Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E15AFEB0D2E611EF8498E89E762E951A.roa
File: E15AFEB0D2E611EF8498E89E762E951A.roa (raw, json)
Hash identifier: pqS6yjFPf3OCjL9+usTs/n8zSS2gRZ2fdUA60RBYcCI=
Subject key identifier: 85:AE:95:8D:05:3A:8C:12:FC:B4:B0:8D:C0:56:B2:0A:D4:1B:BD:E5
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013B98
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E15AFEB0D2E611EF8498E89E762E951A.roa
Signing time: Wed 15 Jan 2025 02:17:34 +0000
ROA not before: Wed 15 Jan 2025 02:17:30 +0000
ROA not after: Sat 03 Jan 2026 02:17:30 +0000
asID: 984
IP address blocks: 154.222.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 07 Apr 2025 00:06:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80792 (0x13b98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 15 02:17:30 2025 GMT
Not After : Jan 3 02:17:30 2026 GMT
Subject: CN=67871abe-bfd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:86:2f:04:75:7e:c7:ab:ef:4e:31:93:f2:9e:
ba:67:76:c5:bf:cc:2d:2c:48:c1:89:f9:4a:23:28:
d7:07:e7:f7:90:f6:59:8a:0a:0b:48:25:47:3d:c1:
23:d4:94:9c:ed:d5:ee:bc:b2:3f:b1:54:df:da:89:
34:e7:79:71:19:ad:33:b5:8d:86:7d:46:07:5c:a7:
8f:eb:b8:f7:82:08:9b:99:26:b3:ee:56:57:80:f1:
00:24:89:af:ac:b8:f7:f1:ff:df:9d:dd:57:61:07:
fa:7a:fe:80:3b:b5:9e:7c:ff:fb:0b:d6:86:10:26:
b9:7b:1e:2f:f8:42:ef:40:08:b6:51:6f:17:f9:1e:
a0:46:50:dd:a7:dc:08:53:79:a3:7d:35:98:ee:fb:
5f:77:f6:b5:83:89:e6:c5:64:ba:11:10:bd:1f:39:
e2:70:89:05:c2:1b:9c:dc:a2:04:11:60:f7:85:5b:
c8:d6:29:0d:06:7d:f0:86:9a:5e:3d:68:b7:67:65:
e6:05:ea:99:a2:91:90:f5:f9:b1:e7:1c:9d:a5:bb:
f4:60:22:a2:66:ea:6b:bc:1e:77:0a:3e:d1:59:7a:
1a:f9:1a:0b:a0:fc:22:3b:9b:1c:c7:93:33:6a:d0:
73:99:74:96:2d:4f:a6:58:25:5b:8d:7b:2c:75:3f:
1f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AE:95:8D:05:3A:8C:12:FC:B4:B0:8D:C0:56:B2:0A:D4:1B:BD:E5
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E15AFEB0D2E611EF8498E89E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.159.0/24
Signature Algorithm: sha256WithRSAEncryption
af:c9:df:cb:ec:ad:7c:82:e2:85:14:ed:b8:2f:c9:68:49:4c:
2c:a6:40:96:1a:e8:2d:21:a4:67:4c:98:ed:45:86:92:35:ed:
35:69:e6:56:3c:65:b9:80:e4:0c:85:cb:b8:22:13:31:7a:d7:
b1:0d:62:b9:c2:08:3c:e0:06:5f:62:0b:fe:31:7e:dc:78:bb:
68:ce:9c:a2:27:33:a7:fb:e5:25:eb:45:1a:56:74:18:bc:33:
d2:7d:1e:4d:04:b7:94:5d:08:65:55:8a:a3:76:0f:5c:b0:38:
ab:9c:2b:d6:84:16:3e:cb:e6:80:89:16:3e:46:f5:5a:55:75:
7c:8b:81:8a:04:29:e3:6b:b3:81:65:29:69:83:a1:dd:36:08:
2e:c4:27:df:e6:0b:b4:2c:74:8a:82:e9:d5:c0:51:e4:c2:e8:
cb:14:74:e2:64:6a:79:21:67:74:1d:14:bc:79:9b:10:65:91:
f9:d5:de:73:7c:07:e9:78:93:ca:d5:1a:e1:12:6f:86:8a:08:
38:4d:3b:41:55:16:83:c8:63:ce:a5:c5:6e:da:f6:b3:dd:ac:
4b:dd:79:0b:35:da:37:0d:7b:1d:22:4d:48:44:70:a2:da:e5:
65:93:9d:ef:0c:5e:7b:ad:1c:83:15:1e:50:a3:2c:d1:84:44:
f0:f7:d7:52
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATuYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE1MDIxNzMwWhcNMjYwMTAzMDIxNzMwWjAYMRYw
FAYDVQQDEw02Nzg3MWFiZS1iZmQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1oYvBHV+x6vvTjGT8p66Z3bFv8wtLEjBiflKIyjXB+f3kPZZigoLSCVH
PcEj1JSc7dXuvLI/sVTf2ok053lxGa0ztY2GfUYHXKeP67j3ggibmSaz7lZXgPEA
JImvrLj38f/fnd1XYQf6ev6AO7WefP/7C9aGECa5ex4v+ELvQAi2UW8X+R6gRlDd
p9wIU3mjfTWY7vtfd/a1g4nmxWS6ERC9HznicIkFwhuc3KIEEWD3hVvI1ikNBn3w
hppePWi3Z2XmBeqZopGQ9fmx5xydpbv0YCKiZuprvB53Cj7RWXoa+RoLoPwiO5sc
x5MzatBzmXSWLU+mWCVbjXssdT8f9wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIWu
lY0FOowS/LSwjcBWsgrUG73lMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FMTVBRkVCMEQyRTYxMUVGODQ5OEU4OUU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmt6fMA0GCSqGSIb3DQEB
CwUAA4IBAQCvyd/L7K18guKFFO24L8loSUwspkCWGugtIaRnTJjtRYaSNe01aeZW
PGW5gOQMhcu4IhMxetexDWK5wgg84AZfYgv+MX7ceLtozpyiJzOn++Ul60UaVnQY
vDPSfR5NBLeUXQhlVYqjdg9csDirnCvWhBY+y+aAiRY+RvVaVXV8i4GKBCnja7OB
ZSlpg6HdNgguxCff5gu0LHSKgunVwFHkwujLFHTiZGp5IWd0HRS8eZsQZZH51d5z
fAfpeJPK1RrhEm+Gigg4TTtBVRaDyGPOpcVu2vaz3axL3XkLNdo3DXsdIk1IRHCi
2uVlk53vDF57rRyDFR5QoyzRhETw99dS
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:59:22 2025 by rpki-client