Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2D0A96211FF11F09E2A4C87762E951A.roa
File: A2D0A96211FF11F09E2A4C87762E951A.roa (raw, json)
Hash identifier: uCBZnPm6dfEy6xuFHSUqOaoP4anhXohTKDYlgOnzznw=
Subject key identifier: 0D:33:D9:A8:FC:F6:61:9F:7E:E5:C6:B2:37:5E:57:76:99:7F:E5:64
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 0177E4
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2D0A96211FF11F09E2A4C87762E951A.roa
Signing time: Sat 05 Apr 2025 09:23:29 +0000
ROA not before: Sat 05 Apr 2025 09:23:25 +0000
ROA not after: Sun 11 May 2025 09:23:25 +0000
asID: 6079
IP address blocks: 154.217.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Mon 28 Apr 2025 07:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96228 (0x177e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 5 09:23:25 2025 GMT
Not After : May 11 09:23:25 2025 GMT
Subject: CN=67f0f691-cabc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:66:a1:6f:ab:fd:a2:a1:f5:ed:ef:46:51:e2:
e8:ee:8c:d6:a6:fa:3d:eb:ed:99:27:48:66:df:d6:
d2:54:cc:c3:70:1f:24:b2:22:a6:6c:10:10:c6:4f:
f3:95:12:3e:f7:ff:1b:2d:28:0f:7a:9d:37:1c:3d:
41:8d:36:6e:32:8c:30:5f:e4:dc:6d:41:93:07:35:
43:ae:62:73:41:de:0f:3b:70:49:84:11:3a:07:c8:
10:91:26:af:1c:2d:c2:b1:0e:80:ee:16:ec:96:9a:
fd:7c:91:5a:74:dd:7b:35:5f:2d:a3:59:da:26:bc:
aa:22:15:eb:05:b3:8f:95:9c:43:d3:b0:f2:6d:99:
98:83:78:c3:11:ce:2f:e8:29:c8:52:79:09:f5:44:
3d:1d:d1:27:52:e6:ad:f2:5c:fb:c4:b7:44:45:8f:
d6:7d:df:ef:14:58:00:9a:2b:03:40:d7:4b:3b:de:
08:18:0e:de:df:dc:c2:b8:b8:45:04:da:3b:64:4a:
ce:92:de:9a:f1:77:26:ba:49:63:24:e6:a5:da:ab:
88:69:d4:6a:3c:27:96:0e:aa:c9:12:de:8b:ec:18:
1c:8f:a2:2a:9e:0e:f7:c6:bd:88:6d:9e:3e:57:2b:
e3:f5:09:b7:de:7e:2c:15:5f:7a:38:d1:e5:9e:cc:
41:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:33:D9:A8:FC:F6:61:9F:7E:E5:C6:B2:37:5E:57:76:99:7F:E5:64
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/A2D0A96211FF11F09E2A4C87762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:c5:8c:ca:59:81:77:0a:fb:4b:b4:32:26:8f:0d:c3:56:2d:
62:41:f5:af:50:f0:e5:72:88:f9:cc:c2:43:89:c5:bf:b0:60:
de:ba:2f:5a:3f:70:39:2a:17:49:c9:02:4c:90:e8:ad:f8:ab:
c9:b2:9d:74:7f:02:da:81:42:f9:1b:a4:b0:44:84:54:fb:a1:
38:58:4f:b6:2d:9b:4f:a1:48:84:c3:2c:54:ba:c4:4d:f7:f3:
77:14:ee:a3:03:24:0e:09:f8:ef:e0:e5:6f:2f:38:b4:8d:de:
d1:4e:8a:0d:52:a3:18:1a:17:96:f8:0b:08:3d:79:74:63:64:
68:d2:ee:fe:1b:49:4c:09:c4:c8:76:43:fa:de:bb:4a:76:7d:
2a:a7:3c:a9:93:2b:d9:bb:ef:cf:19:46:77:ee:3f:48:9b:ac:
c5:11:2b:19:63:d3:20:9c:41:58:56:47:98:40:ac:17:22:a1:
b3:d7:de:f7:8a:90:47:8f:1a:77:b7:de:d1:e4:0a:a0:22:0b:
27:73:cc:dd:49:fb:c6:48:91:dc:6c:96:4f:cb:2a:c7:26:b4:
2a:1c:6d:d6:2a:80:d5:53:e3:0f:96:4c:5d:b4:84:47:f0:95:
e8:9d:7b:99:f5:01:4d:31:b4:4d:f8:28:c8:aa:4f:a4:94:a9:
17:b9:48:d5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXfkMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDA1MDkyMzI1WhcNMjUwNTExMDkyMzI1WjAYMRYw
FAYDVQQDEw02N2YwZjY5MS1jYWJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAy2ahb6v9oqH17e9GUeLo7ozWpvo96+2ZJ0hm39bSVMzDcB8ksiKmbBAQ
xk/zlRI+9/8bLSgPep03HD1BjTZuMowwX+TcbUGTBzVDrmJzQd4PO3BJhBE6B8gQ
kSavHC3CsQ6A7hbslpr9fJFadN17NV8to1naJryqIhXrBbOPlZxD07DybZmYg3jD
Ec4v6CnIUnkJ9UQ9HdEnUuat8lz7xLdERY/Wfd/vFFgAmisDQNdLO94IGA7e39zC
uLhFBNo7ZErOkt6a8XcmukljJOal2quIadRqPCeWDqrJEt6L7Bgcj6Iqng73xr2I
bZ4+Vyvj9Qm33n4sFV96ONHlnsxBgwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA0z
2aj89mGffuXGsjdeV3aZf+VkMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9BMkQwQTk2MjExRkYxMUYwOUUyQTRDODc3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmtm0MA0GCSqGSIb3DQEB
CwUAA4IBAQAOxYzKWYF3CvtLtDImjw3DVi1iQfWvUPDlcoj5zMJDicW/sGDeui9a
P3A5KhdJyQJMkOit+KvJsp10fwLagUL5G6SwRIRU+6E4WE+2LZtPoUiEwyxUusRN
9/N3FO6jAyQOCfjv4OVvLzi0jd7RTooNUqMYGheW+AsIPXl0Y2Ro0u7+G0lMCcTI
dkP63rtKdn0qpzypkyvZu+/PGUZ37j9Im6zFESsZY9MgnEFYVkeYQKwXIqGz1973
ipBHjxp3t97R5AqgIgsnc8zdSfvGSJHcbJZPyyrHJrQqHG3WKoDVU+MPlkxdtIRH
8JXonXuZ9QFNMbRN+CjIqk+klKkXuUjV
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:02:35 2025 by rpki-client