Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68274890211111F0A6300BADDAE4EC9C.roa
File: 68274890211111F0A6300BADDAE4EC9C.roa (raw, json)
Hash identifier: p29lY66ze6tk6Saiq6gyr8J5kN6+leWUNrZ/cQK6CQo=
Subject key identifier: 98:BB:CE:62:55:59:12:78:25:40:BC:93:B1:59:17:C8:48:78:3C:52
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 017AD3
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68274890211111F0A6300BADDAE4EC9C.roa
Signing time: Thu 24 Apr 2025 13:38:30 +0000
ROA not before: Thu 24 Apr 2025 13:38:25 +0000
ROA not after: Fri 30 May 2025 13:38:25 +0000
asID: 202656
IP address blocks: 154.200.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Wed 30 Apr 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96979 (0x17ad3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Apr 24 13:38:25 2025 GMT
Not After : May 30 13:38:25 2025 GMT
Subject: CN=680a3ed6-2939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:4d:7a:5b:73:6f:b6:cd:a3:f4:ec:df:93:
97:42:de:b4:3b:70:e7:42:ea:89:54:b3:77:99:5d:
d1:bd:09:86:18:c0:e4:2a:c2:44:fd:47:25:22:3a:
36:b9:fd:b3:c0:cf:6d:a2:69:8a:09:14:f2:54:5b:
7c:05:a1:7b:00:6b:60:ea:0b:0e:be:5d:8d:33:53:
34:59:ab:59:eb:65:51:9f:99:37:f7:26:6b:8d:8d:
f5:f0:21:70:ce:13:ad:24:d5:42:67:f9:b8:c7:d6:
79:98:53:ca:a4:8e:02:64:2d:3f:37:09:f9:ff:fc:
7e:42:d3:2a:f6:c4:13:b2:f9:e6:97:bb:e8:52:d7:
d0:67:a5:07:fd:fc:3d:81:6b:58:b2:aa:8f:19:c8:
85:3e:5a:db:01:94:5a:d0:33:a7:3e:90:21:4e:19:
db:25:fb:3c:65:96:73:f5:3f:31:6c:d7:26:8a:e2:
a9:a3:99:c2:e7:9b:c7:68:47:9a:16:a5:5f:f3:eb:
80:23:4b:b6:8f:9d:91:a4:4c:49:a6:7f:8e:c5:a2:
c8:a9:6d:0d:e4:e1:93:2e:48:fd:87:58:b6:20:eb:
16:83:8e:ad:42:24:8d:3b:f2:71:f4:7a:da:93:9b:
bd:14:7b:f6:a2:d8:d3:7f:c0:3e:f4:fc:37:40:a1:
b4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BB:CE:62:55:59:12:78:25:40:BC:93:B1:59:17:C8:48:78:3C:52
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/68274890211111F0A6300BADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.200.227.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:61:2e:4c:6f:f9:28:22:eb:25:ba:46:ca:8d:0b:99:7d:1b:
4b:21:35:4e:94:7e:40:2a:9a:f7:c2:9e:73:7a:fd:2d:c3:8a:
c1:6d:84:be:f1:be:bb:6a:41:27:ed:f7:79:5d:b0:03:97:a4:
d2:19:99:a3:a7:c4:12:5e:b6:57:68:4f:df:1c:8f:58:65:6d:
0c:7f:2e:41:d5:4e:02:6e:12:3c:17:92:98:6e:79:59:0b:4f:
a3:5a:b0:dc:56:86:42:e2:aa:08:7a:bc:ba:ea:38:3c:0f:e6:
6c:21:08:f4:75:b5:43:64:7b:bc:16:40:34:1f:e7:2d:0c:60:
cf:6f:f8:86:03:92:ee:2e:80:8e:c6:e2:73:64:8b:47:27:59:
d6:3e:7a:1b:95:4d:b8:cb:c2:05:f6:2f:ea:32:3c:f9:d0:e5:
e1:07:fa:e5:0b:b2:6d:f6:08:75:d0:c3:7a:1f:e2:41:af:08:
9e:da:75:6e:26:bf:3f:11:ff:6e:ca:57:a3:9b:f1:66:de:cc:
f7:e8:e8:f2:6c:dc:bb:b1:50:bc:a2:49:0b:d8:a9:ec:fc:8e:
e0:36:1f:db:05:2d:2a:28:dc:d7:62:74:e3:14:fa:7b:fc:2e:
88:29:b7:f7:7e:8f:a3:c3:92:1e:41:73:24:39:63:ae:fd:29:
e1:b9:fd:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAXrTMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNDI0MTMzODI1WhcNMjUwNTMwMTMzODI1WjAYMRYw
FAYDVQQDEw02ODBhM2VkNi0yOTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAydxNeltzb7bNo/Ts35OXQt60O3DnQuqJVLN3mV3RvQmGGMDkKsJE/Ucl
Ijo2uf2zwM9tommKCRTyVFt8BaF7AGtg6gsOvl2NM1M0WatZ62VRn5k39yZrjY31
8CFwzhOtJNVCZ/m4x9Z5mFPKpI4CZC0/Nwn5//x+QtMq9sQTsvnml7voUtfQZ6UH
/fw9gWtYsqqPGciFPlrbAZRa0DOnPpAhThnbJfs8ZZZz9T8xbNcmiuKpo5nC55vH
aEeaFqVf8+uAI0u2j52RpExJpn+OxaLIqW0N5OGTLkj9h1i2IOsWg46tQiSNO/Jx
9Hrak5u9FHv2otjTf8A+9Pw3QKG0tQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFJi7
zmJVWRJ4JUC8k7FZF8hIeDxSMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC82ODI3NDg5MDIxMTExMUYwQTYzMDBCQUREQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmsjjMA0GCSqGSIb3DQEB
CwUAA4IBAQBLYS5Mb/koIuslukbKjQuZfRtLITVOlH5AKpr3wp5zev0tw4rBbYS+
8b67akEn7fd5XbADl6TSGZmjp8QSXrZXaE/fHI9YZW0Mfy5B1U4CbhI8F5KYbnlZ
C0+jWrDcVoZC4qoIery66jg8D+ZsIQj0dbVDZHu8FkA0H+ctDGDPb/iGA5LuLoCO
xuJzZItHJ1nWPnoblU24y8IF9i/qMjz50OXhB/rlC7Jt9gh10MN6H+JBrwie2nVu
Jr8/Ef9uylejm/Fm3sz36OjybNy7sVC8okkL2Kns/I7gNh/bBS0qKNzXYnTjFPp7
/C6IKbf3fo+jw5IeQXMkOWOu/Snhuf2J
-----END CERTIFICATE-----
Generated at Mon Apr 28 22:54:49 2025 by rpki-client on console.sobornost.net