Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9CC255AC37D11EF9E4397B8762E951A.roa
File: A9CC255AC37D11EF9E4397B8762E951A.roa (raw, json)
Hash identifier: RRcHA6ARmr2j5BYgd0bp7TjyjyEXVauYiQdHFbV1U4c=
Subject key identifier: 28:02:CC:33:C2:AE:45:7A:46:C2:83:9B:F7:AA:1C:82:4E:86:84:61
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01273C
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9CC255AC37D11EF9E4397B8762E951A.roa
Signing time: Thu 26 Dec 2024 11:36:36 +0000
ROA not before: Thu 26 Dec 2024 11:36:32 +0000
ROA not after: Fri 12 Dec 2025 11:36:32 +0000
asID: 984
IP address blocks: 154.94.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75580 (0x1273c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 11:36:32 2024 GMT
Not After : Dec 12 11:36:32 2025 GMT
Subject: CN=676d3fc4-f317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:1e:4e:42:9a:44:b0:ab:be:a0:85:9d:bf:94:
b3:ed:8b:1d:af:80:65:77:7d:23:46:13:1b:28:47:
66:2d:7f:d8:b8:11:19:41:8a:fa:8a:c2:c4:fe:76:
9c:81:67:2d:c7:aa:48:69:c3:d2:62:3b:db:63:9c:
17:89:74:35:9a:fc:dd:a6:b7:fb:64:da:f5:9c:45:
7b:5e:2f:9f:78:48:3c:ae:48:ee:37:84:04:db:6c:
03:f4:c0:ca:56:2f:ec:b3:ec:7f:0d:f4:67:76:d3:
ea:f4:bf:a4:7c:c2:b4:a0:aa:57:f4:a0:3e:61:fa:
c2:b1:7d:de:48:54:9c:39:ee:e7:d7:b2:13:22:a2:
87:6f:91:df:47:a3:67:98:ce:da:8b:a2:ae:d0:95:
47:b7:de:8c:3d:47:22:b1:5c:13:b5:c5:12:d6:cd:
8e:94:e2:3b:68:30:34:8a:a9:a9:ec:68:67:10:7e:
6d:5c:08:e5:00:3a:5e:b5:7f:e0:11:f6:b1:d3:9b:
10:86:31:de:84:d9:1e:36:ed:ba:f5:93:6c:d3:18:
9e:4c:7e:6b:61:8f:2e:4c:4c:cf:33:85:30:ef:97:
d4:d5:82:ca:56:5b:80:d9:66:41:eb:82:82:66:2d:
12:37:b5:b3:5a:9c:e4:20:ef:83:66:b3:b8:8d:7e:
b1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:02:CC:33:C2:AE:45:7A:46:C2:83:9B:F7:AA:1C:82:4E:86:84:61
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A9CC255AC37D11EF9E4397B8762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.94.181.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9f:09:19:78:e4:57:d5:a8:17:e5:62:d8:1d:65:a5:f2:df:
e3:d7:c0:d5:8d:36:a6:8c:6a:5e:3e:12:77:92:c6:eb:b8:8b:
cc:8e:68:d5:b0:67:72:b1:95:88:96:b3:8e:50:27:ca:23:c7:
b4:f3:bc:94:c6:c8:af:a0:98:49:6b:e5:c9:6b:b4:fe:c5:e8:
83:f8:eb:04:87:ed:38:89:a4:f9:2f:1b:c2:85:d7:0e:97:e8:
b8:66:70:18:16:75:e1:ae:9e:5f:c2:5b:50:95:8f:c9:ae:b9:
d5:b8:5d:1d:5c:63:29:fd:de:c6:68:5d:73:35:81:da:81:5b:
ca:cb:04:fb:f1:c9:62:8e:84:85:03:67:c9:66:48:41:e9:0b:
96:34:e1:ef:b5:55:19:3e:5d:50:ac:18:fc:e9:06:88:3f:d8:
3c:51:bc:71:42:60:f1:fa:e3:ed:d5:cf:e2:67:b6:4f:a2:78:
3b:f0:a1:b1:5c:2c:62:3d:d7:5c:ad:54:ca:53:dd:31:a1:ae:
d2:c3:c9:07:d9:21:a7:72:1e:ec:84:a1:bd:14:cd:5a:4b:b3:
f8:76:11:b5:f3:a1:01:3e:d2:ae:06:77:44:70:a1:d9:15:d9:
12:6c:25:79:32:15:73:b4:6a:cc:96:5b:0a:42:2a:3d:cb:1b:
e2:7e:c0:28
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASc8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MTEzNjMyWhcNMjUxMjEyMTEzNjMyWjAYMRYw
FAYDVQQDEw02NzZkM2ZjNC1mMzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA+x5OQppEsKu+oIWdv5Sz7Ysdr4Bld30jRhMbKEdmLX/YuBEZQYr6isLE
/nacgWctx6pIacPSYjvbY5wXiXQ1mvzdprf7ZNr1nEV7Xi+feEg8rkjuN4QE22wD
9MDKVi/ss+x/DfRndtPq9L+kfMK0oKpX9KA+YfrCsX3eSFScOe7n17ITIqKHb5Hf
R6NnmM7ai6Ku0JVHt96MPUcisVwTtcUS1s2OlOI7aDA0iqmp7GhnEH5tXAjlADpe
tX/gEfax05sQhjHehNkeNu269ZNs0xieTH5rYY8uTEzPM4Uw75fU1YLKVluA2WZB
64KCZi0SN7WzWpzkIO+DZrO4jX6xEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCgC
zDPCrkV6RsKDm/eqHIJOhoRhMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BOUNDMjU1QUMzN0QxMUVGOUU0Mzk3Qjg3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml61MA0GCSqGSIb3DQEB
CwUAA4IBAQBEnwkZeORX1agX5WLYHWWl8t/j18DVjTamjGpePhJ3ksbruIvMjmjV
sGdysZWIlrOOUCfKI8e087yUxsivoJhJa+XJa7T+xeiD+OsEh+04iaT5LxvChdcO
l+i4ZnAYFnXhrp5fwltQlY/JrrnVuF0dXGMp/d7GaF1zNYHagVvKywT78clijoSF
A2fJZkhB6QuWNOHvtVUZPl1QrBj86QaIP9g8UbxxQmDx+uPt1c/iZ7ZPong78KGx
XCxiPddcrVTKU90xoa7Sw8kH2SGnch7shKG9FM1aS7P4dhG186EBPtKuBndEcKHZ
FdkSbCV5MhVztGrMllsKQio9yxvifsAo
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:53:49 2025 by rpki-client