Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B42B7058C5EB11EF994ECAA5762E951A.roa
File: B42B7058C5EB11EF994ECAA5762E951A.roa (raw, json)
Hash identifier: Z11p/cUTDEOUq+B1Wv1X8QzZ8tynEBJQyL3O2kBnmUA=
Subject key identifier: E4:AD:AE:18:F5:84:AE:5A:5E:E9:06:5C:9A:C0:33:74:61:01:65:3B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012DAA
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B42B7058C5EB11EF994ECAA5762E951A.roa
Signing time: Sun 29 Dec 2024 13:49:20 +0000
ROA not before: Sun 29 Dec 2024 13:49:17 +0000
ROA not after: Fri 12 Dec 2025 13:49:17 +0000
asID: 984
IP address blocks: 154.211.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77226 (0x12daa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 13:49:17 2024 GMT
Not After : Dec 12 13:49:17 2025 GMT
Subject: CN=67715360-094e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:66:23:c1:31:98:1d:9c:35:dd:91:2d:64:78:
cc:c4:f7:d1:b6:b0:6b:5e:e4:8e:3e:f4:b6:fb:b6:
d5:18:d0:57:56:39:51:fd:05:f0:c0:2c:d5:e0:95:
49:7b:c6:23:b9:33:13:7a:bd:0c:bd:b9:47:ae:4b:
4c:44:95:8b:a9:56:08:39:50:15:ef:29:89:19:d7:
a5:a4:3d:62:8a:2c:2e:14:23:2b:a7:86:fc:8e:bd:
ee:55:91:7f:a6:3d:26:4b:87:a6:77:c0:e7:22:35:
fd:fe:81:a3:aa:94:a3:77:de:d7:c7:7c:cc:e0:2a:
82:eb:9b:fa:34:86:7d:c3:ed:b4:68:12:cf:b6:7c:
cd:38:da:44:a6:11:cc:18:41:fd:03:6b:63:2b:d8:
30:a0:6c:3e:3c:1c:e6:5e:4b:88:ff:b2:56:ba:f5:
49:76:be:1a:1a:44:6c:d4:ee:11:76:ca:14:92:d7:
ed:bf:b0:6c:5f:b5:be:45:2c:1b:bc:3b:db:fe:2c:
92:84:bb:cd:1a:c5:2a:dd:0b:2a:be:ce:35:2f:d2:
83:68:2d:73:69:65:4d:a7:6f:b2:94:67:5f:4e:3a:
7a:1d:3e:3a:5e:5a:2d:7a:6b:25:c9:dc:57:d5:de:
a1:ba:45:c8:db:4d:77:df:40:d0:5d:c3:2c:ff:71:
e2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AD:AE:18:F5:84:AE:5A:5E:E9:06:5C:9A:C0:33:74:61:01:65:3B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B42B7058C5EB11EF994ECAA5762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.211.28.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:16:17:ad:5d:49:a8:de:5c:8c:e6:77:6a:19:3e:22:7d:e3:
c1:6a:5d:f4:d0:bc:20:03:a6:b6:70:a5:dd:85:d9:00:8d:07:
f9:65:7f:eb:e5:94:31:00:82:79:e9:17:1b:16:6b:cf:a1:8f:
da:92:9b:c4:09:56:ba:e5:0b:00:dc:c5:c6:2f:26:bf:13:00:
16:e1:d9:00:a4:52:24:15:ff:05:c6:64:c6:11:ed:02:cb:bc:
b3:3f:5f:64:ed:b5:71:86:3a:30:ee:f2:fe:cc:a8:bf:1a:e3:
dd:2d:44:bf:16:4a:c2:cf:96:8c:f6:9f:2c:6f:fb:97:33:c8:
9f:09:a4:49:e7:8d:e5:ea:ce:cb:ee:ba:87:72:b1:75:9b:23:
39:e9:ba:9e:05:27:21:42:cc:ff:01:49:e6:36:c9:77:4d:16:
4d:30:7a:ab:5b:75:2a:3f:28:8b:4f:b2:1b:ae:c4:d4:f6:fd:
3b:76:cb:5b:10:78:76:de:7c:f0:5b:ef:24:e9:e7:6c:41:f8:
f4:ee:f9:1b:4a:aa:a5:41:fa:50:bf:c9:3a:44:e6:33:32:c8:
fe:39:22:58:4e:d8:68:3f:83:59:47:7d:3a:d8:b9:8c:a1:9c:
db:60:19:78:b2:31:ac:82:e0:7e:2a:91:cc:16:76:fa:9a:55:
45:0a:a9:23
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS2qMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MTM0OTE3WhcNMjUxMjEyMTM0OTE3WjAYMRYw
FAYDVQQDEw02NzcxNTM2MC0wOTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvWYjwTGYHZw13ZEtZHjMxPfRtrBrXuSOPvS2+7bVGNBXVjlR/QXwwCzV
4JVJe8YjuTMTer0MvblHrktMRJWLqVYIOVAV7ymJGdelpD1iiiwuFCMrp4b8jr3u
VZF/pj0mS4emd8DnIjX9/oGjqpSjd97Xx3zM4CqC65v6NIZ9w+20aBLPtnzNONpE
phHMGEH9A2tjK9gwoGw+PBzmXkuI/7JWuvVJdr4aGkRs1O4RdsoUktftv7BsX7W+
RSwbvDvb/iyShLvNGsUq3Qsqvs41L9KDaC1zaWVNp2+ylGdfTjp6HT46Xlotemsl
ydxX1d6hukXI201330DQXcMs/3HiEwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFOSt
rhj1hK5aXukGXJrAM3RhAWU7MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CNDJCNzA1OEM1RUIxMUVGOTk0RUNBQTU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtMcMA0GCSqGSIb3DQEB
CwUAA4IBAQBbFhetXUmo3lyM5ndqGT4ifePBal300LwgA6a2cKXdhdkAjQf5ZX/r
5ZQxAIJ56RcbFmvPoY/akpvECVa65QsA3MXGLya/EwAW4dkApFIkFf8FxmTGEe0C
y7yzP19k7bVxhjow7vL+zKi/GuPdLUS/FkrCz5aM9p8sb/uXM8ifCaRJ543l6s7L
7rqHcrF1myM56bqeBSchQsz/AUnmNsl3TRZNMHqrW3UqPyiLT7IbrsTU9v07dstb
EHh23nzwW+8k6edsQfj07vkbSqqlQfpQv8k6ROYzMsj+OSJYTthoP4NZR3062LmM
oZzbYBl4sjGsguB+KpHMFnb6mlVFCqkj
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:43:09 2025 by rpki-client