Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AAD1908C35011EFBD34C99C762E951A.roa
File: 9AAD1908C35011EFBD34C99C762E951A.roa (raw, json)
Hash identifier: 18Nh/QBpyWzHW0lhxz2xZLSN+QkBKb0yLT2IbvblHYU=
Subject key identifier: 20:26:06:28:74:4E:26:48:20:45:6E:7F:04:FB:02:6D:F1:65:16:4F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0125A3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AAD1908C35011EFBD34C99C762E951A.roa
Signing time: Thu 26 Dec 2024 06:14:03 +0000
ROA not before: Thu 26 Dec 2024 06:14:00 +0000
ROA not after: Sun 12 Dec 2027 06:14:00 +0000
asID: 17561
IP address blocks: 154.95.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75171 (0x125a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 06:14:00 2024 GMT
Not After : Dec 12 06:14:00 2027 GMT
Subject: CN=676cf42b-99e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4c:d0:9c:63:df:d4:9c:b0:b1:d2:45:92:e2:
9e:81:f5:13:a8:1c:d2:d8:51:af:d3:fb:24:37:c3:
74:c0:d1:e3:88:9f:01:13:c6:fc:6a:23:0f:6d:8d:
f7:a5:67:df:b0:a3:4c:43:d3:ac:b8:98:db:c2:b7:
9b:38:bd:53:c2:fc:e0:a7:cb:e2:c6:df:13:fd:32:
1d:28:1d:13:a4:2f:76:df:d8:57:d5:2a:fb:79:a1:
4b:8a:6b:07:ab:f9:45:13:92:a9:9d:c0:1b:6c:03:
01:77:cf:ee:2e:f1:cd:59:3f:f7:3d:6d:c3:36:99:
0d:16:7d:5c:60:e0:e2:93:c5:c9:76:35:05:8a:37:
50:98:1c:78:60:a8:28:42:86:4e:f9:18:1e:90:cb:
1c:da:f9:6c:d5:51:6a:59:a7:71:23:d4:29:3c:2f:
c5:c8:58:c5:62:3b:55:75:7b:3c:c9:52:d8:f8:5c:
a9:e6:b7:94:3f:26:81:3b:1e:6e:90:81:96:39:f9:
17:e1:dc:6f:c8:77:88:13:1e:7f:2b:4c:71:31:50:
33:30:82:5d:8c:2a:9c:48:a4:1d:1d:b1:17:48:d2:
2c:77:92:c7:08:92:84:5d:3b:ea:47:e0:19:f4:0c:
32:a5:3f:3c:5c:88:86:a2:cd:dc:b9:65:e6:92:ee:
e8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:26:06:28:74:4E:26:48:20:45:6E:7F:04:FB:02:6D:F1:65:16:4F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9AAD1908C35011EFBD34C99C762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.30.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:b1:74:bc:a7:f1:fd:06:e5:dc:22:2b:1f:ad:2f:e3:de:61:
ec:ef:8d:ad:44:07:04:20:d2:30:1b:c5:c3:33:4a:06:45:de:
05:69:bf:57:13:c1:51:87:54:f6:3f:7b:5e:61:7d:08:02:aa:
2c:0c:9f:34:ba:d3:7d:d2:a8:f3:0b:87:02:61:b7:15:28:aa:
a4:ce:79:dd:fc:7a:e7:6b:33:0e:c4:d2:8e:bc:2c:4c:8f:bf:
a8:df:ad:8e:4e:52:84:5a:9c:96:71:fe:92:d1:0a:24:37:8f:
92:a6:b5:29:c1:5a:0d:64:bf:33:19:0c:51:f0:7d:8a:53:fa:
33:10:c1:f4:15:8a:a0:49:b2:e3:e0:55:dc:fa:41:93:4c:d7:
64:99:71:5e:ca:eb:7a:78:4a:aa:4c:f6:de:83:28:d6:db:84:
1f:bb:8a:d4:55:1a:92:ad:07:27:95:3e:e0:e3:29:1b:68:0b:
1b:63:28:d2:4b:1c:c8:d3:73:6f:f9:dc:49:39:3e:26:e3:60:
f1:59:7f:fd:d2:fd:1a:ed:84:63:8c:6c:f5:62:3a:e7:dd:c1:
5f:a7:9e:a5:ca:c4:73:7c:e5:ad:98:2d:a4:dd:2c:ee:fc:9d:
75:06:2e:d4:45:ff:70:75:bc:95:ba:62:ec:08:39:34:46:dc:
0c:b5:75:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASWjMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDYxNDAwWhcNMjcxMjEyMDYxNDAwWjAYMRYw
FAYDVQQDEw02NzZjZjQyYi05OWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAp0zQnGPf1JywsdJFkuKegfUTqBzS2FGv0/skN8N0wNHjiJ8BE8b8aiMP
bY33pWffsKNMQ9OsuJjbwrebOL1Twvzgp8vixt8T/TIdKB0TpC9239hX1Sr7eaFL
imsHq/lFE5KpncAbbAMBd8/uLvHNWT/3PW3DNpkNFn1cYODik8XJdjUFijdQmBx4
YKgoQoZO+RgekMsc2vls1VFqWadxI9QpPC/FyFjFYjtVdXs8yVLY+Fyp5reUPyaB
Ox5ukIGWOfkX4dxvyHeIEx5/K0xxMVAzMIJdjCqcSKQdHbEXSNIsd5LHCJKEXTvq
R+AZ9AwypT88XIiGos3cuWXmku7onQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCAm
Bih0TiZIIEVufwT7Am3xZRZPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QUFEMTkwOEMzNTAxMUVGQkQzNEM5OUM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8eMA0GCSqGSIb3DQEB
CwUAA4IBAQAtsXS8p/H9BuXcIisfrS/j3mHs742tRAcEINIwG8XDM0oGRd4Fab9X
E8FRh1T2P3teYX0IAqosDJ80utN90qjzC4cCYbcVKKqkznnd/HrnazMOxNKOvCxM
j7+o362OTlKEWpyWcf6S0QokN4+SprUpwVoNZL8zGQxR8H2KU/ozEMH0FYqgSbLj
4FXc+kGTTNdkmXFeyut6eEqqTPbegyjW24Qfu4rUVRqSrQcnlT7g4ykbaAsbYyjS
SxzI03Nv+dxJOT4m42DxWX/90v0a7YRjjGz1Yjrn3cFfp56lysRzfOWtmC2k3Szu
/J11Bi7URf9wdbyVumLsCDk0RtwMtXWJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:35:30 2025 by rpki-client