Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DA090C6F3E911EFB380466B762E951A.roa
File: 9DA090C6F3E911EFB380466B762E951A.roa (raw, json)
Hash identifier: hqD3Em8GlgAOODL5QEJg10m2eM9P/FjX/F2MiUXllJA=
Subject key identifier: 61:09:F2:77:9E:EB:31:EF:94:CA:DA:13:22:61:72:FC:A8:DB:9C:7A
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01608A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DA090C6F3E911EFB380466B762E951A.roa
Signing time: Wed 26 Feb 2025 02:30:17 +0000
ROA not before: Wed 26 Feb 2025 02:30:13 +0000
ROA not after: Thu 19 Feb 2026 02:30:13 +0000
asID: 984
IP address blocks: 154.203.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90250 (0x1608a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 02:30:13 2025 GMT
Not After : Feb 19 02:30:13 2026 GMT
Subject: CN=67be7cb9-f916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ab:67:86:5d:4c:0a:a4:8e:7d:a6:f3:3b:02:
3c:da:8c:56:0f:06:9d:19:1c:31:5f:4e:be:bd:0d:
41:c1:15:24:2b:fd:46:d2:11:92:01:bd:20:c8:61:
33:35:3a:cb:31:b3:61:37:2e:de:e0:80:d7:e0:04:
93:d5:b3:34:d3:1c:fd:ce:e0:76:13:97:8d:b6:c9:
12:7c:64:18:8b:92:59:9b:51:af:f8:c9:b7:47:e0:
19:f4:2d:6c:1f:16:31:b4:3c:be:0c:c5:a3:8e:a8:
b6:e8:ff:37:b9:fa:a3:df:2a:16:9d:32:66:8e:c2:
fa:9c:5a:c2:6a:d2:b1:bb:f9:3e:1e:22:85:28:1a:
83:a0:f8:6e:d6:0d:c2:87:78:fc:9a:a9:d7:cd:75:
84:46:ba:20:a3:d4:4f:1e:d7:a0:32:18:0b:f2:27:
67:85:c8:aa:ef:68:2b:47:f9:0e:f5:93:fb:16:99:
cc:e7:5d:98:43:c4:52:58:64:34:25:ff:d6:ac:9c:
ae:50:12:ed:76:f8:cf:ba:37:45:2d:e1:45:1b:3d:
c7:6e:e2:64:7a:de:ea:a7:3b:2f:87:8b:12:97:9e:
ba:25:63:b2:04:bf:dd:b0:ad:ac:89:6f:53:b3:e5:
09:79:75:23:0c:a1:0e:09:65:e2:f7:05:f6:14:4e:
90:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:09:F2:77:9E:EB:31:EF:94:CA:DA:13:22:61:72:FC:A8:DB:9C:7A
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/9DA090C6F3E911EFB380466B762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.203.91.0/24
Signature Algorithm: sha256WithRSAEncryption
34:ef:e1:07:cd:d2:95:bb:e0:18:4a:dd:d4:69:14:43:89:9b:
5a:d2:4d:ab:dc:0b:f0:b8:31:46:10:31:1d:04:9d:84:1a:98:
d2:dc:f1:82:b5:74:dd:15:ca:ae:d6:95:ee:db:36:6b:48:32:
4f:af:5b:cb:a6:c5:be:71:3b:d3:18:8e:bb:aa:f5:9f:72:62:
89:01:96:4f:a3:0d:64:a1:63:59:8d:05:4e:64:d4:ac:5a:7c:
2b:6e:5e:e6:e5:3d:b9:68:c3:fa:d7:e6:ff:b3:88:78:e9:92:
fc:e6:2f:59:15:49:12:c5:83:03:b0:17:6e:d4:31:7c:57:c2:
96:f3:98:b7:28:07:aa:cd:dc:e1:40:ed:8a:c3:c3:58:fc:a9:
02:44:c6:79:38:d3:c8:a2:3c:83:8b:d2:85:ea:d7:6a:62:4e:
3d:fb:3c:10:52:7d:c6:61:4c:1d:5a:51:7d:9a:48:dc:7e:6a:
75:23:8b:8a:7a:13:87:e4:9f:22:56:ba:61:a3:46:9b:84:dc:
1b:68:fc:4b:2d:c7:e3:f7:f4:f7:f8:8a:56:4f:eb:1c:99:8a:
cf:ba:46:13:e0:f2:13:3e:7b:0c:ad:00:5c:59:0a:c3:5b:f6:
57:5c:74:ad:c1:14:5b:78:b3:05:83:14:45:e9:0c:59:f8:34:
ca:82:03:5d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWCKMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MDIzMDEzWhcNMjYwMjE5MDIzMDEzWjAYMRYw
FAYDVQQDEw02N2JlN2NiOS1mOTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0qtnhl1MCqSOfabzOwI82oxWDwadGRwxX06+vQ1BwRUkK/1G0hGSAb0g
yGEzNTrLMbNhNy7e4IDX4AST1bM00xz9zuB2E5eNtskSfGQYi5JZm1Gv+Mm3R+AZ
9C1sHxYxtDy+DMWjjqi26P83ufqj3yoWnTJmjsL6nFrCatKxu/k+HiKFKBqDoPhu
1g3Ch3j8mqnXzXWERrogo9RPHtegMhgL8idnhciq72grR/kO9ZP7FpnM512YQ8RS
WGQ0Jf/WrJyuUBLtdvjPujdFLeFFGz3HbuJket7qpzsvh4sSl566JWOyBL/dsK2s
iW9Ts+UJeXUjDKEOCWXi9wX2FE6QbQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGEJ
8nee6zHvlMraEyJhcvyo25x6MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC85REEwOTBDNkYzRTkxMUVGQjM4MDQ2NkI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmstbMA0GCSqGSIb3DQEB
CwUAA4IBAQA07+EHzdKVu+AYSt3UaRRDiZta0k2r3AvwuDFGEDEdBJ2EGpjS3PGC
tXTdFcqu1pXu2zZrSDJPr1vLpsW+cTvTGI67qvWfcmKJAZZPow1koWNZjQVOZNSs
Wnwrbl7m5T25aMP61+b/s4h46ZL85i9ZFUkSxYMDsBdu1DF8V8KW85i3KAeqzdzh
QO2Kw8NY/KkCRMZ5ONPIojyDi9KF6tdqYk49+zwQUn3GYUwdWlF9mkjcfmp1I4uK
ehOH5J8iVrpho0abhNwbaPxLLcfj9/T3+IpWT+scmYrPukYT4PITPnsMrQBcWQrD
W/ZXXHStwRRbeLMFgxRF6QxZ+DTKggNd
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:15:48 2025 by rpki-client