Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD9CC3B61F5A11F09C78EFBBDAE4EC9C.roa
File: CD9CC3B61F5A11F09C78EFBBDAE4EC9C.roa (raw, json)
Hash identifier: fr0HzQUJgYbN86CDYTHIu9Ht1SMtqg1ewWKpA6BncwE=
Subject key identifier: 2A:67:84:61:95:3F:2E:DD:0E:61:AE:93:B2:DC:AC:D2:0B:DD:E6:68
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017A86
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD9CC3B61F5A11F09C78EFBBDAE4EC9C.roa
Signing time: Tue 22 Apr 2025 09:18:51 +0000
ROA not before: Tue 22 Apr 2025 09:18:46 +0000
ROA not after: Wed 04 Jun 2025 09:18:46 +0000
asID: 395839
IP address blocks: 154.199.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 29 Apr 2025 00:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96902 (0x17a86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 22 09:18:46 2025 GMT
Not After : Jun 4 09:18:46 2025 GMT
Subject: CN=68075efb-8eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:19:93:d1:c7:42:ee:a3:3d:fd:6a:68:bc:53:
98:4c:c9:80:04:79:7b:d7:f6:50:38:f1:b4:fe:b2:
7a:42:38:b0:63:73:34:21:1d:ea:32:b7:fa:f0:ec:
c0:65:ba:dd:f4:0a:4a:fb:66:2b:ba:b7:4b:ea:3a:
37:87:be:cd:66:b3:05:e5:5c:e6:e4:7d:52:3f:30:
d0:68:e0:32:70:28:46:0c:7e:ff:f3:9c:00:3f:bf:
b1:ee:4b:f4:0c:2e:27:66:ab:a6:f4:d1:c2:76:96:
7d:66:10:c1:7e:4c:ea:53:33:a4:f7:1b:f1:8e:04:
f2:b9:ce:e9:64:dc:31:45:ae:47:19:81:0e:21:0b:
02:52:b3:8f:21:4e:0f:48:68:12:3b:92:f0:c6:37:
0c:2c:fe:17:c4:73:60:d4:e1:1f:55:d5:a3:c1:e4:
8a:2e:a3:6d:aa:86:c9:be:04:b0:94:9f:6b:c9:31:
4c:b2:22:70:11:2c:7b:4a:f2:a3:cf:27:73:4c:e1:
8e:35:5c:9a:c1:e4:69:95:6f:ed:80:8a:e3:13:e5:
28:3d:27:24:87:07:38:49:50:e4:34:eb:62:53:87:
92:9b:09:b5:80:92:2d:16:b1:80:65:b1:92:f1:91:
06:71:50:ac:ee:53:e0:6a:22:f1:39:1d:69:32:43:
7e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:67:84:61:95:3F:2E:DD:0E:61:AE:93:B2:DC:AC:D2:0B:DD:E6:68
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/CD9CC3B61F5A11F09C78EFBBDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.199.8.0/23
Signature Algorithm: sha256WithRSAEncryption
87:f8:4b:6c:6d:73:21:56:17:31:88:2c:1f:69:bf:69:76:f2:
d0:49:9a:2e:b1:f1:cf:ad:4e:f8:fd:ea:2c:19:56:6e:2f:fa:
27:40:3a:c5:56:93:15:e6:96:a4:8d:0b:a7:4b:04:c2:4f:ea:
a4:2a:07:87:24:db:f8:16:b5:37:f7:30:28:cf:95:4e:c1:2f:
25:61:5f:69:cd:de:80:de:37:a6:48:4b:db:6c:ab:c6:88:70:
5e:c8:3d:48:fe:67:c8:9d:d0:2d:38:a9:9b:33:a1:2a:63:17:
7d:ca:cb:e0:3d:93:39:25:25:18:51:70:58:29:91:15:a8:94:
86:ce:56:6c:10:3a:ff:79:60:1e:36:76:32:ba:8d:7d:a8:df:
26:19:18:d5:7e:a3:ae:bf:38:b4:fc:1b:8f:95:8b:2c:de:a0:
1a:24:8b:4e:b7:98:e9:0f:32:ce:be:d4:19:23:2d:3a:01:8b:
b5:a0:88:1e:1d:f3:bc:9c:61:6f:2c:ca:0b:68:76:9c:64:4b:
43:c3:01:3f:c6:b5:64:5f:1b:77:8d:e9:42:8a:41:fa:d1:5b:
79:47:c4:bf:36:e7:b9:b6:f5:06:9c:3c:75:e2:5c:38:03:2b:
0d:d3:55:82:91:ab:42:c0:ef:b7:cc:68:1a:bb:77:f1:34:61:
4b:cd:ed:1d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXqGMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDIyMDkxODQ2WhcNMjUwNjA0MDkxODQ2WjAYMRYw
FAYDVQQDEw02ODA3NWVmYi04ZWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvRmT0cdC7qM9/WpovFOYTMmABHl71/ZQOPG0/rJ6QjiwY3M0IR3qMrf6
8OzAZbrd9ApK+2YrurdL6jo3h77NZrMF5Vzm5H1SPzDQaOAycChGDH7/85wAP7+x
7kv0DC4nZqum9NHCdpZ9ZhDBfkzqUzOk9xvxjgTyuc7pZNwxRa5HGYEOIQsCUrOP
IU4PSGgSO5LwxjcMLP4XxHNg1OEfVdWjweSKLqNtqobJvgSwlJ9ryTFMsiJwESx7
SvKjzydzTOGONVyaweRplW/tgIrjE+UoPSckhwc4SVDkNOtiU4eSmwm1gJItFrGA
ZbGS8ZEGcVCs7lPgaiLxOR1pMkN+ewIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFCpn
hGGVPy7dDmGuk7LcrNIL3eZoMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9DRDlDQzNCNjFGNUExMUYwOUM3OEVGQkJEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmscIMA0GCSqGSIb3DQEB
CwUAA4IBAQCH+EtsbXMhVhcxiCwfab9pdvLQSZousfHPrU74/eosGVZuL/onQDrF
VpMV5pakjQunSwTCT+qkKgeHJNv4FrU39zAoz5VOwS8lYV9pzd6A3jemSEvbbKvG
iHBeyD1I/mfIndAtOKmbM6EqYxd9ysvgPZM5JSUYUXBYKZEVqJSGzlZsEDr/eWAe
NnYyuo19qN8mGRjVfqOuvzi0/BuPlYss3qAaJItOt5jpDzLOvtQZIy06AYu1oIge
HfO8nGFvLMoLaHacZEtDwwE/xrVkXxt3jelCikH60Vt5R8S/Nue5tvUGnDx14lw4
AysN01WCkatCwO+3zGgau3fxNGFLze0d
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:09:57 2025 by rpki-client