Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95AEBF82C54A11EFB37A30A6762E951A.roa
File: 95AEBF82C54A11EFB37A30A6762E951A.roa (raw, json)
Hash identifier: /amm3U12iTOfsT9G70HcL4JCvVsJSVjgi8vl5DPU2J8=
Subject key identifier: 22:D8:52:65:0E:D5:A4:5C:65:A4:92:A3:54:FC:CE:56:33:46:E2:48
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012CD5
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95AEBF82C54A11EFB37A30A6762E951A.roa
Signing time: Sat 28 Dec 2024 18:36:00 +0000
ROA not before: Sat 28 Dec 2024 18:35:56 +0000
ROA not after: Sun 12 Dec 2027 18:35:56 +0000
asID: 17561
IP address blocks: 154.209.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77013 (0x12cd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 28 18:35:56 2024 GMT
Not After : Dec 12 18:35:56 2027 GMT
Subject: CN=67704510-8462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b7:97:4a:61:41:b6:60:00:f7:6b:94:5d:5d:
8e:c4:2c:2a:08:4c:39:8b:aa:9d:6a:c8:b3:88:58:
36:b0:ba:12:96:d1:80:f1:d4:8a:46:b6:b6:99:96:
95:f2:49:d7:1a:f4:1b:79:88:7c:ac:2c:93:f0:8b:
45:0e:62:b0:a9:95:0f:ee:fe:25:fc:cb:0f:33:d3:
d8:e0:c0:01:d2:99:ae:3a:6c:79:71:2e:0c:dc:89:
85:a6:18:28:81:f8:91:c6:6d:53:ec:2d:8d:4d:ef:
15:69:ae:8b:53:54:d8:3d:b7:64:59:58:76:60:34:
1e:d7:e7:90:db:a0:5e:0d:ae:81:ea:8e:cf:2e:fe:
b4:ad:3c:47:59:96:d4:d2:bf:8f:74:9c:0d:0c:09:
76:c7:31:4a:6b:6b:11:7b:38:21:d5:fa:83:fd:92:
53:83:40:bd:ad:1f:58:12:b2:62:c3:c3:b9:8e:e2:
b3:40:62:e6:52:a2:34:b4:bf:7e:e7:33:99:38:e1:
34:98:76:34:07:a0:0d:b5:1d:ca:51:4d:bc:03:fc:
8a:46:ee:74:d9:8e:8c:5e:92:fd:56:73:73:e7:47:
10:87:4f:f6:c0:a3:38:ff:36:ae:11:b7:1d:00:01:
e9:9e:f2:c3:a8:02:ae:bd:de:7e:b1:80:43:7a:2a:
e7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D8:52:65:0E:D5:A4:5C:65:A4:92:A3:54:FC:CE:56:33:46:E2:48
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/95AEBF82C54A11EFB37A30A6762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.71.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:0f:ad:ac:94:9c:9a:c8:5c:60:42:78:13:1c:93:a2:56:d1:
d4:13:98:1f:75:59:d0:9b:4c:47:b6:f5:38:e0:63:bc:5f:72:
89:0d:f0:ae:f0:e9:d3:7d:3f:bf:1c:65:c0:ec:77:2e:84:2a:
f3:da:ee:d7:1e:6b:33:bd:24:49:19:d8:ec:7c:d5:99:31:48:
6e:ab:1a:0b:78:81:40:48:03:36:dc:fb:80:28:14:cd:c5:38:
cd:64:a5:16:42:15:ab:60:00:16:6b:03:c3:ee:56:b6:a9:b7:
3b:f6:a1:0f:9a:95:4d:f0:79:7d:f5:84:1c:a3:86:bb:fb:72:
c6:6e:86:c1:ab:f7:aa:25:5b:db:95:26:d1:42:43:76:37:fb:
40:d9:ea:5f:0a:a9:9a:dd:c8:b3:b0:16:47:d3:2e:a5:e4:b0:
82:7f:12:29:ac:fd:b8:9a:09:e2:0a:ec:37:44:02:70:5d:20:
5e:2a:c9:60:95:4e:3a:3d:2c:b5:34:47:dc:89:1f:f3:36:79:
3c:6b:2a:a7:46:58:ce:98:c0:ec:e5:30:ff:15:c9:b6:f8:3a:
c6:f2:d7:80:a0:de:e2:27:7e:59:e9:6d:df:32:95:9c:ba:b4:
d2:69:98:37:f8:b1:d7:34:dd:6d:89:50:da:21:83:ff:b9:f1:
dc:6c:59:b0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASzVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI4MTgzNTU2WhcNMjcxMjEyMTgzNTU2WjAYMRYw
FAYDVQQDEw02NzcwNDUxMC04NDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAs7eXSmFBtmAA92uUXV2OxCwqCEw5i6qdasiziFg2sLoSltGA8dSKRra2
mZaV8knXGvQbeYh8rCyT8ItFDmKwqZUP7v4l/MsPM9PY4MAB0pmuOmx5cS4M3ImF
phgogfiRxm1T7C2NTe8Vaa6LU1TYPbdkWVh2YDQe1+eQ26BeDa6B6o7PLv60rTxH
WZbU0r+PdJwNDAl2xzFKa2sRezgh1fqD/ZJTg0C9rR9YErJiw8O5juKzQGLmUqI0
tL9+5zOZOOE0mHY0B6ANtR3KUU28A/yKRu502Y6MXpL9VnNz50cQh0/2wKM4/zau
EbcdAAHpnvLDqAKuvd5+sYBDeirnPwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCLY
UmUO1aRcZaSSo1T8zlYzRuJIMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85NUFFQkY4MkM1NEExMUVGQjM3QTMwQTY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtFHMA0GCSqGSIb3DQEB
CwUAA4IBAQAND62slJyayFxgQngTHJOiVtHUE5gfdVnQm0xHtvU44GO8X3KJDfCu
8OnTfT+/HGXA7HcuhCrz2u7XHmszvSRJGdjsfNWZMUhuqxoLeIFASAM23PuAKBTN
xTjNZKUWQhWrYAAWawPD7la2qbc79qEPmpVN8Hl99YQco4a7+3LGbobBq/eqJVvb
lSbRQkN2N/tA2epfCqma3cizsBZH0y6l5LCCfxIprP24mgniCuw3RAJwXSBeKslg
lU46PSy1NEfciR/zNnk8ayqnRljOmMDs5TD/Fcm2+DrG8teAoN7iJ35Z6W3fMpWc
urTSaZg3+LHXNN1tiVDaIYP/ufHcbFmw
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:45:27 2025 by rpki-client