Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEF0FAF8F47511EF8CBE9EBC762E951A.roa
File: CEF0FAF8F47511EF8CBE9EBC762E951A.roa (raw, json)
Hash identifier: wB1nfwVlZ7hUUwuJcRGj3murNd2MYSy2B/Eis0SilDU=
Subject key identifier: F2:32:5C:B4:9A:A4:F0:A1:08:84:1B:58:A9:3A:DF:B7:F4:FB:DA:9B
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 016583
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEF0FAF8F47511EF8CBE9EBC762E951A.roa
Signing time: Wed 26 Feb 2025 19:13:49 +0000
ROA not before: Wed 26 Feb 2025 19:13:45 +0000
ROA not after: Sat 19 Feb 2028 19:13:45 +0000
asID: 17561
IP address blocks: 154.218.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91523 (0x16583)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 19:13:45 2025 GMT
Not After : Feb 19 19:13:45 2028 GMT
Subject: CN=67bf67ed-bd0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:76:9a:6f:bf:09:05:f7:6f:f4:ef:86:14:af:
e9:40:66:ed:b0:97:af:c5:ef:a5:ca:83:c8:5d:dc:
2f:03:93:c7:24:35:7d:61:3b:a8:2a:29:47:0a:21:
09:ad:43:7f:60:b6:90:6b:b1:20:50:47:64:c9:80:
e1:9a:6c:7c:5c:da:24:aa:6e:91:bd:13:8e:e6:fb:
47:59:4f:44:53:5e:3e:28:e4:ee:e0:b5:fd:f5:1e:
dc:a8:64:a8:3d:b3:1d:45:ab:b1:d4:f9:41:fd:b5:
d7:6a:4b:6a:88:93:f3:03:74:20:c7:02:b9:1d:18:
98:77:ad:18:c6:e0:1e:e3:32:07:43:6a:84:6d:b7:
85:84:30:f2:dc:af:c7:5b:06:71:5e:bc:54:ee:a3:
2c:cd:42:da:99:25:55:8e:ca:8b:3c:20:1f:bf:d5:
2b:8e:84:bf:da:da:61:fc:0a:70:a2:20:74:7e:8c:
8c:2c:18:45:5a:cf:80:24:08:cb:02:44:98:0f:6c:
46:17:ba:48:8a:60:5b:2a:fc:21:3a:f9:bb:8a:70:
7a:23:36:2f:d3:00:0b:e4:4e:51:9f:0e:cd:da:49:
f0:e3:a8:2e:0b:4e:8d:d9:18:1b:dc:38:03:ea:82:
fd:d6:30:e7:c9:83:7d:d8:c0:c8:95:a3:67:c4:97:
1a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:32:5C:B4:9A:A4:F0:A1:08:84:1B:58:A9:3A:DF:B7:F4:FB:DA:9B
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CEF0FAF8F47511EF8CBE9EBC762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.39.0/24
Signature Algorithm: sha256WithRSAEncryption
99:2c:03:61:9a:b7:aa:fb:6a:a1:98:29:d7:f6:e0:83:3b:8b:
ac:95:46:f8:53:fa:28:08:5b:50:2d:c0:70:fd:75:4c:fe:59:
a9:8a:45:95:09:68:8d:48:15:c7:5f:e6:3c:59:f1:c8:d5:76:
7d:67:a4:42:2a:47:8a:2a:f9:50:65:71:53:8e:36:d1:cd:02:
c5:eb:8b:6c:e2:21:f7:fa:b4:4b:7b:3f:a9:9e:a2:4b:ce:6b:
06:d9:58:c0:9c:cb:e5:6a:07:7a:aa:df:f2:da:db:75:d2:08:
bd:28:17:ed:81:f2:ea:70:7a:4e:67:6e:e6:e3:d2:b1:54:d8:
77:eb:05:4a:bd:c6:13:cf:3d:bf:17:3b:e2:9a:bf:b6:52:e1:
bf:48:91:fd:99:11:ee:36:d6:2b:7d:f1:c1:b7:26:98:6a:4f:
a3:96:ad:92:fe:c8:99:00:2a:19:77:ed:c4:d1:c2:de:db:4e:
57:c7:73:c2:f2:63:2f:ab:63:98:ba:18:47:b4:eb:a7:b6:60:
5e:ad:1b:06:f9:86:b9:76:58:9b:78:ef:70:2f:da:93:21:5f:
b1:56:6e:7c:63:47:49:37:9b:06:53:e8:2f:54:5a:17:dc:41:
13:33:87:33:c9:b8:a0:1c:c1:55:87:3b:01:1d:2d:da:f5:8f:
ed:e1:8f:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWWDMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTkxMzQ1WhcNMjgwMjE5MTkxMzQ1WjAYMRYw
FAYDVQQDEw02N2JmNjdlZC1iZDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAmXaab78JBfdv9O+GFK/pQGbtsJevxe+lyoPIXdwvA5PHJDV9YTuoKilH
CiEJrUN/YLaQa7EgUEdkyYDhmmx8XNokqm6RvROO5vtHWU9EU14+KOTu4LX99R7c
qGSoPbMdRaux1PlB/bXXaktqiJPzA3QgxwK5HRiYd60YxuAe4zIHQ2qEbbeFhDDy
3K/HWwZxXrxU7qMszULamSVVjsqLPCAfv9UrjoS/2tph/ApwoiB0foyMLBhFWs+A
JAjLAkSYD2xGF7pIimBbKvwhOvm7inB6IzYv0wAL5E5Rnw7N2knw46guC06N2Rgb
3DgD6oL91jDnyYN92MDIlaNnxJcaAwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFPIy
XLSapPChCIQbWKk637f0+9qbMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRUYwRkFGOEY0NzUxMUVGOENCRTlFQkM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtonMA0GCSqGSIb3DQEB
CwUAA4IBAQCZLANhmreq+2qhmCnX9uCDO4uslUb4U/ooCFtQLcBw/XVM/lmpikWV
CWiNSBXHX+Y8WfHI1XZ9Z6RCKkeKKvlQZXFTjjbRzQLF64ts4iH3+rRLez+pnqJL
zmsG2VjAnMvlagd6qt/y2tt10gi9KBftgfLqcHpOZ27m49KxVNh36wVKvcYTzz2/
Fzvimr+2UuG/SJH9mRHuNtYrffHBtyaYak+jlq2S/siZACoZd+3E0cLe205Xx3PC
8mMvq2OYuhhHtOuntmBerRsG+Ya5dlibeO9wL9qTIV+xVm58Y0dJN5sGU+gvVFoX
3EETM4czybigHMFVhzsBHS3a9Y/t4Y87
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:19:02 2025 by rpki-client