Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA7153EEC25B11EF8DE0927A762E951A.roa
File: BA7153EEC25B11EF8DE0927A762E951A.roa (raw, json)
Hash identifier: 8YY+sOsKFVUTSOXAH+al4RiEPgjLEY3RQ/6ZSJzLL8U=
Subject key identifier: 32:AC:EC:65:2F:C1:CD:49:E9:85:96:A2:CD:E9:FA:FB:77:AD:39:00
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012374
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA7153EEC25B11EF8DE0927A762E951A.roa
Signing time: Wed 25 Dec 2024 01:01:10 +0000
ROA not before: Wed 25 Dec 2024 01:01:06 +0000
ROA not after: Wed 10 Dec 2025 01:01:06 +0000
asID: 984
IP address blocks: 154.199.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 08 Apr 2025 00:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74612 (0x12374)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 25 01:01:06 2024 GMT
Not After : Dec 10 01:01:06 2025 GMT
Subject: CN=676b5956-24c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7c:b2:9e:96:6b:d9:6a:62:75:38:56:32:9d:
c2:7c:c1:c9:6c:f2:7e:32:6a:29:91:d0:53:3d:ca:
ba:f7:79:c7:39:1b:b8:8e:e0:f9:f6:e7:cf:16:fe:
7b:43:04:7a:bf:2f:6e:40:51:b7:6a:08:09:7a:bf:
9c:bb:4b:70:18:24:b8:3c:02:71:1d:4a:f2:2e:c8:
16:fd:34:dc:e3:c5:40:9f:96:88:ac:a0:6d:e3:79:
ef:68:aa:44:73:19:1a:80:cf:76:46:65:7e:fd:5d:
74:78:cb:47:bc:39:a8:8a:1b:05:0b:a2:99:b9:a1:
3a:bb:53:5c:32:79:57:25:be:84:5f:ab:ff:b0:ad:
15:87:d0:2b:f4:3b:2a:de:b2:af:f4:7d:5c:b4:0b:
3a:59:d7:1b:ef:e2:6c:5d:b7:b0:ce:78:f6:37:1f:
47:b5:16:ec:d1:da:b2:00:99:dc:30:d4:34:9a:16:
3f:74:75:bc:e8:a2:53:19:3b:0b:47:9d:96:f0:2b:
99:2d:0c:bf:07:32:ef:de:cd:10:8b:23:1c:32:07:
7f:70:73:81:d0:c2:e8:1d:cb:5d:62:24:ab:04:b7:
ce:78:f3:3a:7d:fd:d8:dd:ab:2f:70:bb:07:b7:42:
00:aa:75:5e:e1:6e:cb:f1:f2:da:83:88:36:8e:ba:
d2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AC:EC:65:2F:C1:CD:49:E9:85:96:A2:CD:E9:FA:FB:77:AD:39:00
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BA7153EEC25B11EF8DE0927A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.71.0/24
Signature Algorithm: sha256WithRSAEncryption
44:ac:93:53:a6:45:e8:df:29:6e:a0:61:63:4e:23:e1:c4:be:
92:47:fa:a1:bb:d1:5f:1e:8f:24:b4:25:26:b1:e5:37:e7:21:
13:9b:80:98:ca:06:40:df:dd:ea:94:65:8f:df:50:5a:ad:18:
8c:a1:a1:f3:a1:d0:a9:81:f9:a1:7d:4b:31:3a:bb:71:b3:ef:
14:07:03:20:ee:8a:a0:a8:92:83:d5:9a:51:46:3e:d9:7b:23:
1d:f1:41:fa:40:ec:51:c9:2b:cc:cf:de:15:3f:4c:52:f5:e9:
38:9d:90:59:cb:3e:02:06:15:89:b4:39:d1:23:24:e4:91:36:
33:e0:2f:2e:4c:0f:0d:dd:42:18:98:5f:22:99:b5:20:bb:81:
a5:82:14:f5:aa:bc:e1:83:78:bb:44:a7:7c:91:c1:5c:36:40:
c7:30:40:de:1a:fd:e7:cf:18:98:8a:e5:75:59:5b:27:e0:c9:
95:d3:1b:3e:54:a7:6c:9b:e8:2d:b1:0b:7c:84:54:3e:f6:10:
a2:60:1c:37:55:92:c6:62:ca:75:04:d2:74:95:0f:17:66:b1:
e0:fd:12:6a:76:90:55:09:59:f7:3e:d2:c1:aa:92:71:bf:2c:
fb:49:44:8d:4a:8d:9d:a7:32:2d:e2:1c:7f:57:eb:76:b2:46:
16:8d:8e:62
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASN0MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI1MDEwMTA2WhcNMjUxMjEwMDEwMTA2WjAYMRYw
FAYDVQQDEw02NzZiNTk1Ni0yNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAlnyynpZr2WpidThWMp3CfMHJbPJ+MmopkdBTPcq693nHORu4juD59ufP
Fv57QwR6vy9uQFG3aggJer+cu0twGCS4PAJxHUryLsgW/TTc48VAn5aIrKBt43nv
aKpEcxkagM92RmV+/V10eMtHvDmoihsFC6KZuaE6u1NcMnlXJb6EX6v/sK0Vh9Ar
9Dsq3rKv9H1ctAs6Wdcb7+JsXbewznj2Nx9HtRbs0dqyAJncMNQ0mhY/dHW86KJT
GTsLR52W8CuZLQy/BzLv3s0QiyMcMgd/cHOB0MLoHctdYiSrBLfOePM6ff3Y3asv
cLsHt0IAqnVe4W7L8fLag4g2jrrSRwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFDKs
7GUvwc1J6YWWos3p+vt3rTkAMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQTcxNTNFRUMyNUIxMUVGOERFMDkyN0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsdHMA0GCSqGSIb3DQEB
CwUAA4IBAQBErJNTpkXo3yluoGFjTiPhxL6SR/qhu9FfHo8ktCUmseU35yETm4CY
ygZA393qlGWP31BarRiMoaHzodCpgfmhfUsxOrtxs+8UBwMg7oqgqJKD1ZpRRj7Z
eyMd8UH6QOxRySvMz94VP0xS9ek4nZBZyz4CBhWJtDnRIyTkkTYz4C8uTA8N3UIY
mF8imbUgu4GlghT1qrzhg3i7RKd8kcFcNkDHMEDeGv3nzxiYiuV1WVsn4MmV0xs+
VKdsm+gtsQt8hFQ+9hCiYBw3VZLGYsp1BNJ0lQ8XZrHg/RJqdpBVCVn3PtLBqpJx
vyz7SUSNSo2dpzIt4hx/V+t2skYWjY5i
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:18:15 2025 by rpki-client