Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BAF5A28C8A311EF8EF17D61762E951A.roa
File: 1BAF5A28C8A311EF8EF17D61762E951A.roa (raw, json)
Hash identifier: HE/8PKoAp8c+ZKLGC96DC8QisQmDSZazKeMv9cijAZo=
Subject key identifier: A0:6F:66:63:A2:58:37:A9:43:74:2E:9E:E0:2C:66:34:FF:54:C0:6F
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 013130
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BAF5A28C8A311EF8EF17D61762E951A.roa
Signing time: Thu 02 Jan 2025 00:47:14 +0000
ROA not before: Thu 02 Jan 2025 00:00:11 +0000
ROA not after: Fri 12 Dec 2025 00:00:11 +0000
asID: 984
IP address blocks: 154.218.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 27 Apr 2025 13:23:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78128 (0x13130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jan 2 00:00:11 2025 GMT
Not After : Dec 12 00:00:11 2025 GMT
Subject: CN=6775e212-9e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:91:2c:97:16:0a:3a:55:94:0e:be:4d:2a:bf:
ab:1b:06:1a:6a:8b:42:f8:b2:d1:de:2b:20:d0:45:
0e:51:2c:db:ad:33:22:f3:96:9b:02:30:76:92:eb:
9e:67:90:85:d3:e2:81:96:53:f1:e9:5a:4a:ed:ba:
6b:59:ca:af:f1:95:3e:a7:5d:0c:4d:e9:91:66:c5:
f9:10:90:9c:12:cf:83:97:52:65:be:36:d5:60:c7:
6d:e9:f7:72:1b:73:64:7b:ed:c3:17:2b:94:53:27:
4f:4b:85:cc:2b:3d:1d:ae:5e:05:6d:a3:88:ea:0c:
48:13:94:98:5b:58:7d:b0:e4:75:5d:2c:a0:41:60:
88:8f:29:1f:91:44:f2:35:6d:dc:ed:e7:1b:9a:85:
c5:39:6a:53:e9:08:fb:c6:29:7c:30:05:09:95:0b:
1a:e2:71:d6:9d:a8:ce:fa:27:07:fc:72:12:cd:81:
a2:f4:a0:ea:21:84:4c:05:1f:ce:82:ff:85:75:ad:
a7:b9:38:3c:7d:78:8d:ac:e2:a2:a0:fe:1a:d9:ed:
3c:3b:2b:f0:7c:86:53:ce:12:92:2e:a1:03:88:17:
16:d9:d8:46:a7:27:3c:f8:a5:94:e1:c0:2e:19:bb:
5b:99:78:37:6c:7a:cc:5d:c9:c2:29:d4:50:67:ff:
ac:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6F:66:63:A2:58:37:A9:43:74:2E:9E:E0:2C:66:34:FF:54:C0:6F
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/1BAF5A28C8A311EF8EF17D61762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.218.52.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:3e:59:37:5f:e5:b6:ec:75:23:17:1f:6d:f2:e9:f7:af:66:
6f:8a:07:50:73:5b:b8:2f:a1:da:09:f0:4c:5d:e4:61:7d:b8:
96:ca:8a:31:aa:a4:7f:ed:af:e4:03:00:77:df:62:82:8f:7f:
d2:5e:98:34:ea:b7:69:82:9e:3f:ef:be:19:8c:62:93:78:fd:
88:ca:7a:2b:3c:b4:30:8c:c4:04:ab:40:50:16:64:48:c1:d1:
5f:b0:2a:46:35:2f:fb:36:b9:e2:00:8a:04:15:15:0d:53:08:
fb:47:dd:2d:ba:a3:56:2d:86:c7:83:90:1e:56:06:03:6d:ec:
e9:33:92:9e:73:e2:70:e9:84:7b:2d:de:6f:bd:75:62:08:f4:
b4:70:d1:0b:4d:a7:39:9f:48:3d:06:33:b4:b2:4c:63:ac:8c:
5f:7c:90:b0:ca:50:03:7c:b8:96:f5:6c:2d:d8:05:0b:b3:66:
44:8b:51:eb:d9:d2:27:46:86:c5:a4:5f:7c:2b:81:5f:dc:bf:
74:ee:14:9e:a6:68:4e:45:f5:1a:eb:4d:50:68:51:42:34:57:
98:3a:53:e3:7a:7a:3d:76:d1:03:aa:92:11:6a:7d:61:b8:06:
d9:e8:1e:39:c5:f2:1b:77:52:48:4e:ca:e0:b4:eb:c7:f2:78:
5f:31:de:97
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDATEwMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMTAyMDAwMDExWhcNMjUxMjEyMDAwMDExWjAYMRYw
FAYDVQQDEw02Nzc1ZTIxMi05ZTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAoZEslxYKOlWUDr5NKr+rGwYaaotC+LLR3isg0EUOUSzbrTMi85abAjB2
kuueZ5CF0+KBllPx6VpK7bprWcqv8ZU+p10MTemRZsX5EJCcEs+Dl1JlvjbVYMdt
6fdyG3Nke+3DFyuUUydPS4XMKz0drl4FbaOI6gxIE5SYW1h9sOR1XSygQWCIjykf
kUTyNW3c7ecbmoXFOWpT6Qj7xil8MAUJlQsa4nHWnajO+icH/HISzYGi9KDqIYRM
BR/Ogv+Fda2nuTg8fXiNrOKioP4a2e08OyvwfIZTzhKSLqEDiBcW2dhGpyc8+KWU
4cAuGbtbmXg3bHrMXcnCKdRQZ/+s1QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFKBv
ZmOiWDepQ3QunuAsZjT/VMBvMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8xQkFGNUEyOEM4QTMxMUVGOEVGMTdENjE3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmto0MA0GCSqGSIb3DQEB
CwUAA4IBAQDIPlk3X+W27HUjFx9t8un3r2ZvigdQc1u4L6HaCfBMXeRhfbiWyoox
qqR/7a/kAwB332KCj3/SXpg06rdpgp4/774ZjGKTeP2IynorPLQwjMQEq0BQFmRI
wdFfsCpGNS/7NrniAIoEFRUNUwj7R90tuqNWLYbHg5AeVgYDbezpM5Kec+Jw6YR7
Ld5vvXViCPS0cNELTac5n0g9BjO0skxjrIxffJCwylADfLiW9Wwt2AULs2ZEi1Hr
2dInRobFpF98K4Ff3L907hSepmhORfUa601QaFFCNFeYOlPjeno9dtEDqpIRan1h
uAbZ6B45xfIbd1JITsrgtOvH8nhfMd6X
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:09:14 2025 by rpki-client on console.sobornost.net