Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E85B89B4D58911EF8C126EBE762E951A.roa
File: E85B89B4D58911EF8C126EBE762E951A.roa (raw, json)
Hash identifier: bdudHOePwMxIf1tfLDI/FK1Aw/pJs5jwc18SvfcA1k4=
Subject key identifier: 8B:20:1D:3B:A8:F0:9D:49:18:C8:EF:45:97:51:FB:64:AB:EA:59:37
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013DF2
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E85B89B4D58911EF8C126EBE762E951A.roa
Signing time: Sat 18 Jan 2025 10:49:36 +0000
ROA not before: Sat 18 Jan 2025 10:49:32 +0000
ROA not after: Thu 22 Jan 2026 10:49:32 +0000
asID: 63199
IP address blocks: 154.209.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81394 (0x13df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 18 10:49:32 2025 GMT
Not After : Jan 22 10:49:32 2026 GMT
Subject: CN=678b8740-b569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:18:e7:ac:5d:f8:e6:85:7a:6d:75:57:8b:
74:b0:ad:7d:b6:98:b1:00:97:46:d0:d9:d1:f4:f7:
f1:c3:0f:34:5a:6e:76:0b:e9:3a:97:ad:a9:ce:f2:
88:42:d9:dd:0d:d3:21:bf:60:1e:db:88:52:56:fb:
85:1a:8d:56:86:1d:f7:07:6c:60:5a:4a:78:76:6f:
01:da:0d:8d:06:65:1b:03:8f:25:28:30:eb:5e:21:
47:37:94:04:b8:2f:d0:41:5b:e5:e8:08:2a:49:08:
8b:d0:a7:ca:41:aa:68:b4:67:b6:3e:03:d7:4a:5e:
b0:51:f3:f4:2e:b4:90:d4:09:a3:70:c0:6d:7a:6f:
53:a3:c9:8a:9f:e4:b1:7d:ac:ad:e2:55:f3:c1:29:
b5:83:91:7f:ad:b5:90:74:d5:d7:82:44:10:72:5a:
5b:7d:d6:dc:c4:e9:e7:46:df:8e:28:93:63:e9:1a:
01:49:cc:e2:f3:29:41:ff:c5:5d:70:c2:26:8e:27:
d7:66:2d:af:2c:b0:da:78:21:85:7b:58:c9:dc:1b:
ca:cb:78:7c:01:13:7f:be:1e:1f:5d:d8:10:40:ab:
86:94:18:b7:e1:21:59:50:7d:1f:3e:7e:e3:cb:25:
ed:33:05:ee:a4:7f:90:ae:30:c1:fc:ad:5b:df:0c:
6c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:20:1D:3B:A8:F0:9D:49:18:C8:EF:45:97:51:FB:64:AB:EA:59:37
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/E85B89B4D58911EF8C126EBE762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.209.72.0/21
Signature Algorithm: sha256WithRSAEncryption
8f:77:2c:62:33:09:ca:88:78:59:8f:72:1d:46:3e:dc:18:8d:
64:62:d1:e5:f3:2a:86:7b:51:ad:31:4e:83:87:32:be:02:b0:
78:f4:c2:d0:e9:ee:3c:2d:93:b3:bd:e7:97:73:09:83:cf:a3:
2a:cf:ae:b4:33:2f:0d:73:91:e6:74:e5:40:ad:bb:14:82:b8:
f0:e2:27:a6:9d:e2:25:d9:4b:ad:3f:b6:e8:90:d0:5e:f6:82:
4c:de:bd:2d:35:ce:e7:f2:4b:43:ca:31:da:10:8a:32:f8:ad:
d5:de:d0:52:97:09:4f:25:05:c2:f3:e1:f2:59:4f:27:cc:75:
dc:42:e8:c8:c9:a1:00:43:94:59:f1:b6:95:c8:be:8f:55:13:
fc:e9:fe:8f:33:38:19:2d:0f:6b:59:4a:55:ff:41:48:04:e5:
b6:a1:40:b5:79:53:35:1e:e6:01:27:70:38:65:57:bf:2a:fc:
cd:1a:4c:87:5d:a8:86:74:65:a5:ff:7c:e5:cf:a8:b9:17:ff:
08:7c:ec:ee:00:90:d1:df:95:6d:25:e9:eb:f4:3b:17:b1:16:
71:27:ef:e3:a2:cf:87:f0:f2:3f:0e:19:2b:fa:dd:1d:ff:a3:
a2:02:6f:8d:1e:65:d8:38:de:89:82:25:c7:41:e4:26:4b:41:
5f:cd:31:e3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAT3yMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTE4MTA0OTMyWhcNMjYwMTIyMTA0OTMyWjAYMRYw
FAYDVQQDEw02NzhiODc0MC1iNTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAsc8Y56xd+OaFem11V4t0sK19tpixAJdG0NnR9Pfxww80Wm52C+k6l62p
zvKIQtndDdMhv2Ae24hSVvuFGo1Whh33B2xgWkp4dm8B2g2NBmUbA48lKDDrXiFH
N5QEuC/QQVvl6AgqSQiL0KfKQapotGe2PgPXSl6wUfP0LrSQ1AmjcMBtem9To8mK
n+Sxfayt4lXzwSm1g5F/rbWQdNXXgkQQclpbfdbcxOnnRt+OKJNj6RoBSczi8ylB
/8VdcMImjifXZi2vLLDaeCGFe1jJ3BvKy3h8ARN/vh4fXdgQQKuGlBi34SFZUH0f
Pn7jyyXtMwXupH+QrjDB/K1b3wxs8wIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIsg
HTuo8J1JGMjvRZdR+2Sr6lk3MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9FODVCODlCNEQ1ODkxMUVGOEMxMjZFQkU3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmtFIMA0GCSqGSIb3DQEB
CwUAA4IBAQCPdyxiMwnKiHhZj3IdRj7cGI1kYtHl8yqGe1GtMU6DhzK+ArB49MLQ
6e48LZOzveeXcwmDz6Mqz660My8Nc5HmdOVArbsUgrjw4iemneIl2UutP7bokNBe
9oJM3r0tNc7n8ktDyjHaEIoy+K3V3tBSlwlPJQXC8+HyWU8nzHXcQujIyaEAQ5RZ
8baVyL6PVRP86f6PMzgZLQ9rWUpV/0FIBOW2oUC1eVM1HuYBJ3A4ZVe/KvzNGkyH
XaiGdGWl/3zlz6i5F/8IfOzuAJDR35VtJenr9DsXsRZxJ+/jos+H8PI/Dhkr+t0d
/6OiAm+NHmXYON6JgiXHQeQmS0FfzTHj
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:23:13 2025 by rpki-client