Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F23A15AECDB911EFA5D2E153762E951A.roa
File: F23A15AECDB911EFA5D2E153762E951A.roa (raw, json)
Hash identifier: BhlULdrENWJyXyEPcY8lRQGcpULKaPZLwDJslGXRuEs=
Subject key identifier: 09:40:D5:67:E5:E5:44:CD:BB:CA:36:D7:85:02:09:2B:BF:86:D4:0D
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0136D6
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F23A15AECDB911EFA5D2E153762E951A.roa
Signing time: Wed 08 Jan 2025 12:13:19 +0000
ROA not before: Wed 08 Jan 2025 12:13:15 +0000
ROA not after: Tue 16 Dec 2025 12:13:15 +0000
asID: 984
IP address blocks: 154.200.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79574 (0x136d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Jan 8 12:13:15 2025 GMT
Not After : Dec 16 12:13:15 2025 GMT
Subject: CN=677e6bdf-0eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8f:7d:e3:4c:07:64:43:d2:2c:0f:f9:52:f8:
d9:90:bd:c8:b8:bd:52:5a:69:fd:e5:4f:49:b3:33:
11:00:56:32:b1:67:91:29:05:4b:73:3f:c7:79:a3:
e8:26:87:eb:41:84:1a:cc:56:f8:77:58:e9:36:d5:
71:ea:69:21:fc:a7:54:c7:29:d4:81:2c:f4:88:81:
c6:d9:27:ce:cb:d5:e3:b9:2e:b3:a2:2a:e7:54:f9:
f8:f1:09:cb:b7:d4:9c:c1:14:14:66:68:2f:2a:02:
d5:72:f7:fb:b4:28:e2:8a:3e:fb:4a:f5:59:b7:98:
62:58:13:08:7c:52:27:d3:e0:29:c5:b9:ed:bf:4a:
e1:29:07:89:73:c0:21:12:68:b5:66:06:34:ad:93:
0f:7a:5b:d8:0a:41:1b:61:e9:f6:0d:5e:ca:4f:37:
8e:bc:d4:0c:96:06:19:10:fc:77:68:bd:d7:4d:26:
60:9b:a6:d3:0b:b4:37:88:f3:fb:89:1c:f8:62:2c:
cd:88:d9:03:5d:fb:a9:96:71:09:f2:ba:72:56:9d:
95:3e:b5:81:6c:c3:46:64:33:e5:3d:72:a0:8e:3d:
57:3c:2c:a8:f1:d7:ed:e4:d4:e5:ff:de:b7:81:2a:
f5:36:e0:8c:65:a8:04:a6:b4:c8:a9:ec:26:b6:7d:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:40:D5:67:E5:E5:44:CD:BB:CA:36:D7:85:02:09:2B:BF:86:D4:0D
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/F23A15AECDB911EFA5D2E153762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.180.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:16:ba:ee:fd:18:67:71:e4:5c:de:eb:ba:f2:24:1e:6d:ca:
31:99:e5:06:14:17:3e:97:cc:98:f6:5a:82:69:d7:03:d7:ff:
75:a7:98:12:73:8c:7f:16:ae:aa:08:d3:62:4e:7d:fc:77:d0:
73:45:a3:61:f8:df:be:35:dc:16:81:3e:af:42:93:56:64:51:
68:a7:89:ba:18:93:ce:c4:6f:71:04:aa:93:b6:79:ef:cb:26:
14:32:81:e8:67:d9:b6:ea:ee:7e:f7:40:e0:fa:b8:a4:0d:de:
0f:9f:34:ba:bf:6d:77:20:aa:e0:92:ea:99:58:6c:32:08:fc:
4c:78:88:6d:48:77:9f:c6:3a:89:6d:65:a3:c5:36:91:fc:3b:
49:b1:1a:d8:66:bf:26:07:e8:8f:c7:38:3f:35:6d:ba:08:b5:
42:1a:4e:0e:30:ce:2c:b1:7b:e1:63:b3:f4:47:42:7b:ea:fc:
bc:0e:b0:a2:8d:e5:b6:6a:76:db:d2:f7:5c:da:9a:95:55:e8:
eb:b7:e9:66:53:41:1e:09:a3:ab:d7:d9:17:b8:65:4f:6e:32:
ad:8e:f8:be:20:c9:34:60:aa:9c:ed:f5:8f:9b:51:4d:56:16:
89:dc:8a:94:94:c2:9a:44:8c:a8:e7:ae:e7:b5:02:73:04:7a:
7a:68:c8:56
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATbWMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTA4MTIxMzE1WhcNMjUxMjE2MTIxMzE1WjAYMRYw
FAYDVQQDEw02NzdlNmJkZi0wZWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0Y9940wHZEPSLA/5UvjZkL3IuL1SWmn95U9JszMRAFYysWeRKQVLcz/H
eaPoJofrQYQazFb4d1jpNtVx6mkh/KdUxynUgSz0iIHG2SfOy9XjuS6zoirnVPn4
8QnLt9ScwRQUZmgvKgLVcvf7tCjiij77SvVZt5hiWBMIfFIn0+Apxbntv0rhKQeJ
c8AhEmi1ZgY0rZMPelvYCkEbYen2DV7KTzeOvNQMlgYZEPx3aL3XTSZgm6bTC7Q3
iPP7iRz4YizNiNkDXfuplnEJ8rpyVp2VPrWBbMNGZDPlPXKgjj1XPCyo8dft5NTl
/963gSr1NuCMZagEprTIqewmtn23YQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFAlA
1Wfl5UTNu8o214UCCSu/htQNMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9GMjNBMTVBRUNEQjkxMUVGQTVEMkUxNTM3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsi0MA0GCSqGSIb3DQEB
CwUAA4IBAQDGFrru/RhnceRc3uu68iQebcoxmeUGFBc+l8yY9lqCadcD1/91p5gS
c4x/Fq6qCNNiTn38d9BzRaNh+N++NdwWgT6vQpNWZFFop4m6GJPOxG9xBKqTtnnv
yyYUMoHoZ9m26u5+90Dg+rikDd4PnzS6v213IKrgkuqZWGwyCPxMeIhtSHefxjqJ
bWWjxTaR/DtJsRrYZr8mB+iPxzg/NW26CLVCGk4OMM4ssXvhY7P0R0J76vy8DrCi
jeW2anbb0vdc2pqVVejrt+lmU0EeCaOr19kXuGVPbjKtjvi+IMk0YKqc7fWPm1FN
VhaJ3IqUlMKaRIyo567ntQJzBHp6aMhW
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:07:23 2025 by rpki-client