb5xKt9b1KkS9lHySl6DxHNVdqb9wIDAQABo4ICtzCCArMwHQYDVR0OBBYEFLoP
VzDzIDBUJpzMVxuFrdPDmZhYMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85MTk3NTlCNjA5NjcxMUYwQTQ5OUZBQUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBml5CAwQBml5WAwQAml50
AwQAml59MA0GCSqGSIb3DQEBCwUAA4IBAQCQxoYgvNqiC+y26Rsl0vuLkpH6vhSi
BiH0liaWiZ5pP9LqFV+O3AoO/u4CSZQrmC4p+ptsRMW66gfK2g13vPVy1V8Ovsal
nWEKKp84BzCeW0XC1+6608cwnsO4t+sp0DKHb5lSkWUeJ8/dJbmKNCdI0mrcfW0F
uU3mqifkJ4uCeQhRRS7rQVMLnTVgPCUlomK9tXtnz5kj2KPxkdT18jf7Zf3Y41VV
OzQuRcLIBLkokubL1tM+AKncGZTwUNzkIJkKt60+FH1pzPtZXIx5/Pe4jjWahu32
pOzZedJGIweNGGIeBAH6xBKTsHinGN+7D4lai+MF5iH5Zj78Iku8Bg8r
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:52:55 2025 by rpki-client