Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1FE18C4DA2011EFBE688D94762E951A.roa
File: F1FE18C4DA2011EFBE688D94762E951A.roa (raw, json)
Hash identifier: PCxs6y97H2HZxdS8A6M8zUthPy798KXIsNZsU5nu5mk=
Subject key identifier: CF:2B:A0:A9:97:7B:9B:C8:BA:D3:E1:52:FB:4B:F7:58:52:75:47:9C
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 014407
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1FE18C4DA2011EFBE688D94762E951A.roa
Signing time: Fri 24 Jan 2025 07:00:51 +0000
ROA not before: Fri 24 Jan 2025 07:00:47 +0000
ROA not after: Tue 13 May 2025 07:00:47 +0000
asID: 138915
IP address blocks: 154.205.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82951 (0x14407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 24 07:00:47 2025 GMT
Not After : May 13 07:00:47 2025 GMT
Subject: CN=67933aa2-51fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cc:56:ff:69:a9:9f:b2:db:6e:04:fc:fa:27:
db:9d:a4:50:5b:e5:e1:ce:ab:7f:67:75:e0:3f:cc:
b9:df:c3:5b:f3:6f:56:10:3b:0a:a0:2e:1b:40:50:
7d:6e:ae:39:0d:32:76:bd:c3:79:78:2b:6e:79:cf:
2d:10:96:7d:e6:0a:7b:c8:a0:5d:86:24:9f:a6:66:
e0:c3:4e:01:ab:3e:08:ca:a9:40:2b:a8:9e:65:50:
ef:71:3a:d2:ee:b9:17:4a:50:f3:80:9d:89:fd:ce:
5e:76:4d:f1:04:4d:44:6b:06:20:59:15:8f:fc:ae:
59:3b:e2:65:33:6d:da:6e:f2:1d:68:17:2b:21:3a:
0f:f8:eb:7d:f1:97:da:ea:93:2c:db:e9:d3:82:31:
8d:71:ae:d1:e6:5b:bf:4b:53:13:2f:97:0a:08:b2:
96:ee:ef:3c:6f:ec:d2:fc:66:48:77:9f:ba:04:4d:
34:b3:75:d8:a7:81:5d:16:e3:ad:31:d8:f1:bd:2f:
63:99:bf:6b:cc:e8:20:1a:d7:32:7a:2b:cc:c3:98:
a2:df:1a:14:b1:9e:88:de:3e:57:64:9b:9e:11:df:
53:06:c1:a3:51:80:68:a8:af:09:45:72:07:bd:ad:
fa:b3:ec:d8:92:1d:00:bd:cb:b3:9d:8c:8d:db:7c:
a2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:2B:A0:A9:97:7B:9B:C8:BA:D3:E1:52:FB:4B:F7:58:52:75:47:9C
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F1FE18C4DA2011EFBE688D94762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.205.130.0/24
Signature Algorithm: sha256WithRSAEncryption
01:21:d1:a2:ff:e4:2d:7b:81:95:90:11:a5:d1:08:9d:cb:de:
d4:9e:9b:bc:d4:82:3d:c9:d5:ef:2a:fc:dc:12:a2:e9:0e:fa:
84:c0:f3:33:b9:be:b0:5a:2a:19:88:b5:5e:a6:13:71:0d:ea:
95:33:b3:9b:dd:ff:bc:f1:ae:5e:52:fa:fa:0e:c4:29:29:ec:
e9:8d:b8:93:a9:64:8b:50:26:d1:ad:86:d7:23:f9:2f:f9:fa:
cd:47:5a:22:68:74:f1:3a:30:7e:5d:18:21:ef:8d:66:94:56:
16:f3:94:c1:29:43:a0:f9:38:7e:5d:c7:61:bc:dc:15:04:b7:
9d:1a:c5:19:0d:48:ed:8c:52:1c:d1:68:b3:c8:b0:84:bc:b6:
df:08:54:72:74:20:8d:e0:9a:40:d6:cd:1a:98:7a:08:b4:3e:
60:06:3e:99:82:dd:c3:8b:8a:ee:8f:e2:92:46:25:5d:71:bc:
77:02:50:45:b4:9b:fa:7c:8c:cc:96:ee:a7:61:07:be:ab:3c:
93:ab:93:fb:30:47:8d:69:16:7a:1c:83:76:f9:47:b4:e2:3a:
12:26:2a:f4:a4:8d:45:75:4e:97:22:ad:af:ec:49:83:43:3e:
6a:b7:eb:a0:d3:6e:8a:22:4d:f1:85:bb:51:47:ef:20:9a:12:
1a:16:df:dc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAUQHMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTI0MDcwMDQ3WhcNMjUwNTEzMDcwMDQ3WjAYMRYw
FAYDVQQDEw02NzkzM2FhMi01MWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA28xW/2mpn7LbbgT8+ifbnaRQW+Xhzqt/Z3XgP8y538Nb829WEDsKoC4b
QFB9bq45DTJ2vcN5eCtuec8tEJZ95gp7yKBdhiSfpmbgw04Bqz4IyqlAK6ieZVDv
cTrS7rkXSlDzgJ2J/c5edk3xBE1EawYgWRWP/K5ZO+JlM23abvIdaBcrIToP+Ot9
8Zfa6pMs2+nTgjGNca7R5lu/S1MTL5cKCLKW7u88b+zS/GZId5+6BE00s3XYp4Fd
FuOtMdjxvS9jmb9rzOggGtcyeivMw5ii3xoUsZ6I3j5XZJueEd9TBsGjUYBoqK8J
RXIHva36s+zYkh0AvcuznYyN23yiPQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFM8r
oKmXe5vIutPhUvtL91hSdUecMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMUZFMThDNERBMjAxMUVGQkU2ODhEOTQ3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAms2CMA0GCSqGSIb3DQEB
CwUAA4IBAQABIdGi/+Qte4GVkBGl0Qidy97Unpu81II9ydXvKvzcEqLpDvqEwPMz
ub6wWioZiLVephNxDeqVM7Ob3f+88a5eUvr6DsQpKezpjbiTqWSLUCbRrYbXI/kv
+frNR1oiaHTxOjB+XRgh741mlFYW85TBKUOg+Th+XcdhvNwVBLedGsUZDUjtjFIc
0WizyLCEvLbfCFRydCCN4JpA1s0amHoItD5gBj6Zgt3Di4ruj+KSRiVdcbx3AlBF
tJv6fIzMlu6nYQe+qzyTq5P7MEeNaRZ6HIN2+Ue04joSJir0pI1FdU6XIq2v7EmD
Qz5qt+ug026KIk3xhbtRR+8gmhIaFt/c
-----END CERTIFICATE-----
Generated at Fri Apr 4 10:45:23 2025 by rpki-client