Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E8461CA243711F09805C1BDDAE4EC9C.roa
File: 3E8461CA243711F09805C1BDDAE4EC9C.roa (raw, json)
Hash identifier: x6brEMZCpmTifoqxiLnI3FGGaPlpmHivFFAH2J4L2QU=
Subject key identifier: 53:34:36:33:2C:B0:9C:6B:B8:15:5D:C9:AA:D2:65:6D:11:52:FE:80
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017BF7
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E8461CA243711F09805C1BDDAE4EC9C.roa
Signing time: Mon 28 Apr 2025 13:46:54 +0000
ROA not before: Mon 28 Apr 2025 13:46:49 +0000
ROA not after: Sat 25 Mar 2028 13:46:49 +0000
asID: 17561
IP address blocks: 154.198.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 13 May 2025 00:06:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97271 (0x17bf7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 28 13:46:49 2025 GMT
Not After : Mar 25 13:46:49 2028 GMT
Subject: CN=680f86ce-0ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cd:65:93:78:39:78:71:2d:4f:b1:83:55:c6:
94:6e:e7:f6:01:54:a1:6d:b9:81:f4:91:be:9c:32:
24:3c:59:6c:9c:26:92:db:7b:45:ef:f6:c9:22:ea:
75:53:53:5f:5a:d1:ff:08:4d:2f:1a:1e:aa:26:c0:
5e:99:c9:5f:90:52:ea:82:a6:bb:f5:23:6f:ad:91:
43:73:8a:b2:4d:7f:d4:5a:a2:83:fe:98:50:a5:1e:
d4:e7:bd:fc:f1:50:86:be:dc:11:f3:bd:31:e9:c6:
ae:23:da:42:5f:2f:10:11:f9:3b:2b:d8:81:8f:8c:
8d:3e:13:6d:44:13:64:d1:c0:5f:20:9c:2d:9c:db:
d4:ec:99:d4:4f:38:7f:2d:1a:77:26:b1:e5:c6:4b:
ac:03:8e:22:cb:f0:b6:9f:02:63:0d:65:db:42:b3:
f4:1f:27:d0:21:bd:14:d6:2a:00:66:30:0c:eb:58:
68:a1:3c:c1:52:0a:3e:18:03:4d:27:84:e3:b9:63:
40:4d:31:54:6c:15:8d:67:a0:f1:f5:f9:7c:18:55:
3c:ad:ec:4a:8c:fc:6c:76:f0:f6:15:ba:04:db:e7:
a0:01:ac:bd:09:1c:a2:45:8b:6a:fd:f5:e2:3b:16:
f7:c7:a3:01:34:e1:7b:4a:4b:b6:1b:ec:9d:93:46:
84:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:34:36:33:2C:B0:9C:6B:B8:15:5D:C9:AA:D2:65:6D:11:52:FE:80
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/3E8461CA243711F09805C1BDDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.198.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:01:00:d7:95:43:59:af:4a:7d:4c:e5:d6:fc:02:ca:7b:29:
81:7b:e1:ff:3a:51:1e:7b:5c:d8:40:a9:93:5b:28:f6:7a:62:
1f:77:dc:23:41:51:6b:ae:df:02:1c:12:e7:00:c1:d9:47:7c:
99:65:0b:fc:b8:5e:97:b3:3a:53:33:4a:ee:bc:1d:5a:e5:24:
6b:3f:a9:20:f5:74:be:05:4e:06:8c:f5:00:a6:9c:38:23:39:
7f:6c:4b:d6:db:76:3d:b8:09:02:aa:1b:5c:29:16:7d:90:7c:
21:d2:bb:c0:9e:52:db:cb:81:52:63:19:10:b5:56:76:65:1e:
48:0f:d5:69:5e:a3:34:83:7c:4e:59:15:f2:06:aa:4e:d7:27:
91:3c:af:cd:2a:ab:2e:f1:1a:f8:0f:00:a1:0a:31:a0:9c:22:
cc:e2:d4:55:18:85:db:70:b7:9f:0c:42:c7:45:f3:80:b2:66:
fb:cb:75:69:94:91:11:9f:e9:79:7b:c8:0a:23:7b:c5:79:bc:
f5:81:01:84:d0:65:64:62:33:6a:2f:48:45:b8:d0:45:b0:46:
dc:e1:cb:e9:71:ac:b9:7f:be:fa:3d:57:93:64:c5:19:fa:0c:
10:ec:04:ac:37:ac:65:fd:0b:c6:a5:cd:5a:77:9d:0b:14:75:
d4:74:79:b8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXv3MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI4MTM0NjQ5WhcNMjgwMzI1MTM0NjQ5WjAYMRYw
FAYDVQQDEw02ODBmODZjZS0wY2VkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqM1lk3g5eHEtT7GDVcaUbuf2AVShbbmB9JG+nDIkPFlsnCaS23tF7/bJ
Iup1U1NfWtH/CE0vGh6qJsBemclfkFLqgqa79SNvrZFDc4qyTX/UWqKD/phQpR7U
57388VCGvtwR870x6cauI9pCXy8QEfk7K9iBj4yNPhNtRBNk0cBfIJwtnNvU7JnU
Tzh/LRp3JrHlxkusA44iy/C2nwJjDWXbQrP0HyfQIb0U1ioAZjAM61hooTzBUgo+
GANNJ4TjuWNATTFUbBWNZ6Dx9fl8GFU8rexKjPxsdvD2FboE2+egAay9CRyiRYtq
/fXiOxb3x6MBNOF7Sku2G+ydk0aEkwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFFM0
NjMssJxruBVdyarSZW0RUv6AMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zRTg0NjFDQTI0MzcxMUYwOTgwNUMxQkREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsYHMA0GCSqGSIb3DQEB
CwUAA4IBAQAtAQDXlUNZr0p9TOXW/ALKeymBe+H/OlEee1zYQKmTWyj2emIfd9wj
QVFrrt8CHBLnAMHZR3yZZQv8uF6XszpTM0ruvB1a5SRrP6kg9XS+BU4GjPUAppw4
Izl/bEvW23Y9uAkCqhtcKRZ9kHwh0rvAnlLby4FSYxkQtVZ2ZR5ID9VpXqM0g3xO
WRXyBqpO1yeRPK/NKqsu8Rr4DwChCjGgnCLM4tRVGIXbcLefDELHRfOAsmb7y3Vp
lJERn+l5e8gKI3vFebz1gQGE0GVkYjNqL0hFuNBFsEbc4cvpcay5f776PVeTZMUZ
+gwQ7ASsN6xl/QvGpc1ad50LFHXUdHm4
-----END CERTIFICATE-----
Generated at Sun May 11 13:29:01 2025 by rpki-client