Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9F9FB64C26011EF935A1D9E762E951A.roa
File: B9F9FB64C26011EF935A1D9E762E951A.roa (raw, json)
Hash identifier: HiIBC4tCObywQr9jzzQnq7wc30DO9jimhKkbJXz7aNY=
Subject key identifier: 4D:79:3A:A2:DC:D5:B6:CB:AE:89:39:3B:14:D4:FC:76:AF:CE:67:C9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0123AE
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9F9FB64C26011EF935A1D9E762E951A.roa
Signing time: Wed 25 Dec 2024 01:36:57 +0000
ROA not before: Wed 25 Dec 2024 01:36:53 +0000
ROA not after: Wed 10 Dec 2025 01:36:53 +0000
asID: 984
IP address blocks: 154.199.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74670 (0x123ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 01:36:53 2024 GMT
Not After : Dec 10 01:36:53 2025 GMT
Subject: CN=676b61b8-62f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9c:1c:2f:30:e7:ce:3d:ca:37:9f:0b:b1:7d:
fb:21:fd:f0:6e:1f:c9:07:0e:32:5e:97:a6:3a:6f:
8d:59:f2:d8:11:9a:b7:e2:dd:87:61:3f:0f:b3:31:
ff:56:a2:bf:ff:c3:75:ef:5f:e7:6e:fd:69:3d:74:
8d:98:03:5d:33:76:2d:e2:25:50:97:66:6a:05:6c:
0f:f9:37:ed:4c:c4:80:a2:3a:c5:ae:93:b1:73:c7:
68:37:3f:ed:6d:38:3a:2d:eb:be:49:a6:0c:26:39:
16:a9:0a:82:f2:83:37:5b:26:73:00:30:d1:24:43:
d4:56:5c:2d:36:37:b9:e4:43:43:08:02:a5:9c:37:
43:05:73:3c:ee:fa:af:4a:81:47:c4:8e:81:ee:9e:
01:57:7d:90:9d:91:b4:8f:e6:05:84:12:f4:73:53:
ca:89:78:4f:ed:63:39:ed:92:38:e6:7b:0b:cb:c4:
95:72:5d:0f:cc:ca:f2:1c:af:14:8b:65:70:fa:94:
79:44:72:dc:c6:03:7c:79:ac:5a:a2:e3:af:ff:d9:
1b:7d:51:2d:95:dd:6d:42:ee:d5:a0:10:54:de:5a:
73:c2:12:cb:72:79:18:ec:ad:b8:b9:94:80:43:a2:
41:a0:f0:1d:97:f8:ec:75:26:81:a7:3c:98:f1:13:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:79:3A:A2:DC:D5:B6:CB:AE:89:39:3B:14:D4:FC:76:AF:CE:67:C9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/B9F9FB64C26011EF935A1D9E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.100.0/24
Signature Algorithm: sha256WithRSAEncryption
59:71:33:f6:11:25:b0:31:77:8d:71:b6:ee:82:c5:d9:fe:d5:
51:04:62:d6:80:8d:5e:ea:cd:8b:20:8a:de:16:ef:f0:71:f3:
fa:fd:ae:d6:99:e9:ef:a7:9e:49:62:06:21:9b:30:a7:29:a5:
51:ff:16:3e:c1:48:d7:21:b1:74:87:27:5c:53:30:c0:02:b3:
1a:87:ab:cc:05:8a:6d:f4:c9:f4:6b:0d:e7:ea:a1:d3:dd:f3:
f7:35:ac:f6:2c:12:0e:e0:96:61:9b:61:e2:42:5f:2b:29:20:
a0:4c:1f:7f:93:4a:c0:9c:d6:78:21:0b:af:f0:e1:f9:14:3e:
b8:7d:76:e6:a9:db:db:f4:cb:c9:13:06:65:50:52:9e:ee:9f:
af:45:00:4e:56:5a:11:1b:be:5e:53:96:ab:b4:57:6e:93:bd:
e7:7f:02:91:84:b0:88:08:ee:c5:43:7c:ab:a3:df:d1:3b:05:
50:32:d5:f0:01:d9:34:bd:9a:45:51:0e:5e:61:78:60:a8:04:
79:33:5a:4a:2c:56:53:bb:9c:fc:1b:b7:35:35:85:71:06:e2:
ee:eb:23:32:fa:4a:72:d1:b4:eb:3e:d2:6d:f9:2f:3c:1e:6d:
7b:cb:24:c2:71:39:f9:8e:cb:d0:46:04:1b:8c:74:13:d4:b5:
fd:a0:71:f6
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASOuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDEzNjUzWhcNMjUxMjEwMDEzNjUzWjAYMRYw
FAYDVQQDEw02NzZiNjFiOC02MmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwpwcLzDnzj3KN58LsX37If3wbh/JBw4yXpemOm+NWfLYEZq34t2HYT8P
szH/VqK//8N171/nbv1pPXSNmANdM3Yt4iVQl2ZqBWwP+TftTMSAojrFrpOxc8do
Nz/tbTg6Leu+SaYMJjkWqQqC8oM3WyZzADDRJEPUVlwtNje55ENDCAKlnDdDBXM8
7vqvSoFHxI6B7p4BV32QnZG0j+YFhBL0c1PKiXhP7WM57ZI45nsLy8SVcl0PzMry
HK8Ui2Vw+pR5RHLcxgN8eaxaouOv/9kbfVEtld1tQu7VoBBU3lpzwhLLcnkY7K24
uZSAQ6JBoPAdl/jsdSaBpzyY8RMXFwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFE15
OqLc1bbLrok5OxTU/HavzmfJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9COUY5RkI2NEMyNjAxMUVGOTM1QTFEOUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdkMA0GCSqGSIb3DQEB
CwUAA4IBAQBZcTP2ESWwMXeNcbbugsXZ/tVRBGLWgI1e6s2LIIreFu/wcfP6/a7W
menvp55JYgYhmzCnKaVR/xY+wUjXIbF0hydcUzDAArMah6vMBYpt9Mn0aw3n6qHT
3fP3Naz2LBIO4JZhm2HiQl8rKSCgTB9/k0rAnNZ4IQuv8OH5FD64fXbmqdvb9MvJ
EwZlUFKe7p+vRQBOVloRG75eU5artFduk73nfwKRhLCICO7FQ3yro9/ROwVQMtXw
Adk0vZpFUQ5eYXhgqAR5M1pKLFZTu5z8G7c1NYVxBuLu6yMy+kpy0bTrPtJt+S88
Hm17yyTCcTn5jsvQRgQbjHQT1LX9oHH2
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:14:50 2025 by rpki-client