Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB789124DA1D11EF96D39781762E951A.roa
File: BB789124DA1D11EF96D39781762E951A.roa (raw, json)
Hash identifier: tlexn93ktvY0huC9DtmOfhCFQXIy+500GvljS6gLFig=
Subject key identifier: DE:FF:BC:4C:F1:AF:EF:6C:84:FF:90:99:DA:EB:E7:4D:0C:65:DE:55
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0143F2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB789124DA1D11EF96D39781762E951A.roa
Signing time: Fri 24 Jan 2025 06:37:51 +0000
ROA not before: Fri 24 Jan 2025 06:37:47 +0000
ROA not after: Tue 13 May 2025 06:37:47 +0000
asID: 138915
IP address blocks: 154.205.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82930 (0x143f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 06:37:47 2025 GMT
Not After : May 13 06:37:47 2025 GMT
Subject: CN=6793353e-3be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:80:70:b2:1b:88:ef:7d:44:fa:6d:48:14:fd:
f1:c6:37:57:1a:40:99:db:c0:7c:f5:02:94:72:5e:
45:ec:05:01:49:df:83:e7:5a:31:fd:7c:26:f5:ce:
2e:df:05:22:42:73:7d:ae:52:f4:8f:9a:94:36:83:
bb:8d:5f:45:86:0b:94:55:be:9e:b7:62:6c:5b:99:
67:c2:40:fc:d1:94:1d:c9:92:91:73:86:81:f2:19:
49:a4:c1:03:32:54:dc:11:f2:c9:88:df:e8:1e:a0:
15:4b:bc:31:16:dd:57:0a:49:e8:00:24:1f:7d:ad:
aa:26:5a:9d:6c:9d:a0:2e:49:9b:c4:81:cd:be:8c:
5d:1b:ae:45:90:e9:28:16:ab:76:87:7b:c0:60:94:
41:cc:f2:fd:fb:00:41:82:94:de:90:3d:3f:55:7f:
84:7f:4c:71:7c:c3:4a:d9:f9:ab:a5:cf:11:42:72:
cd:04:43:33:dd:5c:a0:66:c5:02:a0:cd:9e:38:a7:
a8:a4:ca:8f:4c:61:96:83:7e:ab:0b:8e:2f:da:0a:
77:63:8b:c5:2f:dc:3c:35:29:9a:51:ac:08:0b:d9:
d2:75:5c:94:2b:a9:70:f8:02:fa:47:33:e1:72:e4:
65:08:4c:19:df:26:01:89:98:bf:17:d3:c7:b9:b6:
78:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FF:BC:4C:F1:AF:EF:6C:84:FF:90:99:DA:EB:E7:4D:0C:65:DE:55
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BB789124DA1D11EF96D39781762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.139.0/24
Signature Algorithm: sha256WithRSAEncryption
28:db:4b:9c:74:ed:c1:12:7f:a2:55:e8:1c:ce:9c:6c:5f:52:
06:15:7e:d6:92:ef:a8:b8:80:ed:56:47:25:85:d7:54:68:e5:
0a:30:a4:43:c8:9f:59:72:4a:0f:4d:10:5b:03:99:34:b2:c7:
6a:06:df:6f:6c:30:7c:1e:42:83:d5:68:1f:aa:cd:65:c1:95:
25:9b:3e:0f:db:8b:22:0a:8e:2b:be:0d:0f:a5:4a:a4:3d:61:
d1:89:58:34:96:d1:f6:41:2c:57:ad:be:2d:bf:7b:fb:94:75:
af:3a:98:3c:31:e3:3f:99:d7:fd:54:73:f0:98:1c:b4:e2:a9:
0e:ce:d1:57:ae:4c:6e:63:1b:5a:c3:93:72:35:e8:7d:0a:62:
d8:f3:69:03:42:ae:d4:5b:74:a7:bc:ae:b6:6a:7d:00:0b:1d:
07:8d:29:f5:e5:9d:e2:83:b5:a4:f9:e1:8b:e7:b3:eb:e8:55:
72:40:ae:38:3f:1c:64:38:09:03:a5:36:a4:9e:6e:78:bb:39:
eb:3f:16:a2:47:f0:8a:02:e0:fa:f3:ca:b3:0a:d5:b9:69:3c:
3a:24:a1:8a:7b:01:87:ab:dd:18:dd:35:f8:ae:8a:0b:f2:e4:
9a:20:7c:aa:bf:f5:f2:5c:2e:3b:46:48:40:15:ec:21:d4:35:
f6:6e:db:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUPyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDYzNzQ3WhcNMjUwNTEzMDYzNzQ3WjAYMRYw
FAYDVQQDEw02NzkzMzUzZS0zYmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA24BwshuI731E+m1IFP3xxjdXGkCZ28B89QKUcl5F7AUBSd+D51ox/Xwm
9c4u3wUiQnN9rlL0j5qUNoO7jV9FhguUVb6et2JsW5lnwkD80ZQdyZKRc4aB8hlJ
pMEDMlTcEfLJiN/oHqAVS7wxFt1XCknoACQffa2qJlqdbJ2gLkmbxIHNvoxdG65F
kOkoFqt2h3vAYJRBzPL9+wBBgpTekD0/VX+Ef0xxfMNK2fmrpc8RQnLNBEMz3Vyg
ZsUCoM2eOKeopMqPTGGWg36rC44v2gp3Y4vFL9w8NSmaUawIC9nSdVyUK6lw+AL6
RzPhcuRlCEwZ3yYBiZi/F9PHubZ46QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFN7/
vEzxr+9shP+Qmdrr500MZd5VMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQjc4OTEyNERBMUQxMUVGOTZEMzk3ODE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2LMA0GCSqGSIb3DQEB
CwUAA4IBAQAo20ucdO3BEn+iVegczpxsX1IGFX7Wku+ouIDtVkclhddUaOUKMKRD
yJ9ZckoPTRBbA5k0ssdqBt9vbDB8HkKD1Wgfqs1lwZUlmz4P24siCo4rvg0PpUqk
PWHRiVg0ltH2QSxXrb4tv3v7lHWvOpg8MeM/mdf9VHPwmBy04qkOztFXrkxuYxta
w5NyNeh9CmLY82kDQq7UW3SnvK62an0ACx0HjSn15Z3ig7Wk+eGL57Pr6FVyQK44
PxxkOAkDpTaknm54uznrPxaiR/CKAuD688qzCtW5aTw6JKGKewGHq90Y3TX4rooL
8uSaIHyqv/XyXC47RkhAFewh1DX2btuA
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:57:41 2025 by rpki-client