Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D006748243F11F0A984FAEFDAE4EC9C.roa
File: 2D006748243F11F0A984FAEFDAE4EC9C.roa (raw, json)
Hash identifier: tnKGIMPoXMJRo71U0JSnRnNSqh5pimLw3t6vnszk2nU=
Subject key identifier: 8A:4B:F7:48:DC:16:DF:15:7B:4F:97:45:41:BC:BA:73:29:42:19:BF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017C18
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D006748243F11F0A984FAEFDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 14:43:41 +0000
ROA not before: Mon 28 Apr 2025 14:43:36 +0000
ROA not after: Mon 27 Mar 2028 14:43:36 +0000
asID: 17561
IP address blocks: 154.95.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97304 (0x17c18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 14:43:36 2025 GMT
Not After : Mar 27 14:43:36 2028 GMT
Subject: CN=680f941d-433f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8b:2f:c7:6b:9c:7f:12:55:ab:a0:8d:02:86:
6a:d3:0a:78:ad:82:4a:ca:70:c9:04:c8:b3:83:02:
59:f5:29:f4:02:46:57:47:b6:df:43:a9:9a:03:5e:
7c:69:3a:1b:33:0e:c3:18:ac:19:04:f3:76:50:3d:
7b:2b:19:c6:15:54:61:41:91:0f:b2:39:c6:1a:61:
f7:fb:7b:f5:3d:a7:5f:2a:1a:11:ac:8e:71:86:48:
51:0d:81:83:e9:c5:31:85:3e:44:8c:a5:8b:36:34:
9e:9a:42:22:4b:e0:67:00:3b:e0:b8:dd:e2:7e:20:
53:08:6e:c4:f7:b7:20:e3:1a:1d:d7:f8:c7:b3:cb:
a9:69:9e:f2:cb:e2:7f:b5:b8:7d:8e:dd:8f:53:48:
d7:47:24:06:9a:2c:e4:08:67:34:d1:de:15:d1:34:
7b:ed:9a:93:2d:e2:bd:be:05:65:5c:ea:b2:ba:d0:
bb:1d:a8:e0:53:ac:74:24:b2:7f:9f:28:37:40:1c:
31:85:30:50:d1:c2:3b:5e:58:5c:52:4b:ea:39:3c:
27:c9:c2:a7:87:46:9c:05:4f:37:45:5a:ac:5c:4c:
4b:39:11:89:0c:ec:82:5f:40:1c:0b:8d:48:cc:86:
64:b8:20:ad:ef:1d:ca:e7:05:12:18:82:bd:af:53:
18:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4B:F7:48:DC:16:DF:15:7B:4F:97:45:41:BC:BA:73:29:42:19:BF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/2D006748243F11F0A984FAEFDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.95.23.0/24
Signature Algorithm: sha256WithRSAEncryption
98:c1:e3:41:73:34:6a:b8:74:03:ec:87:c3:3e:64:82:ee:1f:
93:18:22:74:23:5c:e3:56:56:0d:bb:1f:99:c1:57:f6:d2:9c:
55:29:d3:7f:91:ef:5c:6e:bb:fc:4f:7d:db:21:0e:04:cd:c9:
e4:4f:3f:dc:4d:59:41:4b:d9:e6:df:59:ca:c6:79:ed:e4:9b:
d5:36:84:62:9b:35:54:04:71:93:dc:61:e8:f0:32:b1:e9:c1:
42:a8:33:37:61:a8:56:7c:ec:a6:85:c7:9a:9c:d3:0f:6a:f4:
99:dc:99:f9:6a:09:bd:e0:ac:1f:b0:a1:fd:03:e7:56:83:63:
75:4a:db:64:7e:75:01:88:72:33:fa:eb:24:f9:d8:16:ea:c8:
50:e4:f2:0d:3f:ac:3e:6e:8a:68:30:23:4e:56:8f:2d:21:fe:
78:48:b6:bf:06:65:0d:5a:cb:ef:29:c4:67:14:7b:79:98:74:
44:76:a9:1d:cd:37:bd:1a:f3:31:53:e2:a8:bf:d9:39:07:75:
75:b4:4f:ec:bc:70:38:60:ff:ba:5a:7e:0f:b6:94:b5:8c:db:
5d:46:b6:9c:41:3d:93:ff:52:d1:82:98:f7:42:e3:98:7f:28:
a7:99:56:92:62:50:18:6a:c2:c7:2f:71:5f:d4:49:de:c1:f8:
d5:e5:6c:bb
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXwYMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTQ0MzM2WhcNMjgwMzI3MTQ0MzM2WjAYMRYw
FAYDVQQDEw02ODBmOTQxZC00MzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxosvx2ucfxJVq6CNAoZq0wp4rYJKynDJBMizgwJZ9Sn0AkZXR7bfQ6ma
A158aTobMw7DGKwZBPN2UD17KxnGFVRhQZEPsjnGGmH3+3v1PadfKhoRrI5xhkhR
DYGD6cUxhT5EjKWLNjSemkIiS+BnADvguN3ifiBTCG7E97cg4xod1/jHs8upaZ7y
y+J/tbh9jt2PU0jXRyQGmizkCGc00d4V0TR77ZqTLeK9vgVlXOqyutC7HajgU6x0
JLJ/nyg3QBwxhTBQ0cI7XlhcUkvqOTwnycKnh0acBU83RVqsXExLORGJDOyCX0Ac
C41IzIZkuCCt7x3K5wUSGIK9r1MYdQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFIpL
90jcFt8Ve0+XRUG8unMpQhm/MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8yRDAwNjc0ODI0M0YxMUYwQTk4NEZBRUZEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAml8XMA0GCSqGSIb3DQEB
CwUAA4IBAQCYweNBczRquHQD7IfDPmSC7h+TGCJ0I1zjVlYNux+ZwVf20pxVKdN/
ke9cbrv8T33bIQ4EzcnkTz/cTVlBS9nm31nKxnnt5JvVNoRimzVUBHGT3GHo8DKx
6cFCqDM3YahWfOymhceanNMPavSZ3Jn5agm94KwfsKH9A+dWg2N1SttkfnUBiHIz
+usk+dgW6shQ5PINP6w+bopoMCNOVo8tIf54SLa/BmUNWsvvKcRnFHt5mHREdqkd
zTe9GvMxU+Kov9k5B3V1tE/svHA4YP+6Wn4PtpS1jNtdRracQT2T/1LRgpj3QuOY
fyinmVaSYlAYasLHL3Ff1EnewfjV5Wy7
-----END CERTIFICATE-----
Generated at Sun May 11 04:53:42 2025 by rpki-client