Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C52B3A9EC35411EF81B388B7762E951A.roa
File: C52B3A9EC35411EF81B388B7762E951A.roa (raw, json)
Hash identifier: jtRP4sIerv0tu4NloBIgpB62uCWxF7enj8FjA6yRHkY=
Subject key identifier: CD:D3:FC:3A:27:E1:7F:DC:E0:C1:C0:F3:A0:2C:6D:C0:41:64:B6:C9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0125D1
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C52B3A9EC35411EF81B388B7762E951A.roa
Signing time: Thu 26 Dec 2024 06:43:52 +0000
ROA not before: Thu 26 Dec 2024 06:43:49 +0000
ROA not after: Sun 12 Dec 2027 06:43:49 +0000
asID: 17561
IP address blocks: 154.88.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75217 (0x125d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 26 06:43:49 2024 GMT
Not After : Dec 12 06:43:49 2027 GMT
Subject: CN=676cfb28-715c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:51:f7:b5:b4:d1:99:03:b6:e5:61:1f:19:1c:
0e:49:ba:89:44:03:d0:33:1f:9d:19:f6:26:6e:fa:
cd:e7:7d:84:83:b9:7b:60:89:13:5e:9b:2e:72:9f:
2f:fc:38:1c:e3:60:2c:d5:08:39:5a:50:8f:ef:7b:
2b:a0:8f:04:0a:9d:1e:56:6b:fc:bb:97:48:e5:5d:
24:52:53:f4:1b:f7:fb:3b:29:4a:5c:e9:34:5a:d1:
01:72:39:8d:32:37:c3:f8:0f:59:19:02:45:e1:47:
56:7b:69:73:99:2a:e6:b7:cc:90:65:95:d9:13:73:
2c:45:6b:00:84:6d:8c:31:d9:2e:e5:66:ab:4b:07:
a5:b6:8e:8f:4c:f5:2c:4e:8a:21:34:4d:d8:ce:63:
44:dd:83:de:23:ea:e6:f5:2b:e5:b3:61:1b:37:ad:
78:63:9f:c6:ef:54:c1:d8:a5:7c:1b:34:37:26:4a:
2e:e9:b7:33:23:cf:2a:ef:e3:41:25:1f:96:83:a7:
a0:4d:73:64:96:de:a8:30:bc:48:37:cd:70:d4:fc:
43:07:c0:cc:e3:56:8c:e0:5b:26:d7:ef:55:41:46:
9b:f1:24:96:24:f1:1d:38:52:42:6d:e7:e7:d7:b4:
67:85:c7:af:a4:59:1f:1d:de:7f:c1:7f:ef:ab:2d:
02:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D3:FC:3A:27:E1:7F:DC:E0:C1:C0:F3:A0:2C:6D:C0:41:64:B6:C9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/C52B3A9EC35411EF81B388B7762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.88.44.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:c2:ff:52:5f:9d:67:43:bf:56:36:01:7e:2f:82:21:6d:80:
32:01:a5:fb:df:36:14:bd:28:76:0b:af:18:77:a6:bf:fb:f1:
3e:9d:5c:e8:82:20:e5:a3:0a:cf:29:f8:2e:9d:b7:c2:c4:a7:
7d:df:51:21:a3:b5:14:fa:8f:db:a1:f4:a5:12:d6:bb:f0:23:
c7:98:1f:da:28:b5:1a:c6:03:09:6c:52:e3:d6:70:cf:86:14:
fb:c0:3a:44:e1:65:ed:e3:f2:e1:3e:16:0c:97:f0:49:c3:47:
e5:db:68:12:93:db:e2:e7:f7:c0:14:7f:9e:58:cb:a6:e7:2d:
3c:0c:81:cf:68:5a:2e:1a:55:41:9f:b4:ac:42:4b:57:49:41:
40:b3:31:d6:51:ed:c2:08:f3:fa:ab:78:7a:c1:62:0e:8f:52:
6f:bc:5c:79:12:a6:18:f0:ac:a5:82:ed:77:6c:55:4f:7a:55:
1b:a9:27:53:05:3d:8d:a0:c1:a1:4b:07:27:1d:86:30:0e:87:
04:12:85:ef:b7:9f:0d:17:10:ed:17:e9:de:04:68:9e:87:ab:
0e:f1:b4:30:0f:2c:68:ac:fa:6f:5a:d9:ea:b5:98:c8:7f:11:
b7:ca:46:87:b4:d3:08:89:9e:ee:9c:c4:c9:ba:d7:51:79:09:
46:fc:9e:eb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDASXRMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI2MDY0MzQ5WhcNMjcxMjEyMDY0MzQ5WjAYMRYw
FAYDVQQDEw02NzZjZmIyOC03MTVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvlH3tbTRmQO25WEfGRwOSbqJRAPQMx+dGfYmbvrN532Eg7l7YIkTXpsu
cp8v/Dgc42As1Qg5WlCP73sroI8ECp0eVmv8u5dI5V0kUlP0G/f7OylKXOk0WtEB
cjmNMjfD+A9ZGQJF4UdWe2lzmSrmt8yQZZXZE3MsRWsAhG2MMdku5WarSwelto6P
TPUsToohNE3YzmNE3YPeI+rm9Svls2EbN614Y5/G71TB2KV8GzQ3Jkou6bczI88q
7+NBJR+Wg6egTXNklt6oMLxIN81w1PxDB8DM41aM4Fsm1+9VQUab8SSWJPEdOFJC
befn17RnhcevpFkfHd5/wX/vqy0CqQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM3T
/Don4X/c4MHA86AsbcBBZLbJMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DNTJCM0E5RUMzNTQxMUVGODFCMzg4Qjc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmlgsMA0GCSqGSIb3DQEB
CwUAA4IBAQBawv9SX51nQ79WNgF+L4IhbYAyAaX73zYUvSh2C68Yd6a/+/E+nVzo
giDlowrPKfgunbfCxKd931Eho7UU+o/bofSlEta78CPHmB/aKLUaxgMJbFLj1nDP
hhT7wDpE4WXt4/LhPhYMl/BJw0fl22gSk9vi5/fAFH+eWMum5y08DIHPaFouGlVB
n7SsQktXSUFAszHWUe3CCPP6q3h6wWIOj1JvvFx5EqYY8Kylgu13bFVPelUbqSdT
BT2NoMGhSwcnHYYwDocEEoXvt58NFxDtF+neBGieh6sO8bQwDyxorPpvWtnqtZjI
fxG3ykaHtNMIiZ7unMTJutdReQlG/J7r
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:56:31 2025 by rpki-client