Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA2E5ADCC1A011EF96192154762E951A.roa
File: BA2E5ADCC1A011EF96192154762E951A.roa (raw, json)
Hash identifier: 6JGNkVFOe7Td++irClRIWzn0f7BBlSKlhtFZOMciIgA=
Subject key identifier: 6B:49:11:99:E8:92:D8:A4:29:80:95:36:5F:DE:A4:FE:CA:AF:D2:C0
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0120AF
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA2E5ADCC1A011EF96192154762E951A.roa
Signing time: Tue 24 Dec 2024 02:42:33 +0000
ROA not before: Tue 24 Dec 2024 02:42:30 +0000
ROA not after: Wed 10 Dec 2025 02:42:30 +0000
asID: 984
IP address blocks: 154.90.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73903 (0x120af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 24 02:42:30 2024 GMT
Not After : Dec 10 02:42:30 2025 GMT
Subject: CN=676a1f99-63a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:25:d2:34:f8:6a:5f:d2:17:b4:55:56:24:
ee:f2:cf:a4:02:94:b4:1c:bf:bf:c8:c4:9b:b3:13:
a1:29:21:34:e5:07:96:92:a5:ff:fa:8e:24:2a:14:
7a:83:ed:3a:f1:3f:3c:24:d0:e8:c4:1f:71:81:f3:
db:45:f9:55:6d:28:8b:ea:72:e4:c4:9e:dc:02:35:
9c:f3:9f:f0:41:3c:66:64:d9:b4:b7:45:f6:3c:8a:
7f:ef:3a:51:75:50:88:5e:4f:f1:80:cc:f9:1f:49:
06:a6:98:80:0a:28:33:a2:0d:d1:62:6e:d5:03:36:
58:1f:0e:98:8e:d1:b5:2f:39:f6:27:79:1f:9a:6f:
df:a3:91:d8:b4:b8:84:9f:24:5f:e8:f2:eb:9b:b5:
e9:86:4a:a1:43:96:d1:99:4b:73:d7:0c:6e:c8:ab:
9a:f1:61:0b:b0:3e:f5:e2:83:ed:8a:3b:32:71:85:
b1:88:fc:0d:cf:60:2a:ae:84:38:be:72:7f:3e:64:
8c:06:97:1a:77:1e:2f:d2:7b:f8:14:55:95:a3:b4:
a4:d5:13:cc:5b:80:fd:c7:2d:75:5c:11:6b:9f:07:
8b:88:ae:25:df:38:8c:4c:cf:2e:e5:c5:ea:18:77:
b8:24:42:68:18:e8:13:22:dd:38:aa:18:ee:10:7f:
df:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:49:11:99:E8:92:D8:A4:29:80:95:36:5F:DE:A4:FE:CA:AF:D2:C0
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA2E5ADCC1A011EF96192154762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.90.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:78:36:43:97:f7:56:c8:d4:d5:eb:df:a8:82:e7:c4:c9:ae:
fd:de:05:d2:7b:f2:f9:9b:20:af:92:d7:69:1e:61:26:6c:48:
98:f7:65:50:45:86:fd:13:4f:1e:f6:5c:a4:4d:67:05:4a:88:
e9:e3:c8:a6:02:38:81:78:ab:d5:96:bb:c9:2e:ce:d0:bb:85:
bb:fe:18:6c:97:71:b5:d7:50:13:a7:94:4e:eb:a4:cb:d4:ab:
43:8f:e9:64:a1:f2:8a:2d:eb:ad:ca:1b:0d:0c:65:09:0a:d3:
9c:7c:d4:63:fb:76:ab:a2:e6:37:64:b7:4c:62:b2:7d:59:b2:
e0:ea:0d:6a:ad:5b:26:d0:81:40:c9:39:57:b0:03:0e:fd:39:
3c:20:3f:70:6f:0d:22:01:38:c4:d0:35:6e:21:a4:10:96:88:
87:10:e8:f6:42:1b:08:87:dc:f2:69:c4:3c:8b:4e:97:47:d4:
03:57:bf:aa:be:3f:22:c8:80:69:88:29:38:79:83:ac:39:24:
71:19:15:6c:93:32:12:fe:4f:ef:47:82:b5:60:57:27:56:b8:
85:b7:c3:d1:54:da:c2:4d:c4:9e:89:09:c5:b6:8b:cf:b9:98:
f4:70:13:44:35:1c:f3:d4:1b:3c:5a:f0:8d:ca:a0:ce:1e:ae:
c6:60:57:0f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASCvMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI0MDI0MjMwWhcNMjUxMjEwMDI0MjMwWjAYMRYw
FAYDVQQDEw02NzZhMWY5OS02M2EwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuSsl0jT4al/SF7RVViTu8s+kApS0HL+/yMSbsxOhKSE05QeWkqX/+o4k
KhR6g+068T88JNDoxB9xgfPbRflVbSiL6nLkxJ7cAjWc85/wQTxmZNm0t0X2PIp/
7zpRdVCIXk/xgMz5H0kGppiACigzog3RYm7VAzZYHw6YjtG1Lzn2J3kfmm/fo5HY
tLiEnyRf6PLrm7XphkqhQ5bRmUtz1wxuyKua8WELsD714oPtijsycYWxiPwNz2Aq
roQ4vnJ/PmSMBpcadx4v0nv4FFWVo7Sk1RPMW4D9xy11XBFrnweLiK4l3ziMTM8u
5cXqGHe4JEJoGOgTIt04qhjuEH/fAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGtJ
EZnoktikKYCVNl/epP7Kr9LAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQTJFNUFEQ0MxQTAxMUVGOTYxOTIxNTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlrzMA0GCSqGSIb3DQEB
CwUAA4IBAQCheDZDl/dWyNTV69+ogufEya793gXSe/L5myCvktdpHmEmbEiY92VQ
RYb9E08e9lykTWcFSojp48imAjiBeKvVlrvJLs7Qu4W7/hhsl3G111ATp5RO66TL
1KtDj+lkofKKLeutyhsNDGUJCtOcfNRj+3arouY3ZLdMYrJ9WbLg6g1qrVsm0IFA
yTlXsAMO/Tk8ID9wbw0iATjE0DVuIaQQloiHEOj2QhsIh9zyacQ8i06XR9QDV7+q
vj8iyIBpiCk4eYOsOSRxGRVskzIS/k/vR4K1YFcnVriFt8PRVNrCTcSeiQnFtovP
uZj0cBNENRzz1Bs8WvCNyqDOHq7GYFcP
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:23 2025 by rpki-client