Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C21AC34F45311EFBDE2A450762E951A.roa
File: 9C21AC34F45311EFBDE2A450762E951A.roa (raw, json)
Hash identifier: jGwJycLEvfNMbMxAodJPzbc96srWK6/ZtCT7QPOd/k0=
Subject key identifier: A3:AA:DD:E9:5E:D6:53:B6:D1:97:CC:EA:EE:93:DE:EF:79:11:E7:31
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0164A9
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C21AC34F45311EFBDE2A450762E951A.roa
Signing time: Wed 26 Feb 2025 15:09:01 +0000
ROA not before: Wed 26 Feb 2025 15:08:57 +0000
ROA not after: Sat 19 Feb 2028 15:08:57 +0000
asID: 17561
IP address blocks: 154.82.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sat 05 Apr 2025 14:13:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91305 (0x164a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 15:08:57 2025 GMT
Not After : Feb 19 15:08:57 2028 GMT
Subject: CN=67bf2e8d-e254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:30:9b:4d:0b:61:61:76:21:8b:2a:e5:8f:
dd:36:66:8d:af:c4:46:c9:b6:3a:71:bf:bb:a2:14:
fb:09:96:63:c8:df:8a:1e:82:04:23:0a:84:5f:65:
ad:fc:de:d0:54:82:13:e4:5e:1c:72:0e:c6:a9:90:
3c:fe:8f:75:2b:27:cf:42:68:c2:fa:43:82:e8:fa:
1e:e2:4d:ce:80:c1:b4:a2:61:94:36:05:f5:ab:02:
1a:46:3c:d2:09:bc:95:21:ed:3b:dd:51:08:0d:f0:
28:f7:7b:95:aa:38:8b:8f:bc:04:39:4e:3e:65:cc:
1e:3f:1a:c9:3c:c6:29:ce:95:e6:25:bf:2f:72:fa:
5b:13:74:1d:a0:e0:88:9b:b1:32:e1:b4:d4:f1:ee:
f6:d7:a9:de:18:b3:ce:f3:10:b0:e2:4b:27:e3:95:
6c:4a:16:0e:ae:35:ca:c7:2e:d7:af:09:23:38:ee:
bc:34:6c:8b:0c:85:ac:5c:f5:a7:5a:fe:7e:2b:a7:
34:b9:92:46:21:35:06:19:52:86:72:31:50:5c:12:
a2:7c:a5:aa:6a:65:df:db:b5:f6:f6:1d:d8:91:31:
1b:be:8a:91:93:22:0b:d0:88:d7:d1:b0:60:6b:d8:
5f:40:64:16:f0:a2:42:88:b2:57:62:b9:c5:5c:50:
16:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AA:DD:E9:5E:D6:53:B6:D1:97:CC:EA:EE:93:DE:EF:79:11:E7:31
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9C21AC34F45311EFBDE2A450762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.82.226.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:76:ef:2b:35:a4:e9:61:d3:e3:24:2d:db:4d:49:25:72:b0:
29:4b:12:59:65:fd:ae:5e:ed:42:b5:96:5f:81:88:61:bd:f8:
4e:e9:1c:9d:f2:52:73:05:29:35:74:e5:33:7a:91:f5:80:48:
77:3e:0f:67:04:16:fc:e8:fe:5c:ed:f7:d6:3d:3c:96:2f:88:
4f:50:13:ba:5a:85:84:d8:0c:a7:72:70:e8:8f:c5:17:4a:41:
f0:8b:c0:2f:c9:a3:bf:82:b7:9d:98:f5:c8:26:c0:e7:d3:b5:
fc:cf:f0:4e:6d:21:61:29:82:4a:c5:5e:af:a5:6f:c6:af:11:
d0:91:ee:73:51:4b:33:c5:8d:dd:55:91:c7:1b:d6:1e:e8:18:
aa:0a:35:98:ad:33:28:53:da:d2:da:d5:ae:af:58:84:0f:98:
f3:83:c1:24:da:49:b8:39:af:8b:2a:75:54:91:76:d2:7d:45:
9a:81:e7:c9:27:7b:1c:57:ab:ac:ac:c1:04:95:e4:92:21:40:
da:9a:07:3e:56:1f:4c:ff:80:11:a2:ba:f1:ea:61:f8:99:4f:
7f:ee:c8:14:91:d8:ed:3d:dd:8a:c3:96:fa:f3:c3:78:9f:00:
91:22:9b:07:11:3e:e8:f7:9f:a9:df:a9:2b:54:7f:fc:0d:0f:
a3:50:28:41
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWSpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTUwODU3WhcNMjgwMjE5MTUwODU3WjAYMRYw
FAYDVQQDEw02N2JmMmU4ZC1lMjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoBMwm00LYWF2IYsq5Y/dNmaNr8RGybY6cb+7ohT7CZZjyN+KHoIEIwqE
X2Wt/N7QVIIT5F4ccg7GqZA8/o91KyfPQmjC+kOC6Poe4k3OgMG0omGUNgX1qwIa
RjzSCbyVIe073VEIDfAo93uVqjiLj7wEOU4+ZcwePxrJPMYpzpXmJb8vcvpbE3Qd
oOCIm7Ey4bTU8e7216neGLPO8xCw4ksn45VsShYOrjXKxy7XrwkjOO68NGyLDIWs
XPWnWv5+K6c0uZJGITUGGVKGcjFQXBKifKWqamXf27X29h3YkTEbvoqRkyIL0IjX
0bBga9hfQGQW8KJCiLJXYrnFXFAWMwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKOq
3ele1lO20ZfM6u6T3u95EecxMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85QzIxQUMzNEY0NTMxMUVGQkRFMkE0NTA3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlLiMA0GCSqGSIb3DQEB
CwUAA4IBAQCsdu8rNaTpYdPjJC3bTUklcrApSxJZZf2uXu1CtZZfgYhhvfhO6Ryd
8lJzBSk1dOUzepH1gEh3Pg9nBBb86P5c7ffWPTyWL4hPUBO6WoWE2AyncnDoj8UX
SkHwi8AvyaO/gredmPXIJsDn07X8z/BObSFhKYJKxV6vpW/GrxHQke5zUUszxY3d
VZHHG9Ye6BiqCjWYrTMoU9rS2tWur1iED5jzg8Ek2km4Oa+LKnVUkXbSfUWagefJ
J3scV6usrMEEleSSIUDamgc+Vh9M/4ARorrx6mH4mU9/7sgUkdjtPd2Kw5b688N4
nwCRIpsHET7o95+p36krVH/8DQ+jUChB
-----END CERTIFICATE-----
Generated at Fri Apr 4 01:50:46 2025 by rpki-client